From the January/February 2011 issue of HealthCare Business News magazine
This report originally appeared in the February 2011 issue of DOTmed Business News
By. Dr. Barry P. Chaiken
Virtues of digitization
Throughout our industry experts promote the virtues of electronic medical records, and the easy exchange of digital data to assist in providing patient care. According to many of these experts, the elimination of paper records brings improved quality of care, enhanced patient safety, and saves billions of health care dollars. Considering the $2 trillion size of the health care industry, many companies see huge business opportunities in collecting and managing electronic patient data.
As health care organizations move forward with deploying electronic medical records, they continue to struggle with the appropriate governance structure necessary to manage the access and handling of patient information. In other words, no widely accepted, clear standards exist to guide organizations on who can access patient information, how they secure permission for access and what can be done with the information.
Focus on processes and workflows
Although the Health Information Technology for Economic and Clinical Health Act tightened protection of patient data, organizations continue to struggle with the proper processes and workflows that allow reasonable access to the information by clinicians while protecting the confidentiality of the information.
Privacy of medical records is not a new problem brought on by information technology. Even with paper records, unauthorized access to patient information frequently occurred. During my clinical training, patient records were readily available at the nurses’ station on each ward. Anyone working in the hospital could easily walk up to the chart stand, pull a record and read whatever they wanted. On occasion, an attending would walk off with a chart requiring a frantic search by the ward clerk. Over time, procedures were put in place to offer better control of access. Even with these changes, the record was never fully kept private. In addition, with paper records there is no easy way to record who accesses a record and what information is reviewed.
Electronic patient data may present a challenge to maintaining privacy of patient records, but the fundamental principles remain the same. Ensuring privacy of medical records requires access to a patient’s record be restricted to those individuals that need access to provide appropriate care to the patient.