Electronic Health Records: Are They Worth the Risk? October 18, 2009 Health care is a hot topic in today’s society- everything from reforming the industry so that people are not denied health coverage to finding ways that patients’ medical records can be accessed electronically for more convenience. Moreover, epidemics such as HIV/AIDS spotlights the issues surrounding public health agencies use of maintenance and storage of electronic health records (EHR).
Myers, Frieden, Bherwani, and Henning (2008) state that although there are security breaches when personal health information is stored in electronic form, the data can be better secured than paper records because authentication, authorization, auditing, and accountability can be facilitated. Within the article, Privacy and Public Health at Risk: Public Health Confidentiality in the Digital Age, the authors concluded with the belief that individuals will be more comfortable with providing their personal health information if they have the confidence that their information will be protected (Myers et al. 2008). With heavy push by health major health agencies to have a national electronic health records database, raises one question: Are electronic hearth records really worth it? According to the authors, health agencies should work with law and information technology professionals to assess possible threats, implement policies, train staff, and develop engineering measures to protect consumer health information. By tightening the physical and electronic controls, health agencies can prevent misuse of data and minimize the risk of security breaches, while they maintain their reputation and integrity.
Buell (2009) agrees with the authors by stating that electronic health records offer significant benefits to patients and physicians by having a unified patient record across all components within hospitals, medical groups, and ambulatory settings. He also states that in order to achieve this goal requires strategic planning, which will involve selecting an EHR vendor, redesigning workflows, training staff, identifying risks and addressing them. While electronic health records are seen as tool to better manage health care, there are those who believe that there are risks in associated with the technology.
Atherley (2009) argues that in pushing electronic health records on the public there are risks that are being ignored. He believes that with so many other forms of technology used in health care, that health records have risks that must be acknowledged, researched, and confronted. With so much information on many patients, a secured system of checks and balance system in place so patients and physicians feel that privacy is being met. Atherley (2009) again states that the risks of electronic health records arise because of the need to accurately identify the individuals to whom the electronic health records relate.
For example, people with the same or similar name receiving various treatments are prime targets for hackers whose purpose is to commit identity theft. By centralizing the storage of personal data such as electronic health records, makes possible for scammers who are in the business of stealing peoples’ identities (Atherley, 2009). The issue of databases being hacked into and identities poses major concerns for patients and another problem with transitioning to an electronic health records system. Patients may be reluctant to give up their information so that it can be put into an electronic database because of risk of keep it private.
With employees and government officials that who use electronic health records to make decisions about patients have the information databases at their jobs are many times accessible by their laptop and this makes patients very uncomfortable about the their records. McGraw, Dempsey, Harris, and Goldman (2009) agree with this concept by stating that it is important for the government and health agencies to respond to privacy and security risks, not just to build trust and avoid embarrassment, but because good health care depends on it.
Without measures in place to protect their information patients will refuse to give out their information to protect themselves. The Health Insurance Portability and Accountability Act of 1996 hinders the comfort ability of having electronic health records because the current regulations does not apply to the businesses from the outside the health care industry that are now handling health information. Even if HIPAA’s rules was strengthened, they would not be well suited to the new businesses because the privacy principles in the framework are too broad to work across platforms and business models (McGraw et al. 2009). In conclusion, the government and health agencies are always in battle when the issue of protecting sensitive information especially consumers’ private information. Informational systems that manage and hold electronic health records are being updated with security measures so that the information is protected. The authors’ do realize that the government and health agencies are always in an up-hill battle when it comes to the rights and privacy of individuals. With new technology emerging daily, there will be enhancements in the transmission and storage of electronic health records.
By developing staff skills and the ways information is acquired, used, maintained, and stored, and shared the government and health agencies can cut down on the risk. Also, it helps that the President wants this component of health care reform to work and supports the idea of having electronic health records (Anonymous, 2009). The President’s administration has committed to almost $40 billion toward funding for health care reform and the conversion from paper records to electronic records are included (Agarwal, Milch, & Van Kuiken, 2009).
The “heavy” investment in electronic health records has been made so they are worth the risk with the backing of the President. References Agarwal, S. , Milch, B. , & Van Kuiken, S. (2009). Health care: Taking medical records online. The McKinsey Quarterly, (3), 56. Retrieved from http://proquest. umi. com. ezproxy. umuc. edu/pqdweb? did=1811083261&Fmt=7&clientId=8724&RQT=309&VName=PQD Atherley, G. (2009). The risks of electronic health records. Fraser Forum, 29-34. Retrieved from http://proquest. umi. com. ezproxy. umuc. edu/pqdweb? id=1798156131&Fmt=7&clientId=8724&RQT=309&VName=PQD Buell, J. (2009). Electronic health records. Healthcare Executive, 24(5), 8. Retrieved from http://proquest. umi. com. ezproxy. umuc. edu/pqdweb? did=1850912201&Fmt=7&clientId=8724&RQT=309&VName=PQD McGraw, D. , Dempsey, J. , Harris, L. , & Goldman, J. (2009). Privacy as an enabler, not an impediment: Building trust into health information exchange. Health Affairs, 28(2), 416. Retrieved from http://proquest. umi. com. ezproxy. umuc. edu/pqdweb? did=1672025261&Fmt=7&clientId=8724&RQT=309&VName=PQD