Slashdot Mirror
Your Medical Records Online
um... Lucas writes "Apparently, Intel's teaming with the AMA to help post
patient records online.
It's way too early to tell what they're thinking, but I want to know if I can opt-out now."
This could be a good thing if it's done right ... or a privacy disaster if it's done wrong.
Seems to me that patents are a very bad thing for the community in general, but good for one or two individuals.
One of the advantages to a national repository is that researchers or programs can flag correlations that might otherwise get unnoticed. For instance, if people on a certain drug all develop arthritis, perhaps a clinical trial is called for. If a certain city has a much higher incidence of cancer, perhaps there's a contaminant in the water. This is especially useful for bizzarre combinations which aren't tested in drug trials. For instance, everyone who's on 5 unrelated drugs, might get symptoms that normal test subjects won't.
"There's so much left to know/ and I'm on the road to find out." -Cat Stevens
I hope they live up to that. If not, I may just have to find me a country doctor who don't know diddly about computers.
"Well, Mr. Smith, I see you have an impressive resume, but our records indicate you have heart problems and that makes you an unacceptable risk. And you would push up our health insurance premiums."
I don't like this new world, can I have the old one back?
-- IANAEG - I am not an elder god.
"Excellent, that bastard next door is diabetic. I'll teach him to let his tree grow into my yard!"
Sigh.
-Xuff
Homepage & W
I've had a very interesting medical history (think cancer x2) and I know that I don't want my medical records on-line.
Now if this stuff gets out in the public sector with insurance companies and employeers getting ahold of this it could become hard to find a job, especially if the economy dips and the job market flip-flops so that employeers have the upper hand.
Although I would love to have a copy of my Mayo Clinic records just to page through...I don't want this information on a vulnerable network...and you know when this stuff is put online it will prbly be sitting on NT boxes.
heh heh, classic case of post first, ask questions later
-Yarn - Rio Karma: Excellent
Ok.. its slightly Off Topic. Heh, thought i'd be quick and post a reasonable comment on the evils of patents, and just glanced at the article so i didnt miss first post. /me hits self on head.. Patients, not Patents Guess im just one of those idiots who posts stupid first posts. Sure glad im not logged in ! :) Sorry People
Think AIDS. So you'r HIV positive? Good! Everybody will know about it.
Not to do some US bashing AGAIN, but in France, Doctors are'nt even allowed to give personal medical information to other doctors (without the patient's assentment, of course).
A hospital I used to work for was implementing a system to allow patients to access their medical records via the internet. The idea was that you could access your medical records, send emails to your Doctor's office, etc. They were doing this in conjunction with a vendor.
This was all very well and good, except that this hospital, like most hospitals, took technical incompetence to a level that I have never seen anywhere else. I am not exaggerating in the slightest -- most of the "IS Staff" were nurses who had been promoted into IS!
You can imagine what security looked like. Literally, all the passwords in the NT domain were "password" or null. Likewise for Netware passwords. Passwords for system accounts were things like "nascar" (the nurse who ran that system was a fan -- but that password had been changed when I left). In fact, I don't think I ever saw anyone but myself set a password that could not be broken by crack in 30 seconds flat.
On top of that, this organization would try to run on the least technical staff possible. That's good as far as it goes, but when you have a $500,000 UNIX system that you are trying to run with a mail clerk! I'm not exaggerating in the slightest: this organization spent upwards of $3 million on software, $500,000 on the database server, and tried to run it with an employee making less that $10/hour. On this particular system, mos accounts had a password of their user name. After all, anything else was too hard to remember. The root password (until I came on and straightened them out) was "superman".
And, you guessed it, all those wide open accounts were accessible from the dial-in rack. Any fool with a war dialer could get in at any time. I tried to inform them of this, and they ignored me. On the other hand, they were genuinely paranoid about Internet access. So paranoid that they refused to allow access to just about anything without begging, cajoling and everything else, but not so paranoid that they would hire someone technically competent to manage it.
Their biggest problem was that they had no respect for or desire to have around technical competence. I was isolated from day one because I did not pander to their sloppy practices. They didn't want a nerd, they wanted a "manager".
At any rate: do you think that this bunch could keep your data secure? Get real.
Having health records online would be a huge boon to rural medical practice, especially given the already surging growth in telemedicine. By having medical records already available online, practitioners in areas with limited medical resources (such as Alaska's bush communities) could greatly increase the speed of treatment for difficult medical and trauma patients. By already having the records online, the temporal gap between presentation in the primary care clinic and a second opinion by a specialist would be greatly shorted, in many cases increasing the chances of a successful recovery. Having medical records online wouldn't just help "one or two patients" as someone else commented, it would be of great advantage to many....IF they can get the encryption software to work properly. As a future rural physician, I know I would appreciate having my patients' records online. Knowing what I do about encryption and the privacy issues involved in an issue like this, I'm just not so sure I'd want MY records online. Hopefully they'll work it out, because this could be a huge advantage to the medical community, as well as to they patients they treat.
I've worked in the information systems branch of the medical industry for the past four years now. I've seen time and again how badly patient records are protected electronically in clinic, hospital, and corporate office.
Where possible, I've always taken steps as the chief technology employee to protect the patient's records and rights to privacy. I've tightened security systems, making workflow in the clinic a little more attentive to computer usage, so that our patients could rest with the knowledge that all steps had been taken to protect their privacy.
This development scares me. Certainly there is the possiblity to use this information to detect patterns otherwise unseen, but largely such patterns are detected from abstract databases already maintained at the state or inter-state level. For example, cancer clinics maintain tumor information at the state level not only for statistical reporting usage, but also for usage as a pattern detector. But the patients are ultimately proctected from becoming anything more than a number.
A nationwide system with full medical records runs dangerously close to causing mroe harm than good. The patients are no longer a statistical element whose anonymity is fairly well protected by abstraction from their medical chart. Instead, their medical chart is now a part of this database? I am indeed most concerned as to where this development will lead.
Obviously it could be a Good Thing for both patients and their physicians to have quick and ready access to a patient's medical record and history. However, the rush of technology must be tempered with a careful evaluation of necessity. Is it absolutely necessary for this sytem to be available to both the public and physicians. Would it not instead be better served as a carefully controlled, non internet, system available only through licensed professionals?
I would say the patients should express any concerns they have to the proper branch of the AMA. They can try to protect this information all they want. The ultimate question is whether or not the information needs to be made available in such a venue in the first place.
ta,
Jason
# Jason A. Dour
# Jason A. Dour
# Founder / Executive Producer - PJ Harvey Online (pjh.org)
This is a case where the people who are being exposed have a clear right to inspect the software they are entrusting their records to. We should demand they open source the system in the public interest. At the least this will slow things down while the bugs are fixed.
Even if the software were completely secure, I still have doubts about this. Just how hard is it to find a licensed physician with a need for money that would be willing to broker requests? Blackmail? Besides the obvious problems with insurance companies and employers having access, if you have ever answered "yes" to a doctor's question about drug use, you may not want the government to have access either. You really think they won't?
Yes, this could do a lot of good for statistical studies. So we might consider a system where all individual identification data was stripped from the records prior to storage, and placed somewhere isolated from the internet with a warrant required for access. Difficult though, since you'd need to store hereditary relationships and approximate patient location to distinguish genetic from environmental disorders.
The article actually seems to be focusing on the digital identity verification rather than the distribution of patient records. I'm not really qualified to judge the state of digital certificates but I'm thinking they could pick a worse method for verifying identity.
My major concern is that the article doesn't mention any effort to restrict medical information to doctors who actually have you as a patient. If all licensed doctors have access to this information then all a company has to do to gain access is to employ a real doctor or contract the services of a research company that does.
I can see some possible abuses. Companies trying to get a deal on insurance rates by screening potential employees for health problems is the first thing that comes to mind.
Unbreakable toys can be used to break other toys.
Anyone under the impression that your medical records are safe and private are seriously mistaken.Everytime you visit the doctor or the hospital a electronic record it generated. It is called a recepit. The insurance companies get on your doctors office gets one.Heck, even you get one. So how safe are the hospital, doctors offices, and insurance company networks? I've worked with many doctors and let me tell you... a lot of the time all you need is the modem number to access the entire network of a doctor's office. Security is lacking because the doctors don't think to hire real sys-admins. Again, this is only in my experiance.But I don't believe any of my medical records are safe
"When I look down I miss all the good stuff, When I look up I trip over things..."-Ani DiFranco
from the article - Health care has the potential to be a huge online industry,
I'd much rather see a doctor in person (regardless of how long I'd have to wait in line), but maybe I'm misinterpreting the article. Is anybody on /. working in the 'health care' industry? Could you clue me in?
BLOCK STRUCTURE breathing apparatus required for special maneuvers!!
Physician identification is needed. We are developing a web page with clinical information that must be viewable only by physicians (FDA requirement as it tends to work out in practice for various reasons). The rub is that not all physicians worldwide are part of the AMA. Having the AMA be part of this is probably an appropriate starting place. Also, this is not new. I believe there is already an existing program. What is new is the patient record issue and Intel getting involved. I expect there will be a hardware component to this solution when all is said and done.
If there was one point that was made repeatedly at Defcon this year, it was that no matter how well you protect one layer, the other layers are vulnerable. Okay, so Intel is getting some of their wiz kids together to whip up a digital certificate. Swell. Now some 16 year old is going to set up a machine on the edge of some doctor's network and get their digital id (and it doesn't have to be a hospitol's network either, how many doctors do you think have cable modems or DSL - all of them; Okay, now how many do you think know anything about computer security... yeah, that's what I thought). Wonder who wants to buy a digital id of a doctor, with carte blanch to look at the national database.
Medical records are important. They can be used as a tool to extend not just one person's life, but the lives of many. However, what is the quality of that life if someone who is motivated enough can get to that information.
The solution? Keep the data of the person, on the person. I'd much rather prefer a little implant that contains the information. It's pretty secure, if someone is trying to get the information, you probably know about it (and if they are that close to you, getting that information out of the chip is probably the least of your concerns).
As far as the statistical value of collective records.... there are many ways to collect the data and still preserve the integrety of the privacy of the individual.
HaXXXor.com - Naked Chicks Teach You How To Ha
When I was going to a client involved in credit card processing, I was subjected to a full scale, government grade, background check. My client involved in telemedecine, with thousands of personal medical records stored on their systems, barely knows who I am.
As others have pointed out, the fact is that telemedecine is crucially important in some parts of the world and could even help domestic patients, particularly when you get into the more obscure, difficult to diagnose problems. However, until attitudes change in the medical industry (starting at the insurance companies) we are at grave risk of being persecuted for our medical histories.
I'm no fan of legislative fixes. It think what is needed is for other type of government control. The Fed is very adept at arm twisting and coercing an industry when it wants something changed. Something must be done about the current state of information security in the medical industry. The insurance cartels are too powerful to be motivated by their customers. We need an infosec lobby whose first issue is the security of medical records.
I really don't know how to take this. I work for a software company that among other things, does online software for clinics. I can tell you that this kind of thing is actually in use. It has medical records, lists of services used (OB, Dietician, etc). Pretty much everything you don't really want online, especially on port 80.
So, from my perspective, this information is already out there for some clinics. All this annoucement means is that they are going to come up with some authentication stuff to (hopefully) make it more secure than it is already.
But then there is another problem: the fact that this is not widespread. It is probably true that most people's records are not online. And it is probably true that few people know about our services and where to go to get the goods. It seems that the future is big websites, with everyone's records online, advertising on eBay, and practicaly begging for breakins. There is a lot of money to be made in blackmail.
But let's face it, the medical industry want this info online. They are begging for it to be online. They want it flying around in XML bewteen hospitals so that an ER doctor can intantly know that the guy whose rolling in is on such and such medication and has this blood type and thse know reactivity problems and these biohazard warnings. And with good reason: this information can and will save lives.
So it is good that a major player is backing the security side of things. Let's just hope that everything is up for public review for holes, etc, and that enough people work to make this thing secure.
Perhaps they can set up a dummy system that has fake information on it and give rewards for cracking it (and telling them the crack). I have faith that there are more people who want to help than people who want to profit.
Maybe I'm just fooling myself into feeling better about it.
-no broken link
Some posts have hinted at how future employers, insurance companies or angry neighbors could do you harm based on your medical records. Insurance companies already look at your medical record, especially for pre-existing conditions. I would surmise that they are already adjusting your premium based on your health history. In regards to employers, the United States has an American with Disabilities Act that "prohibits discrimination on the basis of disability in employment, programs and services provided by state and local governments, goods and services provided by private companies, and in commercial facilities." (taken from the Department of Justice Web site on the ADA, found here.) The question is what counts as a "disability," but in my department at a previous job (a law firm) disabilities included both physical and mental conditions, such as access disabilities, bipolar disorder, and fatal reactions to peanut oil. In the case of the peanut oil, the person used the ADA as a cudgel to curtail the use of peanut oil in the cafeteria, which got into the air system and into her lungs, etc. While the ADA is focused primarily @ people with access challenges, it has been used to cover other cases as well.
As far as neighbors getting the information and using it for e-vil, any misuse of medical information is just begging for a civil liability suit and possibly jail time. Just like someone using your social security number to get information about you, the use of your "identity" to access medical records under false pretense would probably be punishible by fine, imprisonment, or both.
My hangup with the whole system is, as someone has already said, the implementation of the whole thing -- the technical details more so than the social ones. While the medical system would (hopefully) be more secure than other online systems (read today's story about AOL, etc), it would be a high profile target for meddlers. The deletion or alteration of records by people posing as doctors would be disasterous. Beyond the "hacker" bugaboo, the potential for social engineering is pretty high. Most of the patients who will use this system to access their records are probably not going to be too computer savvy or (flashback to ISP tech support days) are going to forget that their password is their name spelled backwards with all the digits of their kids' birthdays tacked on @ the end. In order to make the system usable by the general populace, the methods for password and username retrieval are going to have to be pretty lax, ala your favorite Web-based email system. Blech.
What does that mean?
- Medical data must be stored in a secure manner. Yes, there is no perfect security, but let's just say that Windows NT is about to suffer greatly in the medical marketplace...
- Medical data must be protected in transit. That means RC4-128bit or 3DES. Even on a hospital LAN. That's right: sanity at last.
- There must be published and audited policies and procedures governing storage, transit and disclosure of electronic medical records. That may sound like a drag to Slashdotter's who work in chaotic, fast-paced tech companies, but this bureucratic overhead means clear liability concerning your personal data.
- Included in the auditability guidelines is non-repudiation. This means digital signatures and X.509 certificates. This is an excellent technology which has been resisted due to cost and complexity. Not anymore.
Bottom line: nobody is going to be putting your medical records on a public website.Hmmm .... having a family member who's part of the medical fraternity could be dangerous to your faith in the hospital system. People sometimes conveniently ignore the fact that the point of a health system is public reassurance, ie to avoid the suggestion of public rorting and keep psychos/mortalities off the front page. Hence you may be surprised at the ratio of managers, biostatisticians, procurement specialists, ethical reviewers, etc to actual medical staff. Adding an unstable IT system to the mix sounds like a recipe for disaster. If you think your medical bills are expensive, wait until you add the cost of a multimillion dollar system (+ ongoing maintenance/replacement) and another layer of staff onto the bill. Also, if trends are any indication, management will take this opportunity to replace highly trained auxiliary medical staff with less skilled button-pushers. It's bad enough having bank tellers believing the printout as gospel truth when you know there has been a screwup but with a medical system, who bears the utimate risk of mistakes/errors? I'd like the see the end-user-license for this one! Plus with more detailed records being permanently kept, expect litigation to go up.
The whole point of a hospital system should be to keep people out as much as possible, ie focus on preventive health rather than fixing up the mistakes where the costs are so much more significant. Ie more time on the design rather than final quality control to the afterlife. This is where I see IT making more of an impact in the long-term like mobile devices that make periodic medical checks. Also giving people more information about the efficiency (and thus cost) of their insurance coverage allows them to make more informed choices. Given the advances in basic health, most medical problems nowadays are life-style related (obesety, alcohol-related liver damage, lung cancer, mental health, etc). With better information, expect to see more carefully targeted insurance plans. By tying costs back to the source, it will hopefully create a dampening feedback cycle.
Sure the medical system will change but don't expect it to happen overnight.
LL
You went to Defcon? You must be so K3WL! You forgot another point at Defcon, however: the one on the top of your head.
Not only do you show a woeful lack of understanding of public-key cryptography, but you are also unaware that HIPAA regulations address physical security concerns.
Go find my note on HIPAA.
I think this is a really bad idea. Health records are personal information and property. You carry them around with you. When the doctor wants to see them you show them to him. The medical establishment shouldn't own these things any more than educational institutions should own academic information (they don't usually, you can have them "locked" or made "private" so they can't give out any info). I think this is really intrusive. There are just so many bad things this could cause. What's the big deal with keeping records anyway...are people so stupid they can't even file something away? What about their social security card or birth record...who owns those?
It's 10 PM. Do you know if you're un-American?
I may not be albe to see your medical records that says that you have a heart condition but I can log onto a big insuracne company web site like GHP or Aetna, enter in a password, and see that you have been to the ER 5 times in one year for chest pains, and that you have scheduled heart surgey coming up and a host of other things relating to your medical condition.
The info on these web sites is not quite as clear as having someones meidcal record in front of you, but most people could figure out the info after only a few minutes.
The company I work for develops and sells a patient records and practice management software package. Our security requirements are downright freaky. FULL DISCLOSURE: Yes, it runs on NT, but, when done right, you can secure an NT network.
1) No outside connections unless they come through our firewall. Period. We do not have a dial-in system, and our ISDN links to doctor offices are password protected three times (router, VPN authentication, user password). Yes, we have Internet access, but only certain people have access to it, and it is logged as well.
2) If you are not using our machines with our software, no network link for you. We have two doctors who have a home link. They come in, using NT systems configured separately from their home machine, owned by us, through a VPN tunneling link using 128-bit encryption. Slow as hell, but its secure.
3) Every action is logged, right down to checking a patient in or out. Our logging database takes up its own 12G hard drive, and is backed up to tape every night, along with the rest of the system.
4) Database security: Every user has specific access rights which cannot be changed by anyone but our administrators (duh). They are finely grained, down to controlling which functions in what applications can be performed.
5) No FDD access at all, nor data dumps, from user applications. It is not possible to get a raw data dump from our system without us knowing it (and doing it). This is analogous to the credit reporting agencies' systems. You may can get one or two patients before someone notices you're not supposed to be at another person's machine, but you won't get them all. Oh, and this also prevents installing any software but ours (no CD-ROMs, either, and network-based installs are only accessible to administrators).
6) Network based anti-virus protections: You will run our anti-virus software (as well as remote control software using AT&T's open source VNC program) with virus definitions updated nightly.
See? Life's not so bad, as long as its done right.
I used to work for a company that ran hospitals and clinics. The commercial software package that we used to run the hospitals had the crappiest security you've ever seen. It pretty much required shared accounts to use some of the components. The developers at the vendor had no clue about how to write secure applications or even how to properly use the OS's (VMS) security. For those of you that have used VMS, how would you like to see applications running on the system that required that the user account have BYPASS privileges and to have this enabled by default? When we were getting fed up with the vendor's unwillingness to fix the software, as well as their general incompetance, we found that other vendors were no better.
IMHO, healthcare providers are going to have enough trouble avoiding problems with compliance with the Federal confidentiality regulations covering patient information on their non-Internet-connected systems let alone anything that's connected to the entire world. For example, a hospital could be in legal hot water if a nurse even looks at a patient's records without the patient's physician's express permission. A hospital was successfuly sued when something like this happened and information about their medical history was leaked. That's one reason we were looking for alternate vendors since our software could only log changes to online patient data and could not track accesses. Tracking access to online data is something that's going to soon be a requirement for hospitals (they already do it with the paper records), especially if they want to keep their accreditation and be able to treat any Medicare/Medicaid patients (which is, BTW, a huge source of income for hospitals).
Personally, I will be looking for a new doctor if I find that he or his partners decide to make any of their patient's information available via the Internet.
Also, let's not get into the argument that says ``If you've got nothing to hide... don't worry.'' Some employers do try to get a hold of a potential employee's medical history to see if they're going to hurt the company's insurance premiums. (My wife has a friend that's been through this scenario.)
CUR ALLOC 20195.....5804M
Oh, I'm sorry, we needed heating engineer Tuttle, not Buttle! It's too late though, your husband is dead.
WHAT DID YOU DO WITH HIS BODY?
Get your morning tea, Wohali....
"But always she's the spectre of uncertainty I first endured, then faded, then embraced..."
Is a right we all have when it comes to our medical records. I work at a pharmaceutical company, and we are constantly scrutinized to make sure we are retaining the confidentiality of our patients. I can't even begin to see the possible infractions of privacy that would result from having confidential and personal medical records housed on the internet. We might all find out that *gasp* Bob Dole really DOES use viagra...
Deitheres
-- .sig files go when they die?
Child: Mommy, where do
Mother: HELL! Straight to hell!
I've never been the same since.
Just like driving a car:
(D) to go forward
(R) to go backward
I think that a medical records database is a great idea. To think that with a few keystrokes an emergency ward can see anyone's complete medical history will undoubtedly save lives, and improve the quality of life for many that are served by this.
I have two concerns, and they seem different from anything that I've read.
1) They aren't thinking big enough. Medical histories must include geneologies. Imagine being able to research how treatment of an individual affects children and grandchildren. Or how a recessive gene affects every other generation but only in the oldest child, etc.
Not "carefully controlled studies", but reality.
And not by spending millions of dollars to assemble a 10 years study that yields puzzling results contrary to what was expected.
Real answers in Real Time.
2) DNA. Concerns so far seem to be limited to finding out who has AIDS, who has been treated for drugs and/or alcohol, or other "today" problems.
The real problem is how this is used in the future.
Think about it -- combine the technology of everybody's medical records (including their DNA) in one place with the predisposition of science and politics to meddle.
While this combination of information could lead to tremendous advances in medicine, this is also where the greatest abuse will occur.
I'm going to hear it for this, but if it's going to happen, (and it is), entrust the Mormon Church to keep the data along with all their geneology data.
This job is a test. It is only a test. Had it been an actual job You would have received Raises, Promotions, and ot
Nobody was EVER talking about putting medical records on a public website. I used to work for a medical school, and I know that the doctors would never allow that. However, being able to transfer treatment records more quickly to other medical professionals is enough of a benefit that with decent security in place it FAR outweighs the risks IMHO.
"Somebody exploded a letter-bomb today
Some medical records are already online.
For example, I'm the sysadmin for a project called PCASSO (Patient-Centered Access to Secure Systems Online), which is led by Dixie Baker at SAIC and Dan Masys at UCSD. The basic idea is secure access for providers and patients over the net. We're currently at the end of a three-year grant, and are in the middle of a field test with a few hundred providers and a few dozen patients at a local university medical group.
And the whole focus of the project was security. It was designed from the ground up with HIPAA in mind. A little bit of detail is available at our website, but the basics are:
There was an article in SysAdmin magazine (no fulltext online, unfortunately :( ) last month where the previous sysadmin and I discussed some of our experiences with the system and with the users' reactions. Basically, doing things right is a pain, and some users (mostly the providers who are used to easy and unlimited access) hate the multi-factor auth. We'll have a better idea of what the patients think once we've gotten a critical mass and done some surveys.
For immediate release...Redmond, WA. (12-Oct-1999)
Microsoft has joined the race to provide "digital credentials" for use with medical related information. Built as an add-on to their recently released Passport service, Microsoft is said to be interested in taking a percentage of each user's health to sustain BG into the next millenium.
Hello?
Privacy is a joke. There is no privacy. Stop fooling yourselves.
"THEY KNOW WHO YOU ARE. (repeat ad endless naseum)" -Powerman 5000, Tonight The Stars Revolt
Failure is not an option.
It comes bundled with Windows.
Given the state of the law and the technology, however, and given the threat to patient confidentiality posed by such a centralized database (can you be refused a job or health insurance because of your prior medical record?), I think it is extremely important that further legislation be passed in order to make such uses of patient data illegal. Such legislation must be very specific in terms of what constitutes abuse and what the consequences of said abuse will be. Only with such a legal framework in place will the technological be able to move ahead while offering patients some level of comfort regarding the confidentiality of their data.
And as for the techology, it must have, at a minimum, the following features (IMO):
David
Will someone explain to me why it is always my responsability (assuming I'm given the 'privilege' at all) to opt-OUT of these kinds of things.
It's my personal information. Mine. Period. Why is it not the other way around? Why aren't the groups heading these types of things required to explicitly query me for permission to use my personal information?
Spam, Phone Solitations, Junk mail, Bell South's online email database. All of these are examples of things where I'm (when possible) required to opt-out. So, why is that? Where are my rights to privacy?
-j
Several people have asked for references to expert work in the field of medical records and security. Try taking a look at Ross Anderson's homepage at http://www.cl.cam.ac.uk/~rja14/#Med He is a lecturer in computer science at the University of Cambridge, England; he advises the British Medical Association on computer security matters as well. Check out, for instance, the article entitled "Patient Confidentiality--at risk from NHS-wide networking". Hope this is interesting, Steve
HIPAA mandates an EDI standard that is not based on XML.
All true wisdom can be found in sigs.
We guard our medical records as if they are some sacred cow. Privacy is an illusion. The real problem is maintaining your unique identification. Already someone could steal our identity and open credit cards, buy a house, and even get arrested. Who's going to try to do that with a medical record? ("Oops, You chart doesn't say you're allergic to penicillin Mr. Smith.") I'm not at all concerned someone might find out the brand of birth control my mother uses or what I was given that penicillin shot for recently. (She doesn't and I don't by the way.) -M Baker
I'm pretty healthy but my fiancee has lupus. (It's Lupus awareness month.) I don't want any doctor to be able to access my records without my express permission. So, would that mean a 2-key system where myself and a physician would have to "log in"? That'd give him/her permission to read my charts anytime in the future. That'd be okay with me.
What I don't want is ANY doctor (say at a drug or insurance company) being able to get my or my fiancees records. I also want the database run by a non-profit organization supported by taxes or standardized fees.
Imagine NSI with your medical records!
_damnit_
_damnit_
It's my job to freeze you. -- Logan's Run
Since this is being done by Intel, does that mean that anyone who wants to access their medical records will need a Pentium 3 with the PSN (serial number) activated? That would require a national database of who owns each PSN, not to mention being able to spoof it, either by patching the software, or trapping CPUID. (a non-priveliged instruction can be trapped without full CPU emulation by using "advanced techniques", just look at VMware or the Freemware project)
Of all the comments on here, there was only one other that questioned why privacy is needed here. I really don't care about medical records (granted I don't have that many, almost never see a doctor), but I'm not concerned about people exploiting this information. Besides a random "I know your medical problems so I can kill you" comment that has little bearing to how most murders take place, the other big issues raised here were employement denial and insurance rate hikes. Such practices by employers are already illegal, save special cases. As for those insurance folk, if you have a problem, they are probably still going to be saving you money. (If they're not, find another company.)
Don't be silly. Everything is a matter of risk.
The example of quarantine (which I suspect you don't know much about) is a fine example. People with TB, even today in some cases, are quarantined until they get sufficiently better so that releasing them is a good risk.
Of course, it wasn't the existence of quarantine laws that stopped widespread tb; it was the existence of effective antibiotics. People who were badly enough off to go to a tb sanatorium were by and large already bedridden.
HIV's spread isn't going to be confined by quarantine; we know that people can be asymptomatic for years, decades even. Those whom we have the most to fear from are people who carry HIV but haven't yet developed AIDS, who haven't been tested (most people aren't, unless they're blood donors), and who thus haven't adopted safer sex practises.
They wouldn't be caught by a medical dragnet through online records. They wouldn't be caught by quarantine laws. They would be caught by better sex education, which would both keep them from getting it in the first place and from transmitting it in the second.
Having online and fully accessible medical records strikes me as so much expensive but trendy claptrap. Compare the huge effort of putting records for 300 million people securely online to the relatively tiny cost of adequate and universal public health. Of course, adequate and universal public health won't make headlines and won't make millionaires - so it's neglected.
--
--
There is no premature anti-fascism. -Ernest Hemingway
*Assuming* that this (and other medical databases) are done securely (So that only authorized users can access them, which is important and should be discussed)There's another problem here: Who should have access to medical records?
The article above specifically says
> Digital credentials like those developed by
> Intel help ensure that only authorized > physicians, insurers, and consumers can
> access a patient's medical transcripts or
> other health records.
And I would argue that the person who *most* needs to be able to access a given patient record is the patient themself. Look at credit records -- you do, as a consumer, have a right to look at your record and notate it, as well as challenge any spurious or wrong entries. To my knowledge you don't currently have the option to notate or challenge your medical records. I don't know (and I don't know if anyone knows) how common mistakes in records are, but considering the number of clearly wrong diagnoses I've heard (from an eight year old with Borderline Personality Disorder, to three friends of mine [one pregnant] who were told they had cervical cancer on the strength of one bad PAP smear [further testing showed that none of them did] etc) I'd be willing to guess that mistakes aren't unheard of, at the very least.
*Especially* if insurers also get the ability to read your medical record.
What makes me nervous is that nowhere in the rest of the article is the right of the patient's access to their own records mentioned, even though physicians are.
The other question is that will physicians who don't have your permission be allowed to access full records -- I'm not sure there would be problems with being able to pull demographic information (i.e. how many patients with AIDS/Cancer/Birth defects/etc do we have in this area) but do we really want any physician at all to be able to pull 'Who has AIDS/Cancer/etc?'
Anyway, sorry to make this so long, but no one seemed willing to bring that up.
One item I've not seen raised here is a vital one, which so far as I know is not addressed in the HIPAA/Kassebaum-Kennedy legislation. (Although I have not studied it, and I could be wrong.)
* * * *
In order to prevent abuses of patient data it is *absolutely essential* that it be made completely clear and unambiguous in the law that *any* data about a patient's health is the *property* of that person. If this is not done, then all the other "security" assurances are meaningless. Information should be released to providers or payers *only* with the permission of the patient, on a transaction-by-transaction basis. That means that even your own doc should not be able to go pawing through your record without your consent, unless he is willing to certify that an emergency situation exists and you are incapacitated. Even then, an non-repudiatable entry should be made in the audit log to show that access.
Not only is this not clear in the federal legislation so far as I know, but few states have any sort of law stating that patients own thier information, either. It's easier to get your medical records in many places than your credit report, and we all know that's not too difficult.
BTW: Think not only of how information on you might be misused against you, but also how it could be misused against your offspring, since it will all be available on some big server somewhere. There's really no reason to expect that your records won't still be around long after you're gone, but they could be dangerous for quite a while: Hmm, his great-grandfather had cancer, eh? "I'm sorry, we don't have any positions that are a good fit for you at this time, but we'll keep your resume (and family health history) on file."
If the patient *doesn't* own their own data, then who does? It's likely some presently powerful entity that stands to benefit greatly from the serindipitous discoveries that doubtless lay waiting to be discovered in all that data. The data *is* quite valuable, and that's the problem - it's unlikely that the insurance companies, HMOS, pharma companies, etc. would let the patient own this data, they all want to control it themselves. The new federal directions on ownership of databaases make this even scarier.
At the same time, an ideal setup would allow anonymous searching across populations, but it's notoriously hard to prevent information about a single patient from being retrieved by data mining tools. (Show me the abstracted claim info for all female VPs at XYZ Corp that live in Yuma. Oops, there's only one? Well, that abstracting didn't hide much, now did it?)
Oh, and not to be alarmist, but as a former heatlhcare IT consultant, I can say that although most hospitals and docs are sincere in their intent to provoide privacy, in reality there is nearly none. The most secure systems you'll find in a hospital are the ones based on paper, and a big hospital loses thousands of charts and x-rays every year. Not like it really matters since all the most damaging info gets shuffled directly to the HMOs or insurance companies in already coded and classified form where it can *really* get misused behind closed doors. In my mind, the payers pose a far greater risk than the providers.
***********************************************
Patients must own patient data, and the providers and payers must realize they have a
fiduciary responsibility to maintain the privacy
of that data.
***********************************************
"The future's good and the present is nothing to sneeze at." - Roblimo's last
I work in the IS dept. of a medium sized hospital and I find this downright scary. Aside from a firewall there is little security here, and plenty of dial up lines. PCAnywhere is a popular tool. There are 5 unix servers and I (a sysop making In short it's a real mess, and if other hospitals are similiar, this is a security nightmare.
In short it's a real mess, and if other hospitals are similiar, this is a security nightmare.
If you think this is a potential for disaster, be aware that, due to lack of qualified professionals in the United States AND a cheaper labor force in India, confidential medical records are being sent overseas to India for transcription. The dictated voice is being sent over the telephone lines to people in India who barely speak English, and the finished report is sent back. Not only is the quality often atrocious, but what if they wanted to make some extra money and blackmailed someone who has AIDs? What if they chose to monitor our disease trends to create their own biological weapons?