Slashdot Mirror
Electronic Medical Records, the Story So Far
StupidPeopleTrick writes "After the executive order signed in 2006, states are making strides with privacy breach notification but are struggling with enacting privacy laws and finding funding.
With looming deadlines to move to e-records and e-prescribing, where will the money and the privacy standards come from?"
With looming deadlines to move to e-records and e-prescribing, where will the money and the privacy standards come from?"
The VA hospitals and clinics have an open source package called VistA (Veterans Health Information Systems and Technology Architecture). Veterans can walk into any facility and have their medical records available.
And we already paid for it!
http://www.va.gov/VISTA_MONOGRAPH/
"There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy." Hamlet (I, v, 166-167)
frist posts? whoot!
Scary thing is... they'll get away with almost anything w.r.t. privacy. Average Joe, plumber or not, doesn't seem to care much.
I wonder why?
I find it rather amusing that "Electronic Medical Records, the Story So Far" is a complete non-story.
It's not exactly rocket surgery.
The most disturbing thing is that the government doesn't tell what information they have and what they do with it, they are big black boxes now. One day the point might be reached when the people have enough of it and start destroying in some way.
Their Health Services are actually very well done conceptually, and they've managed to put the patient in the loop. That's impressive given the degree to which patients are usually out of the loop on their own files. They're also a lot more security-conscious than your average hospital.
My father called the hospital the other day and gave them his name, and they asked "Is your social security number XXX-XX-XXXX?"
(Most medical records today aren't things that patients get--MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.))
Microsoft still have some work to do, but they've put a lot of good talent into the area.
One thing about electronic records in general--patient accessible ones--is that it should make a difference in accountability. Normally, at many hospitals in the US, if a doctor makes a significant mistake the records disappear. If patients have direct access to their own records, that will become a less common practice.
--- Thousands are enslaved every day.
...we are already starting with the "EPD" (Electronic Patient Record) this year.
Every citizen to which it applied got a letter in their home, from the government, asking if they wanted to object. For this they had to reply using the included form and a copy of their ID.
Until now, approximately 500.000 objections have been sent in.
Just last week, the government proposed hard actions against those who violate the "EPD", such as high penalties. Insurance companies are not allowed access to the EPD and doing so would give the patient an immediate right to go to a different insurance company.
Let's be frank - these 500.000 people understand the one and only true thing about EPD : once information is out in the open, you never going to get it back in.
Just a while ago I got my own medical file from my physician - I am in my 30s - which contained 6 pages of text...
That's not a huge load of information, and makes it very easy to copy. Once out, anyone knows my complete medical record from my birth onwards. A penalty against misuse would thus not work, it would simply be used to blame any messengers that stand up and find flaws in the security.
One such flaw was already found last year: most hospitals (yes - publicly accessible hospitals) don't password protect their terminals.
Argument ? In an emergency, they do not want to put up the physician with all those tough things like entering passwords.
I respect the ideas of your new president, but I think he should definitely think again when implementing this - information wants to be free.
Solutions ? Maybe give only the patient the private key to unlock the medical database. It was an argument here, but was quickly thrown away on grounds of "much too difficult" and "what in an emergency" etc. Until that solution is seriously looked upon, or at least until the security of it all is completely looked after, my vote against this would be a big fat "no way".
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
I will tell you about the UK experience of computerised medical records.
The government wants everyone's medical records on a database, searchable by who knows who for whatever fishing expedition they want (including giving this private data to drug companies and the EU), no justification of their actions is required. The records are not secure, we already know that because the government lost 26 million taxpayers records in one go, and that's supposed to be a secure system.
So far the scheme has burnt through £16bn (about $24bn), it still mostly does not work, is years behind schedule, and is expected to burn through another £8bn.
If like me you object to your medical records being computerised and being available to any member of the state for their fishing expeditions, your doctor will tell you to get lost.
Like it or not, the state will do whatever it takes, and will not care what laws are already in place (like data protection laws) to stop such schemes.
Take Nobody's Word For It.
<?xml version="1.0"?>
<ClinicalDocument xmlns="urn:hl7-org:v3" xmlns:voc="urn:hl7-org:v3/voc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:hl7-org:v3 CDA.ReleaseTwo.CommitteeBallot03.Aug.2004.xsd" templateId="2.16.840.1.113883.3.27.1776">
<title>Consultation notes</title>
<body>Patient is an incorrigible troll. Recommend medevac to an appropriate jurisdiction and performance of lobotomy. Note: This procedure may or may not result in reduced intelligence or motor skills, as levels between this patient and previously lobotomized patients proved comparable.
</ClinicalDocument>
I hate printers.
In the 1980s, a Scientific American article by David Chaum, and an article from Germany on electronic prescriptions (sorry, no links, it predated the web), educate me about the possibility of electronically secured prescriptions.
Basically, by creative use of encryption, it is possible to create an electronic prescription that
(1) lets the pharmacy know that the prescription is authorized, and how it is paid for without revealing the name of the patient or the doctor. (2) similarly allow the insurer, the patient, the doctor and government, access to information they are authorized to have without disclosing anything more.
The same can be applied in all areas involving privacy and access to electronic records. Encryption can be used to actively limit access to authorized purposes without depending on the lack of human error.
Isn't is about time that we started using technology in these creative ways to achieve privacy levels as high as technology allows? How about an open source effort to publish papers and algorithmic examples showing how this can be done in an attempt to influence policy?
I understood Obama's spokespeople to making a big deal about moving to electronic records. Are you telling me that it was actually Bush who made it happen?
My father called the hospital the other day and gave them his name, and they asked "Is your social security number XXX-XX-XXXX?"
Ummm anyone else see a problem with this?
Solutions ? Maybe give only the patient the private key to unlock the medical database.
Then, if he refuses to give access to his private medical data, he will be denied whatever he is applying for: an insurance, a job, a sports license, etc...
The best way to ensure your freedom and privacy is to either *not* give you the key (so that no one can force you to release your data) or give you an *alternate* key to an edited version purged of anything you don't want to show.
Ooops, they shouldn't ask that.
Social Security (Or national insurance number in the UK) is a privileged piece of info. It's a great loophole to acquire someone's number given you know their name and address (phone up hospital, give the name and address, and voila, they give you back the person's Social Security number).
If you ask for name and date of birth, you can confirm with address. In other words, you're asking for more privileged information than you give back, the combination of all three is sufficient to identify the person. Either that, or you ask for their social security number. It's bad practice to hand back more privileged info than you receive.
Also, patients seeing medical records won't affect accountability one jot.
Currently there are several levels of 'intervention' in hospitals. When a doctor notes something, or requests a procedure or medication, the request goes past an intervention group. For medication, this would be a Pharmacy intervention group. They'll check the patient notes to see what's being treated, check the medication requested, make sure the dosage is correct (in case the doc has accidentally requested 10g instead of 10mg, or vice versa), check it doesn't interfere with other drugs, or even query in case it's not a drug that would affect the condition at all.
If the doc has got it wrong, they'll log it, and get in touch with the doc quickly to verify the request, and if the doc was wrong, they'll advise the correct dosage/medication for the doc to agree. This happens in a busy hospital, which is why the procedures are in place to catch it. Occasionally, something will slip through all layers (nothing is perfect). In those cases, the absence of notes in the medical records when they are noted as ok'd elsewhere, or queried in intervention is a serious issue, possibly more so than being wrong.
Having good and consistent notes gives the hospital a chance to win a case. Absence of notes is always a losing strategy, as in court, the default is to find against the hospital.
Having direct access to records is not always a great idea. For one, most people won't understand what's there (and no, reading up on the internet won't always make you understand either).
Having a medical 'fishing trip' would show up.. And some conditions that are quite mild, may present symptoms of something that could also be very dire. And if all that's happening is they're doing tests to discount the dire ones, who would feel comfy being checked for cancer, AIDS, or some other nasty, and seeing that test being carried out, when the real expectation is that it's not, they simply want to PROVE it's not.
Ignorance, in many cases, really is bliss.
Plus, if you can get at it, I can guarantee others can too, by some route or another. Personally, I don't trust patient accessible records.
If the medical records disappear under the supervision of the stated hospital, then it's the hospital responsibility.
I don't think that the hospitals will want that liability!
The video I have linked in the post below will give you an idea of how quickly we'll solve this problem...
http://osrin.net/2008/12/the-rapid-deployment-of-electronic-health-records/
There have been several times where I have picked up prescriptions that cost less than my $15 co-pay.
In those cases the pharmacist just says "You are better off skipping the card this time."
Pocketing over-payments and kick-backs like you describe are probably illegal in most jurisdictions.
This issue is a bit more complicated than you think.
Basically, EMRs are very dangerous in countries that don't have free universal healthcare, like ours, because they promise to make it far easier for insurance companies to identify medical risks (their euphamism for sick patients) so they can be avoided or dumped.
Obama pledged to lower costs a tiny amount for normal families. Obama has a huge amount of support from the insurance industry on this because they have been pushng EMRs for years as a a way to eliminate the assymetric information held by patients about their own health status.
Currently, patients know more than insurance companies leading dangerous customers who represent medical risks to be more likely to buy insurance.
To lower costs for "normal families", they must raise costs for the chronically ill or reduce the number of them who receive coverage. (Triage)
The Obama's priority is improving the statistical "coverage" of the healthy employed. The dark side is that the 20% or so of Americans who have any kind of chronic illness, and to a lesser extent, first degree relatives of them (children, siblings, parents) will still find it harder and harder - next to impossible - to get insurance outside of a large medical group, (small employers will see huge price rises if they cover a medical risk) Eventually, finding any kind of employment for medical risks will become very difficult, and they and their families will become a marginalized underclass, not unlike the film "Gattaca".
We price insurance by risk. That is the one most non-negotiable part of Obama's healthcare platform.
People who are known to be sick or are related to them are known risks. The so called "fair price" to insure known risks is high.
The only solution possible that would preserve our current 1/3 cut insurance model (very important to those in Washington today) might be to offshore the care of the sick. Medical emigration and marriage out of medical insurance necessity are already skyrocketing, a recent nationwide study found. (17% of Americans have a close friend or family member in that situation)
because they help the medical and insurance sectors to be more profitable by helping them avoid the customers who represent the highest claim risks while lowering costs to healthy customers. Their employees represnt a BIG source of money to politicians.
My father called the hospital the other day and gave them his name, and they asked "Is your social security number XXX-XX-XXXX?"
You mean that if you call that hospital and pretend to be person X (known to have have been in there sometime), the hospital will happily give you the SSN that's recorded for person X ? Over the phone, with no further checks or guarantee(s) on the identity of the caller?
Not that SSN's are well protected anyway, but if the above is true you should definitely take it up with higher management of that hospital (to adjust procedures / staff education etc. hospital-wide), because that's a serious privacy leak. If same thing still works after, say, a couple of months from then, I'd even consider reporting that hospital to whatever government body you can find that has the power to 'punish' hospitals for things like this. If any such government body exists, that is ;-(
Most medical records today aren't things that patients get
From what I've seen myself, and heard from family members etc. that appears to be the default - to keep patient, and medical data on that patient, in separate places. But why ??? Can anyone from the medical profession enlighten us what's wrong with patients studying their own X-rays, reviewing lists of drugs to be used in the course of a (planned) operation, or re-reading a diagnosis? And I'm talking totally separate from the issue of how much influence a patient should have on these things. Is medical data only interesting to doctors etc., but not for patients themselves? Are well-informed patients a nuisance, or what? What do medical professionals think of this?
MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.
Even more than privacy, that should be the focus for medical records: an audit trail. You start with an empty record, and for every little bit of data that gets added, edited, removed, and even accessed there is a hard, unforgeable proof of who did it. What doctor added that X-ray pic, which nurse looked at what medication was prescribed to you earlier, etc. etc. Perhaps with an automatic notification policy? Patients' record updated -> update notification sent to patient.
An unforgeable ID for anyone accessing that record would be minimum requirement. And stiff penalties for abuse. Shared passwords, terminals accessible by multiple people (and perhaps out of sight) would be unacceptable by definition.
Um, yeah. Social Security numbers are not universal ID numbers. They should be used solely for, get this, Social Security.
Unfortunately, the medical industry uses SS# on just about everything. In most facilities, they even try to use it as the Medical Record Number! Try to get appropriate care without giving them your SS# and see what happens (I have tried... good luck). And now just about every industry has some excuse as to why they *have* to have access to your SS#. Credit of any kind. Drivers license. Movie rental. Home insurance. You name it.
Anyway, SS#'s are the #1 way that information about you is tracked, "shared", associated, identified, etc. It is a huge security and privacy problem. There is a reason that when the Social Security Number was invented, it included laws about it was *NOT* to be used for any other purpose but Social Security. You can see just how effective those laws were.
I can not lay my hand on the part of the Constitution that grants such a power to the Executive. And for good reason. The power to make laws was given to the People's and the States' Representatives in Congress, where the law may be debated and the people's support (or non-support) elicited.
The power to make law should never lie with just a single man, especially one who does not listen.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
Patient is an incorrigible troll. Recommend medevac to an appropriate jurisdiction and performance of lobotomy.
I watched a documentary some time back on the problems associated with the dire shortage of primary care physicians in the US. One of the more interesting conclusions it offered was that patients who see a primary care physician on a regular basis are both healthier (frequent visits encourage healthy lifestyles), and cheaper (preventative measures are invariably cheapier than after-the-fact treatments). The doctors, for their part, noted that often their patients just wanted to talk with someone about their problems and felt better after having done so.
If you're a doctor, be kind to the trolls. If there's no obvious or measurable benefit for the patient, the placebo effect should more than make up for things.
(Most medical records today aren't things that patients get--MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.))
IANAD (but I will be one in 5 months or so). If that is Microsoft's position, that is the stupidest fucking thing I have ever heard. Worse than Clippy. Worse than Bob. Look, a patient's medical record is supposed to be an OBJECTIVE documentation of a patient's health status and treatment. How, exactly, is a patient qualified to make an objective assessment of their medical problems, diagnostic workups and treatment regimens?
One thing about electronic records in general--patient accessible ones--is that it should make a difference in accountability. Normally, at many hospitals in the US, if a doctor makes a significant mistake the records disappear. If patients have direct access to their own records, that will become a less common practice.
Well, that's just complete BS. I don't know where you get your information, but altering a patient's medical record is illegal and, at the very least, will result in a physician's suspension of privileges from a hospital... and most likely, a revocation of their medical license.
Btw, your patient record is completely accessible. You just have to make a request to the medical records office. No, it's not available on the web, but it's not as if your MR is a secret like your FBI file.
I can make some suggestions:
1) Stay away from consultants (Ass-end-tour, Toilet and douche, etc). You'll get ten cents goods or services for every dollar you spend. They won't have the expertise they say, and the "facts" they provide you will generally be wrong (and you'll have to fix the problems later).
2) Be wary of vendors. Spec out exactly what you want, and include penalties for not meeting specs (we've actually had vendors openly acknowledge that they didn't deliver what they promised, but it didn't matter cause they got the money).
3) Don't let pipe dreams trump privacy. In the rush to get your money, many will try to brush off privacy concerns as an annoyance. Don't let them! There countless scenarios where the most innocent information can make a saint look like a sinner.
well, that's a start. And, I need coffee. But, please consider that all of these suggestions are based on actual experiences from the HIT field. If they seem like flame bait, that's just cause things really are that bad.
I am talking, of course, of private health-insurance companies.
The obvious cost-effective solution is to get rid of them, and implement an universal, single-payer insurer that would cover absolutely everyone (no opting-out) with exactly the same coverage (no more time wasted to figure out if some procedure is covered or not).
Since coverage of everyone will be compulsory, there will be no more need to discriminate for pre-existing conditions, thus removing the need for intrusive record snooping in the first place.
In fact, such a solution is currently in place in **ALL** the industrialized countries, except in the USA.
There shall be no more pussyfooting around the bush with this issue, the bull's apple need to be bitten by the horns right now.
In addition to finally covering everyone, the USA will no longer be a turd-world country and a laughingstock in respect to health-care, and in bonus, all the rotten parasites that fester in and around private health-insurance companies will be forced to find an honourable way of paying the bills.
Well there's an interesting debate on EMR, including some physicians.
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
Every time I've had X-Rays taken at a hospital the doctors have shown them to me, complete with explanations of what they found or didn't find in them. They also always explain what drugs they are going to use, and when--with the one exception of anesthesia. Anesthesia is a tricky process which has to be monitored and adapted continually, so I'm quite happy to let the professionals handle it. The problem with letting people edit their own records is that people generally don't know enough to argue with the doctor's diagnosis (else why did they go to the doctor in the first place?), and the things they would know, like their symptoms and history, are already written mostly in their own words. Plus, if an uncooperative patient genuinely prevents a doctor from providing the best medical care, and the doctor notes such a thing on the chart, what do you think that patient is going to do? Or the people who go to the ER just to get narcotics--do you think *they* would be honest with their records?
I'm a psychologist and work for a large clinic (93 clinicians, 25 support staff, five clinic locations and a lot of "out in the field" services). My specialty is nursing home services; there are about 15 of us in the nursing home division and we work in about 150 nursing homes. Often a client is referred to me and it turns out they were seen by a colleague in another nursing home. If we had an EMR that I could query remotely, I could find that out and streamline the delivery of services and provide better care. This would be the "added power" part of the discussion and the rosy picture that EMRs present
The flip side is that computer security is not reliable. Any system connected to the outside world can be hacked remotely one way or another. We have thousands of clients with a lot of sensitive data sitting in our files, currently in locked cabinets behind two locked doors with limited access to maximize security as much as we can. The risk of data exposure is minimal and happens as a result of sloppiness by practitioners (e.g. leaving a file sitting on a desk unwatched). With an EMR, however, the risk of exposure is potentially much higher (e.g., downloading *all* the files instead of swiping or reading just one).
We have made no provisions for using an EMR in our clinic. We have a computerized billing system which contains insurance information and diagnostic codes- only the information required to send out a bill- but none of our clinical records are in an EMR. AFAIK we are not required to do so.
After the executive order signed in 2006,
And from the article...
President Bush issued an executive order that requires certain federal programs (including Medicare) to develop interoperable HIT systems.
What the heck is an executive order, and from what does the president derive this mystical power?
(Most medical records today aren't things that patients get--MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.))
IANAD (but I will be one in 5 months or so). If that is Microsoft's position, that is the stupidest fucking thing I have ever heard. Worse than Clippy. Worse than Bob. Look, a patient's medical record is supposed to be an OBJECTIVE documentation of a patient's health status and treatment. How, exactly, is a patient qualified to make an objective assessment of their medical problems, diagnostic workups and treatment regimens?
Who has the most to lose if somebody fucks up a medical record? That's the person who should have the final say about the contents. Authority without responsibility is a major part of what has fucked up our medical system today.
When information is power, privacy is freedom.
The use of SSN is problematic.
Not everyone has one, and some
folks use fradulant ones. The
SSA has at least 4.1% internal
error rate using SSN as an ID.
And the FTC will soon enforce
the 'Red Flags' rule, having a
chilling effect such that most
health care leaders depricate
the use of the SSN in med recs.
I AM A DOCTOR. 11 years medical informatics. 16 in medicine in general, 6 years medical devices.
And you need an attitude check, if for no other reason than your experience is insufficient to the matter at hand.
(1) The patient record IS owned by the patient (and the hospital/provider)
(2) All 50 states mandate access to the record by the patient
(3)Hospital records are routinely lost and routinely we do not enter crucial data because of liability reasons. A fact-on-the-ground, if you will. Never mind it is actually counter-productive and the best documents are the best defense, with the majority of docs actually winning the lawsuits.
(4) Larry Weed's arguments on patient's owning and understanding their record have never been refuted (You might know him differently, as he invented the SOAP note)
(5)Many patients have a better and more intimate understanding of their condition (and the tests they underwent) than you give them credit for. You might want to learn to properly listen to your patients and credit them for being more than stupid cattle.
(6) And your MedRec SHOULD be more secret than your FBI file. As a man suffering from condition that routinely cripples him once a year, if that info was known to Tom Dick or Harry Employer I would unemployable even though I only lose a day or two of work a year, they would freak. Just think of the HIV stigma that AIDS *testing* brings to the fore. Never mind I have had to have 3 of those tests for various reasons, NONE having to do with exposure.
Who has the most to lose if somebody fucks up a medical record? That's the person who should have the final say about the contents. Authority without responsibility is a major part of what has fucked up our medical system today.
By that logic, passengers on a flight should be allowed to edit the contents of the flight data recorder.
Look, I'll re-iterate my point. The electronic medical record is intended to be an objective record of a patient's health assessment. A patient is not qualified to make an objective assessment of their health status. They're able to make subjective reports that are recorded in the medical record. A medical record does not work if it gets to be edited. In fact, many successful lawsuits have hinged on the fact that the medical record had been added to or edited after the fact. At the risk of sounding cocky, I honestly don't think you understand what the medical record is, if you think that a patient should be allowed to edit it.
To read it, sure. To comment on it to their physician, sure. But to edit it, no f'ing way.
Who has the most to lose if somebody fucks up a medical record? That's the person who should have the final say about the contents. Authority without responsibility is a major part of what has fucked up our medical system today.
By that logic, passengers on a flight should be allowed to edit the contents of the flight data recorder.
Only if you are more interested in making specious arguments.
Look, I'll re-iterate my point. If a person's medical record gets fucked up, they could end up dying as a result.
Nothing trumps that. Nothing.
When information is power, privacy is freedom.
The old information is there, I believe, and you know what the patient did. It is, ultimately, the patient's record, and if he sees something that is obviously incorrect he should be able to note that without the added hassle and expense of a doctor's visit for... correcting the record. The audit trail makes it workable.
The problem isn't always one of qualification--sometimes it's one of a doctor who didn't listen or who jotted something down quickly which--while accurate--was woefully incomplete.
As to the records disappearing, it's not BS. At a good hospital, they usually don't. But there are a lot of hospitals that are not good. When the risk of a law suit presents itself, medical records often disappear, become deliberately vague, or flat-out lie. Medical ethics classes notwithstanding. When a patient gets a staph infection from a needle prick at a hospital, the doctor will avoid telling the patient or noting in the record how it happened. When an almost criminal misdiagnosis results in multiple unsucessful surgeries rather than detecting a cancer (which the symptoms suggested), the records disappear.
I'm not saying it happens everywhere--but it does happen regularly, and more frequently than you think. Medical ethics aren't as strictly adhered to as the ideal would suggest. They should be, for the most part, but they're not. There are still docs people go to for notes to get off work, who practice insurance fraud in exchange for the notes and deal drugs out the back door. There are still hospitals where washing hands before touching a patient, and not touching non-sterile surfaces after washing hands, are not common rules. Yes, in the U.S.
A patient in the ideal case has immediate access to his records. But a request for records that are obviously about something that was done wrong in the past is a red flag for a lawsuit.
--- Thousands are enslaved every day.
Only if you are more interested in making specious arguments.
Look, I'll re-iterate my point. If a person's medical record gets fucked up, they could end up dying as a result. Nothing trumps that. Nothing.
And exactly how would letting patients haphazardedly edit their medical record going to do a thing to prevent that?
Do you even know what a medical record is?
And exactly how would letting patients haphazardedly edit their medical record going to do a thing to prevent that?
Gee, I don't see any words to the effect of "haphazrdly edit" anywhere in "MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.)" Perhaps you can point them out?
When information is power, privacy is freedom.
Gee, I don't see any words to the effect of "haphazrdly edit" anywhere in "MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.)" Perhaps you can point them out?
I make the assumption that most patients, without medical training, aren't qualified to make edits to their medical record. I equate that with haphazardly edit.
Look, legally, even a patient's physician isn't supposed to "edit" a medical record. It's like a file that you only have append privileges to. Why does it make any bit of sense to allow someone with no medical knowledge whatsoever to make edits?
I'm still waiting for an answer. do you even know what a medical record is?
Do tell us where you'll be practicing your particular brand of medicine. I'll be sure to avoid that locale like the plague. Just to avoid you. Makes you kinda special doesn't it?
I don't expect morality, equality, consistency, or justice from the law. I expect only legality.
The parent is right, I already feel much better after this discussion.
There are hundreds of various EMR products, which typically cost $30,000 per physician to buy, and $5,000/year/MD for maintenance costs. After paying all that, the EMR products are incompatible with each other, so that records cannot be sent from MD to MD, except to print out the information and scan the pages into the other MD's system. If the digitized information is lost, then the value of the EMR to track information is also lost. A better solution would be to encourage ro require the use of a single backend product, which would be open sourced, such as the VA's system. This system should be capable of handling all patient encounters: hospital, clinic, OT, PT, labs, etc. Separate front-ends could be created for different situations. The variety of these various situations (hospital front ends, ENT clinics, family practice clinics, pediatrician's office, and so on would be a great environment for private investment. A generic open source front end could be maintained for minimal cost (such as the current VA front end. This would lower the cost of projects, while increasing diversity in front ends (all the healthcare workers care about) and create an opportunity to share digitized information between providers who have permission to share this information from the patient.
Building a healthy future; Connecting communities
I make the assumption that most patients, without medical training, aren't qualified to make edits to their medical record. I equate that with haphazardly edit.
Doctors who can't accept that the patient is in the driver's seat are obsolete.
Look, legally, even a patient's physician isn't supposed to "edit" a medical record. It's like a file that you only have append privileges to. Why does it make any bit of sense to allow someone with no medical knowledge whatsoever to make edits?
You do understand the concept of audit trails, right? ...digital signatures to keep track of who is updating the record is exactly that.
I'm still waiting for an answer. do you even know what a medical record is?
It is fundamentally irrelevant whether I can regurgitate a specific definition.
What matters is that the record is the property of the patient and the patient bears the ultimate responsibility for its contents.
When information is power, privacy is freedom.
Apparently, the bank has no problem with lending me a substantial sum in his name.
But on a more serious note, I think the problem is that our so much of our society relies on a mere secret combination of name and numbers to prove identity. PKI provides a much more secure means of proving one's identity than merely relying on a (presumably) secret combination of numbers known by one's employer, banker, credit card company, and several government agencies as well.
The society for a thought-free internet welcomes you.
Thanks! I hadn't thought of calling a VA hospital, before.
now we need to go OSS in diesel cars
"Look, a patient's medical record is supposed to be an OBJECTIVE documentation of a patient's health status and treatment."
You are kidding, right?!? It's a record. Generally a crappy one. That has lots of errors in the best case. Hell, some things aren't even written down any longer for legal reasons.
"How, exactly, is a patient qualified to make an objective assessment of their medical problems, diagnostic workups and treatment regimens?"
Some of us know more than most doctors about their specific issues. I have time to research my problems, keep up to date on advances, etc. Most doctors, even specialists, don't have the time or don't bother.
"...altering a patient's medical record is illegal and, at the very least, will result in a physician's suspension of privileges from a hospital... and most likely, a revocation of their medical license."
Yeah, right. I doubt that the complaint would even be looked at by the relevant authorities. Only when litigation is involved does it matter. Doctors routinely (unintentially) kill their patients with no disciplinary actions (medication errors, lack of sanitation, etc)....
Btw, your patient record is completely accessible. You just have to make a request to the medical records office. No, it's not available on the web, but it's not as if your MR is a secret like your FBI file.
Your record is NOT completely accessible...I guess you never watched much Seinfeld?
That is what midlevels are for.
It seems to me that you are disagreeing about what "editing" is.
Would you object if each entry that a doctor made has a space attached to it where the patient could place their comments... and neither could alter the entries of the other? Think of it as a database where each record has a text field that is specifically for the use of the patient.
Would that satisfy both of you?
I think we've pushed this "anyone can grow up to be president" thing too far.
These laws are pure B.S., as anyone who has experienced the results of similar laws in another area (finance) can attest. For example: a lender can pull your credit report and see everything about you, but by law cannot divulge info about WHY they raised your interest rate or refused to lend to you because of the privacy laws. It turned out to be something mundane (Verizon logged 1 late cell phone payment and one contract termination fee non-payment even though I never used Verizon for cellphones in my life. What the fuck?). I had to pull my report myself to find this out, and had to deal with several different Verizon reps to reverse this report. They were reluctant to rectify it even though they acknowledge the reported services were never agreed to, applied for, or used by me, and only rectified it after threats to report the matter to the attorney general and sic a lawyer on them. It took two months to straighten out, and figuring out what resulted in the lender's jacking up interest by 10% took a month.
Now, if the lender had simply said "Verizon Wireless reported a late payment on your cellphone?" it could have been resolved in 2-3 days. A phone call to get the address fire off a letter to the reporting agency and to Verizon to inform them I never, ever had Verizon Wireless service, and maybe another day or two to receive a fax back from Verizon to send to the letter and the reporting agency to confirm that the logged report was in error, that I never had a Verizon Wireless account to begin with.
A headache all to privacy laws. Privacy laws do not protect me from them; they protect them from me, allowing them to get away with murder without recourse, at least without a lot of digging and phone tag on my end.
Posting AC out of fear of retribution and repeat of same.
Unless your doctor dislikes you personally or thinks you're a "bad patient", in which case a snide little annotation could fuck up your health care for the rest of your life on a universal medical record.
then by definition it is an "unfunded mandate", which the Federal courts have clearly established cannot be enforced.
Doctors who can't accept that the patient is in the driver's seat are obsolete.
OK, so as a doctor, if a patient is asking for narcotic pain meds, I should accept that the patient is the driver's seat and acquiesce? If a patient is asking for antibiotics and the doctor is sure that the patient's symptoms are due to a virus, I have to accept what the patient is demanding?
You do understand the concept of audit trails, right? ...digital signatures to keep track of who is updating the record is exactly that.
So when I'm admitting a patient to the hospital, I have to now second-guess the entries in a patient's medical record to see if the patient mucked around with the records or whether it was genuine?
It is fundamentally irrelevant whether I can regurgitate a specific definition. What matters is that the record is the property of the patient and the patient bears the ultimate responsibility for its contents.
I'm asking this because I suspect you don't know what a medical record exactly entails, and why it would be absolute foolishness to allow it to be modified in any way other than by appending to it.
Given that the previous sentence was "They're also a lot more security-conscious than your average hospital." I think that was exactly the point.
I think you are incredibly naive about your chosen profession. Open your eyes, managed care have already screwed up the health care system far beyond the wildest dreams of government. What we have now is defacto rationing on a massive scale. Millions of Americans are living with undertreated or untreated chronic illnesses because of the unwillingness of the managed care organizations to live up to their contractual obligations. Look at the mess over chronic Lyme disease. The Attorney General of Connecticut had to bring the IDSA and the insurance companies to court to get them to treat people with Lyme. the same kinds of things are happening elsewhere.
Ultimately, we all suffer. My European friends think we are barbarians for treating people like this and we are. The stress alone is aging people far beyond their years. Getting sick is hard enough but to have to worry that you will bankrupt your family or make it impossible to find a job on top of that, it is just insane.
I wish I could say I thought Obama would change things but despite the hype, he seems to be cut from the same cloth as his predecessor.
Why else would he lie about the impact of adverse selection?
All the laws about mandating electronic records need a provision that forbids all entities that handle the data from "exporting" it overseas in any way. Whether that is storage or processing or analysis, do not send my data overseas. Period. The same standard should be retroactively applied to bank records, credit data and the like.
The executive order requires interoperable systems for healthcare data, but does not require EMR applications. It says any system the fed buys must be able to share data with other systems, but not that any particular system is purchased for any purpose.
Also, does not apply to the private sector, although there are obviously many political movements to provide incentives and mandates in this direction.
The OP is a little misleading. The standards are being developed by HITSP (www.hitsp.org), the money is coming from the proposed 20-25B$ Obama wants to spend on this little pork project (and other legislation on the fed and state level similarly).
Your tax dollars at work. Note that the market has largely rejected the current generation of vendor products, since they do little to help the physician in their workflow.
Sleep is for the Weak
You haven't dealt with many real patients have you. Most are clueless about their medical condition, or they believe they're an expert because they read on the internet about this or that symptom with this or that list of associated diseases and the supposed cures. The average patient lacks the foundation for critical thinking to evaluate "research" papers and the material published in most texts.
The medical records SHOULD be an objective history and description of problems, tests, treatments and assessments, but it can never be wholly accurate or complete.
There is a reason that when the Social Security Number was invented, it included laws about it was *NOT* to be used for any other purpose but Social Security. You can see just how effective those laws were.
That is a good lesson for everyone on how governments really work and one that they generally don't teach in civics or American history class. The government will always say that a new program or power will never be abused or used for the wrong purposes and then break that promise as soon as it is convenient and the masses have moved on and forgotten or are not looking. The lesson is that the government cannot be trusted and it is lesson that our founding fathers tried to pass on, but one that has since been supressed and watered down by those with an interest in squelching liberty and choice in service of some alternative, usually socialist, agenda. The incomming Obama administration, caught up in the spirit of the times, is going to make us less even free, despite their best intentions, with tons of burdensome regulations and massive defecit spending on projects that will invariably be mishandled so that no private entrepreneurs will be able to get anything done (ala the New Deal). The people who swept him into office, and liberal (I should say socialist democrat, but that is whole other issue) young college students especially, will come to regret voting for the greatest expansion of Federal government power in a generation later on in their lives once it is too late to alter course. Ron Paul is right, but as usual nobody, neither Republicans OR Democrats wants to hear it. They say, "LA, LA, LA we're not listening" OR they accuse you of being a reactionary and an obstructionist for having the temerity to raise reasonable and sensible fiscal objections and stand in the way of their grand political plans.
How, exactly, is a patient qualified to make an objective assessment of their medical problems, diagnostic workups and treatment regimens?
Not only are they NOT qualified, but depending upon how those records are used, they might even be tempted to fudge them or delete items on purpose. For example, they might remove records of treatments for conditions that could effect future health insurance benefits and premiums. There are all sorts of perverse incentives that could come up when patients start altering their own medical records.
There is a reason that when the Social Security Number was invented, it included laws about it was *NOT* to be used for any other purpose but Social Security. You can see just how effective those laws were.
In the Netherlands they tricked us by renaming the SoFi (social / fiscal) number to BSN (citizen service number). Now they can do anything they want with the number, as it's not the original number they wrote those laws for. (It is though of course, they just think we're stupid.)
I couldn't possibly agree more. This is why I voted Libertarian, even though it is a hopeless cause. The political system is setup for two and only two parties; without runoff voting and abolishment of the electoral college, there will never be any real change.
Meanwhile, the Federal Government gets more and more and more powerful. Each generation gives up more freedom in the name of safety, not understanding what was already given up.
The United Federal State of America. Quite depressing. The founding fathers would be horrified.
Sadly your document was not received because the validator rejected it after not finding a tag.