Posting in Healthcare
Are PHRs a threat to privacy? Can we put such records into the clouds and maintain control over them?
Electronic Health Records (EHRs) are held by your doctor and your hospital. (Picture by John F. Blankenhorn. Yes, my son.)
Disclosure is subject to a strict federal law, called HIPAA. Violations are punished severely. When the "Octomom" had her records compromised early this year 15 people were fired, and the hospital drew nearly $500,000 in fines.
Google, Microsoft, and health reformers generally have another idea.
The rules of EHRs and PHRs, then, are different. Stepping across that threshold sounds easy. In practice it isn't.
The difference was on full display last week when Google and Microsoft executives appeared before David Blumenthal, the National Coordinator for Health Information Technology (NCHIT) and Aneesh Chopra, the nation's Chief Technology Officer (CTO).
Make EHRs compatible with Web standards so we can turn them into PHRs, said Google CEO Eric Schmidt and Microsoft chief strategy officer Craig Mundie.
Not so fast, said the bureaucrats. Blumenthal seemed to think this was beyond the scope of his work. Chopra wondered whether consumers should not be satisfied with a "summary" of their records.
The issue has also crossed the pond where David Cameron, leader of the Conservative Party, got into a public spat with David Davis, once a candidate for leadership himself, over the issue.
Put simply Cameron stood for access, Davis for privacy.
Which leads to this very non-partisan question. Are PHRs a threat to privacy? Can we put such records into the clouds and maintain control over them?
Aug 8, 2009
You make some good points, especially about Google and Microsoft. They want PHRs to "liberate" the data, putting it in the control of patients. Frankly we'd have a lot fewer security problems with EHRs if we could get rid of the motives insurance companies and employers have for breaking into them. IT would also be nice to use some other key identifier rather than the SS number, which was not designed for that. To learn more about Google and Microsoft, see my ZDNet Healthcare piece at http://healthcare.zdnet.com/?p=2542
Because it was made part of the stimulus, and thus is already "baked in." I did a piece on that at ZDNet, http://healthcare.zdnet.com/?p=2550
vthakkar, I don?t argue with your very good points, but I think you?re coming at it from the wrong end. :) Just as the war on drugs will never succeed by going after the supply side rather than the consumption side (something I don?t expect will ever happen), if we wait for a fool proof security system, or even a consensus good one, we?ll have a long wait. The only realistic approach is to make violators pay a massive price and to compensate the victims (I?m annoyed that identity theft seems to be such a low cost crime!). I know that you can?t undo some of the horrendous deeds some miscreant violators will perpetrate. But, at the same time, you can?t undo the horrendous mistakes that occur because of the lack of use of EHR. I can?t say I?ve seen the numbers, but I suspect that the costs of not doing VA style EHR are greater than the security breach costs would be? Anybody seen any numbers on that?
I am a psychiatrist and I'd like to respond to this statement by the writer in post #1 above: "Are PHR a threat to privacy? They are no more of a threat than any other record or information." For clarity, let's say EMR=physician-only access and PHR=patient-only access. Problem #1. Security levels for EMRs when they are paper or cloud based are different. There are pros & cons to each. Yes a paper chart can be accessed without authorization or lost in a fire or flood, or carried to an unauthorized place--car, handbag, etc. However, all is not better with cloud-based EMRs, either. While laws govern how EMRs are operated, there are still gaps in security--the server side is pretty safe, where all of the laws operate. My anxiety is on the user end--having a password breached either by low-tech (over the shoulder) or high tech (keylogger) means which would then give a nefarious individual access to ALL of the records pretty easily including SS#s. Yikes! When we had old-fashioned chart rooms, it would be a LOT of work to open each individual chart and copy SS#s, for example. Now it can be done swiftly and privately. Plus, in the past, we could monitor the room with motion detectors & video if needed. Now it's all virtual. A password breach makes it REALLY EASY. The best solution I have seen for this is the RSA secureID token--random passkeys generated to log into the EMR along with individual PWs (this was at Vanderbilt Univ Med Center). Very safe. Problem #2: truly sensitive data. EMRs contain normal stuff like when Johnny got his last tetanus shot. However, in all of medicine but especially my profession, we are writing things into EMRs like, "having panic attacks b/c he's cheating on his wife," or "caught gonorrhea for the 6th time," or "really wants to come out of the closet because he's gay." Now add to that the fact that the patient could be a CEO or a politician or the local newscaster. Think of the most sensitive thing you've ever told a health care professional and ask yourself, "would I be comfortable with that info sitting on a server somewhere?" In addition, in big clinics or hospital systems, EVERYONE usually has access to this type of data. The number of people who have such access (legitimately, I might add), can surpass 10,000. If you answered yes earlier, are you still comfortable with it? Problem #3: the laws that govern PHRs are not as strong as those that cover EMRs. Therefore, it's a little bit like being a guinea pig to store info on a PHR right now. Notice how the heads of the MS and Google services say they are not subject to HIPAA regulations. If not, what are they subject to? Maybe we should wait until they figure this stuff out? In addition, any self-respecting PHR needs to have an easy "wipe entire account" option with DOD-level electronic file shredding. Let us keep in mind that the industry often shown as an example of online security is the banking industry. However, the banking industry eats the losses due to "virtual theft" to the tune of millions if not billions per year. The security of an entire medical practice's records is only as strong as the least experienced user who is faced with a phishing scam to steal a password. I guarantee that identity thieves (and future opposition researchers for presidential campaigns) will view EMRs as a target-rich environment. Do not get me wrong--I am an advocate of EMRs (I use Practice Fusion mentioned above) and like the idea of PHRs, but the devil is in the details. The issue of security (ask any veteran law-enforcement officer) is a constant struggle to thwart potential risks. The security of Americans' health information should be no different. As an FYI, my own "PHR" exists as PDFs stored in a Truecrypt-encrypted partition on the flashdrive on my keychain. VGT in NYC
Thanks Dana for continuing to cover the lack of effective use of EHR. My personal experience is that EHR are not shared at all, not even within the same network! Each office appears to have its own little PC, which steadfastly refuses to talk to any other PC! :( As you pointed out Dana, the bureaucracy?s response to HIPAA has been to put EHR into a ?Lock Box?, just to be original here. :) By the way, did the Veterans Health Administration get an exemption from HIPAA? I?ve read that veterans EHR are available at any VA facility. I?ve not seen much about EHR in the current Health Care debates; very disappointing. Having to repeatedly fill out the same history forms for every ?different office? visit is just absurd (not to mention annoying). Make that slightly different forms; there are no standard patient history forms, which would at least allow us to just bring in a copy of a previous filled out form(s). Ah, that would be too simple! :) But, there are clearly quality improvements associated with the sharing of EHR. Effective diagnosis is ?hit and miss?, without a patient?s history. And the expectation that a patient will know the details of previous diagnosis is a ridiculous notion; although it appears that the ?office staff? and doctors just assume that that?s the case! How many patients are familiar with medical terminology? I?m certainly not and, at 66 years of age, a number of trees have paid a price for my paper records. HIPAA takes care of the misuse of health records. What is badly needed now is a law making it mandatory that EHR are available where ever a patient happens to be admitted, as is the case for the VA health facilities. Or, lacking that, please-please, at least give us an easy way to find out which health care facilities (networks) share EHR. That would quickly force all the laggards to get on board; I know I would certainly avoid any facility that didn?t comply, if at all possible.
Health Banking is a good idea, but it has had trouble gaining traction in the market. It should also be added that EHR systems can also go into the cloud, as witness the recent deal between Practice Fusion and Salesforce.com, which the former describes as "the leading cloud application company."
Security is perception. If you think record are safe in a doctors office, you think again. Paper records can and are view by many people and sometimes these people that are not authorize. Paper records are carried in briefcases, left in cars, and at nurse station with no way to know who has been looking at them. Electronic records are carried around on PC by staff and are vulnerable to many intruders from different sources if not property secured. So, privacy and security, not so much. . A PHR (Personal Health Record) is your record to do as you will. If you want to store it on Google Health, MS HealthVault or on a napkin that is your decision. It is true that these two PHR are in the cloud (hosted client webapp system) but this has nothing to do with security or control. As with any system, security and control is based on the policies of the entity that you are using to store your records. Whether the entity honors those policies is a another story and must be controlled the same way banking or stocks are governed. Are PHR a threat to privacy? They are no more of a threat than any other record or information. It does depend on how it is managed and the policies to govern them. Again, this is about trust in the organization that is holding your records. As a person that has been working with cloud security for many years. It is very safe under the correct supervision and control. PHR services such as Google Health and MS HealthVault currently do not charge for their services so they will have to find another model to generate revenue. This is were there could be a problem with privacy and conflict of interest. My recommendation is Health Banking where the patient pays to store their records and they own and controls the use and access. Jeff Brandt CEO motionPhr for the iPhone and MyMobileMedBox for Android