Slashdot Mirror

← Back to Stories (view on slashdot.org)

Electronic Medical Records, the Story So Far

Posted by kdawson on from the work-in-progress dept.

StupidPeopleTrick writes "After the executive order signed in 2006, states are making strides with privacy breach notification but are struggling with enacting privacy laws and finding funding.
With looming deadlines to move to e-records and e-prescribing, where will the money and the privacy standards come from?"

11 of 136 comments (clear)

  1. Scary how people don't care by pondermaster · · Score: 2, Insightful

    Scary thing is... they'll get away with almost anything w.r.t. privacy. Average Joe, plumber or not, doesn't seem to care much.

    I wonder why?

    1. Re:Scary how people don't care by mancunian_nick · · Score: 2, Insightful

      Probably because it doesn't affect or concern them personally - or at least they don't perceive that it does. It's usually when it's too late that maybe they discover that it does or it will!

  2. Here in The Netherlands... by thrill12 · · Score: 5, Insightful

    ...we are already starting with the "EPD" (Electronic Patient Record) this year.
    Every citizen to which it applied got a letter in their home, from the government, asking if they wanted to object. For this they had to reply using the included form and a copy of their ID.

    Until now, approximately 500.000 objections have been sent in.

    Just last week, the government proposed hard actions against those who violate the "EPD", such as high penalties. Insurance companies are not allowed access to the EPD and doing so would give the patient an immediate right to go to a different insurance company.

    Let's be frank - these 500.000 people understand the one and only true thing about EPD : once information is out in the open, you never going to get it back in.

    Just a while ago I got my own medical file from my physician - I am in my 30s - which contained 6 pages of text...
    That's not a huge load of information, and makes it very easy to copy. Once out, anyone knows my complete medical record from my birth onwards. A penalty against misuse would thus not work, it would simply be used to blame any messengers that stand up and find flaws in the security.

    One such flaw was already found last year: most hospitals (yes - publicly accessible hospitals) don't password protect their terminals.
    Argument ? In an emergency, they do not want to put up the physician with all those tough things like entering passwords.

    I respect the ideas of your new president, but I think he should definitely think again when implementing this - information wants to be free.

    Solutions ? Maybe give only the patient the private key to unlock the medical database. It was an argument here, but was quickly thrown away on grounds of "much too difficult" and "what in an emergency" etc. Until that solution is seriously looked upon, or at least until the security of it all is completely looked after, my vote against this would be a big fat "no way".

    --
    Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
  3. Obama by Anonymous Coward · · Score: 1, Insightful

    I understood Obama's spokespeople to making a big deal about moving to electronic records. Are you telling me that it was actually Bush who made it happen?

    1. Re:Obama by Anonymous Coward · · Score: 2, Insightful

      If Obama does this, then it's a wonderful cost saving measure that will bring health care to everyone.
      If Bush did this, then it's an evil plot by the insurance companies to deny coverage to poor, deserving people.

  4. Re:VistA - VA Open Source by Anonymous Coward · · Score: 2, Insightful

    There also is(was?) a window manufacturer called vista. They used to be the top result in google, but I have trouble finding there site now...

  5. Re:Microsoft has done some good work on this so fa by SupremoMan · · Score: 5, Insightful

    My father called the hospital the other day and gave them his name, and they asked "Is your social security number XXX-XX-XXXX?"

    Ummm anyone else see a problem with this?

  6. Insurers EXCITED about EMR's potential to.. by Anonymous Coward · · Score: 3, Insightful

    Basically, EMRs are very dangerous in countries that don't have free universal healthcare, like ours, because they promise to make it far easier for insurance companies to identify medical risks (their euphamism for sick patients) so they can be avoided or dumped.

    Obama pledged to lower costs a tiny amount for normal families. Obama has a huge amount of support from the insurance industry on this because they have been pushng EMRs for years as a a way to eliminate the assymetric information held by patients about their own health status.

    Currently, patients know more than insurance companies leading dangerous customers who represent medical risks to be more likely to buy insurance.

    To lower costs for "normal families", they must raise costs for the chronically ill or reduce the number of them who receive coverage. (Triage)

    The Obama's priority is improving the statistical "coverage" of the healthy employed. The dark side is that the 20% or so of Americans who have any kind of chronic illness, and to a lesser extent, first degree relatives of them (children, siblings, parents) will still find it harder and harder - next to impossible - to get insurance outside of a large medical group, (small employers will see huge price rises if they cover a medical risk) Eventually, finding any kind of employment for medical risks will become very difficult, and they and their families will become a marginalized underclass, not unlike the film "Gattaca".

    We price insurance by risk. That is the one most non-negotiable part of Obama's healthcare platform.

    People who are known to be sick or are related to them are known risks. The so called "fair price" to insure known risks is high.

    The only solution possible that would preserve our current 1/3 cut insurance model (very important to those in Washington today) might be to offshore the care of the sick. Medical emigration and marriage out of medical insurance necessity are already skyrocketing, a recent nationwide study found. (17% of Americans have a close friend or family member in that situation)

  7. An audit trail is what counts by Alwin+Henseler · · Score: 2, Insightful

    My father called the hospital the other day and gave them his name, and they asked "Is your social security number XXX-XX-XXXX?"

    You mean that if you call that hospital and pretend to be person X (known to have have been in there sometime), the hospital will happily give you the SSN that's recorded for person X ? Over the phone, with no further checks or guarantee(s) on the identity of the caller?

    Not that SSN's are well protected anyway, but if the above is true you should definitely take it up with higher management of that hospital (to adjust procedures / staff education etc. hospital-wide), because that's a serious privacy leak. If same thing still works after, say, a couple of months from then, I'd even consider reporting that hospital to whatever government body you can find that has the power to 'punish' hospitals for things like this. If any such government body exists, that is ;-(

    Most medical records today aren't things that patients get

    From what I've seen myself, and heard from family members etc. that appears to be the default - to keep patient, and medical data on that patient, in separate places. But why ??? Can anyone from the medical profession enlighten us what's wrong with patients studying their own X-rays, reviewing lists of drugs to be used in the course of a (planned) operation, or re-reading a diagnosis? And I'm talking totally separate from the issue of how much influence a patient should have on these things. Is medical data only interesting to doctors etc., but not for patients themselves? Are well-informed patients a nuisance, or what? What do medical professionals think of this?

    MS is taking the position that patients should be able to see their own records, and even correct their own medical records. (But with digital signatures to keep track of who is updating the record.

    Even more than privacy, that should be the focus for medical records: an audit trail. You start with an empty record, and for every little bit of data that gets added, edited, removed, and even accessed there is a hard, unforgeable proof of who did it. What doctor added that X-ray pic, which nurse looked at what medication was prescribed to you earlier, etc. etc. Perhaps with an automatic notification policy? Patients' record updated -> update notification sent to patient.

    An unforgeable ID for anyone accessing that record would be minimum requirement. And stiff penalties for abuse. Shared passwords, terminals accessible by multiple people (and perhaps out of sight) would be unacceptable by definition.

  8. Re:Microsoft has done some good work on this so fa by GNT · · Score: 3, Insightful

    I AM A DOCTOR. 11 years medical informatics. 16 in medicine in general, 6 years medical devices.

    And you need an attitude check, if for no other reason than your experience is insufficient to the matter at hand.

    (1) The patient record IS owned by the patient (and the hospital/provider)

    (2) All 50 states mandate access to the record by the patient

    (3)Hospital records are routinely lost and routinely we do not enter crucial data because of liability reasons. A fact-on-the-ground, if you will. Never mind it is actually counter-productive and the best documents are the best defense, with the majority of docs actually winning the lawsuits.

    (4) Larry Weed's arguments on patient's owning and understanding their record have never been refuted (You might know him differently, as he invented the SOAP note)

    (5)Many patients have a better and more intimate understanding of their condition (and the tests they underwent) than you give them credit for. You might want to learn to properly listen to your patients and credit them for being more than stupid cattle.

    (6) And your MedRec SHOULD be more secret than your FBI file. As a man suffering from condition that routinely cripples him once a year, if that info was known to Tom Dick or Harry Employer I would unemployable even though I only lose a day or two of work a year, they would freak. Just think of the HIV stigma that AIDS *testing* brings to the fore. Never mind I have had to have 3 of those tests for various reasons, NONE having to do with exposure.

  9. Re:Microsoft has done some good work on this so fa by winwar · · Score: 2, Insightful

    "Look, a patient's medical record is supposed to be an OBJECTIVE documentation of a patient's health status and treatment."

    You are kidding, right?!? It's a record. Generally a crappy one. That has lots of errors in the best case. Hell, some things aren't even written down any longer for legal reasons.

    "How, exactly, is a patient qualified to make an objective assessment of their medical problems, diagnostic workups and treatment regimens?"

    Some of us know more than most doctors about their specific issues. I have time to research my problems, keep up to date on advances, etc. Most doctors, even specialists, don't have the time or don't bother.

    "...altering a patient's medical record is illegal and, at the very least, will result in a physician's suspension of privileges from a hospital... and most likely, a revocation of their medical license."

    Yeah, right. I doubt that the complaint would even be looked at by the relevant authorities. Only when litigation is involved does it matter. Doctors routinely (unintentially) kill their patients with no disciplinary actions (medication errors, lack of sanitation, etc)....