Reproduction permitted for personal use only. For reprints and reprint permission, contact email@example.com.
- Is America rushing into the adoption of electronic medical records and patient data exchange without enough concern for data security?
The question has been raised on many fronts, including the Congress, where some bills seek to provide incentives to encourage the adoption of interactive personal health records, and others that raise privacy concerns are construed as a barrier to the adoption of EMRs.
Moreover, headline-grabbing data breaches in both the public and private sector are still fresh in the public's mind.
As healthcare institutions in both Madison and metropolitan Milwaukee try to develop a framework for patient data exchange, we put the "rushing into" question to attorneys who practice in the healthcare sphere.
Attorney David Hanson, a partner in Michael Best & Friedrich
and chairman of its healthcare practice group, noted there are people in the health field who think the industry already is spending too much time and money on patient data security - thanks to regulations like the Health Insurance Portability and Accountability Act.
In addition to HIPAA, most states, including Wisconsin, already have patient confidentiality regulations in place.
That backdrop doesn't change with the advent of shared medical records, Hanson stated.
Carrie Killoran, a partner in Michael Best's healthcare practice group, where one of her areas of emphasis is patient confidentiality, said healthcare providers are mindful of security concerns and regulations. The issue boils down to the context in which they are willing to share patient data, and which data sets should be shared.
Rather than a rush to adoption, Killoran said privacy concerns have delayed the implementation of EMRs. They aren't rolling them out as fast as clinicians would like, she said.
Before any additional laws and regulations are adopted, she said health providers would like to see the HIPAA framework fully implemented and get a sense of how it's working.For the record
The risk (and benefit) of electronic medical records is in the ease of data transmission and the ease of access to records, Killoran said. With paper records, it may be easier to notice the inappropriate use by healthcare employees, but with the audit trails that are built into electronic medical records, no eyewitnesses will be necessary. She views audit trails as another layer of protection that ensures proper record handling because employees in the health industry have been terminated for improper access and use.
The most likely breach, she said, would not come from a hacker or another type of cyber criminal, but an employee who uses a record in an inappropriate way, or one who gets careless and misplaces or has stolen a laptop or handheld device.
Michael Best has had clients that fired employees for record-handling infractions, and obedience to medical record protocols are written into employee job descriptions and is part of the individual performance evaluation.
Sometimes, there isn't enough trust between healthcare institutions.
What healthcare clients are concerned about is making the records accessible to another entity at which they have no direct control, and whose processes and record-keeping may not be as good as theirs, Hanson said. That's why you need to have at least minimal standards for all.
Hanson said Wisconsin has a different healthcare market in some respects. It has large health systems and large clinics that allow the group to establish a model for smaller hospital or medical groups with which they interact. The structure lends itself to synergy between smaller and larger practices, and Killoran said the expense of implementing EMRs might be the incentive independent physicians need to join larger health systems.
The need to have an EMR and the capital investment required may cause smaller physician providers to affiliate with a large health system, she said. It might reduce the number of independent practices.Related stories
Visions: Wade offers straight talk on e-medical records
Wisconsin firms pledge to support healthcare IT standards
Yasnoff: Wisconsin should invest in health record bank
Doyle seeks $30M for e-medical record adoption
Lt. Governor Barbara Lawton: Impact of e-medical records will be felt at home