The health record is an essential component of quality healthcare. The health record stores and document information pertaining to the medical services rendered to patients from past to present visits. Health records can be viewed as a platform for the oncoming physicians and medical staff to view patient information to see who the patient is, why they seek medical attention, and what medical services had already been administered. This is considered a primary purpose of the health record.
Secondary medical record uses are not directly related to encounters between the patient and healthcare professionals. Education, research, and policy making would be examples of secondary medical record purposes. For secondary uses the information contained in medical records can be used for a number of reasons. Medical records are often used in court litigation, for clinical research as well as to monitor trends in public health. With access to medical information available to so many entities it raises questions as to how protected and confidential this information really is.
In an attempt to maintain the privacy and confidentiality of medical information the Health Information Portability and Accountability Act (HIPAA) was established in 1996. HIPAA is a set of national standards created to protect confidential medical information. It was designed to give patients more comfort and control over their information. HIPAA established regulatory limits and boundaries on the use and disclosure of health information. Civil and criminal penalties are imposed on those who violate the guidelines of patient privacy rights. Individuals are capable of controlling disclosure of their information and gain entitlement to know how their information is used.
Until recently there were some acceptions to the hipaa rule. There were many who had access to medical information that was not covered under HIPAA. This would include life insurance companies, workers compensation agencies, law enforcement agencies, research companies, welfare and social security administrations, etc. Under provisions of the American Recovery and Reinvestment Act, the reach of HIPAA would extend to these entities. The American Recovery and Reinvestment Act signed into law by the Obama administration also reiterated the need to transition from paper to electronic medical records. This transition was made a priority by the Bush administration in 2004. The ARRA allotted $20billion in funding to jumpstart the nationwide transition to electronic medical records. As a Health Information Technology specialist I encourage the transition but there are those who feel it puts privacy and security at more of a risk than ever before. There are also those who oppose for different reasons such as the doctors and physicians who have done things the old-fashioned way throughout their careers and may be considered victims of future shock. These doctors and physicians are not willing to adopt a new method of doing things and some are not tech literate. I feel that electronic medical records have many benefits. They provide benefits such as increased availability of shared health information as opposed to waiting for paper charts to circulate from one department to another. Faster treatment decreases prolonged suffering of patients, increase efficiency and in extreme cases where every second counts EMR’s can save lives. Electronic medical records may also send alerts to notify of medication times and give probability of drug reactions. Electronic records eliminate the need to clutter departments with tons of paper records by means of the super data warehousing of computers. In the case of natural disasters the medical information will be backed up and not lost in the rubble as would paper based records. Time is money and it is undeniable that electronic records save more time than paper based records so this benefits healthcare facilities financially as well.
There are many benefits but as in any new technology the transition to electronic health records raises some legit concerns. These systems do not come with a small price tag. A large percentage of healthcare facilities are slow to adopt electronic health records due to the startup and maintenance cost. There will also be the concern of training staff to operate these new systems. Physicians will in a sense have to learn data entry skills as well as treat patients. As stated earlier electronic health records will save time and some patients may feel that doctor visits have become less personal due to this. I will not be one of these people, let me get in and out when and if possible.
The issue that seems to loom when it comes to converting to electronic records is that of privacy and security. Some feel that digitizing all health information came leave sensitive medical information vulnerable to be hacked into or just vulnerable to some sort of breach. Lawmakers and healthcare executives cannot seem to agree on adequate safeguards to protect shared electronic data. This problem is not only a technical problem but it also raises political issues. The government has a vision of creating unrestricted sharing of healthcare information across a large network of facilities that have no affiliations to one another. To combat this issue the use of encryption by medical staff and insurers is being heavily considered. Patients must also be notified if and when their information is disclosed.
In the case of any sort of information breach the patient must be notified. It has been suggested that the government extend the reach of HIPAA to protect privacy of information shared among those who are not exclusive covered entities. Business associates must be regulated as well. Business associates are individuals who perform duties on behalf of a covered entity. Although they were not under the scope of HIPAA regulations directly business associates are bound by contractual agreement to protect personal health information. Business associates would be subject to whatever penalties are issued by breach of contract. Some feel as though business associates should be subject to the same civil and criminal penalties imposed upon violation of HIPAA privacy.
Currently suggestions on dealing with these privacy concerns is to allow the patient the power of consent. This would enable patient to give consent or reject consent as they feel the need to do so. Other solutions include regular audits and models for exchange of data. I personally feel that audit trails, encrypted access languages, and an extended reach of HIPAA would effectively safeguard shared health information. Audit trails are a method of tracking who has accessed the system and when and also tracks employee activity. These things may not completely eliminate all of the privacy concerns but they would help. I know that health information is sensitive material but you can set privacy standards on worldwide social networks. If we can control who sees our Facebook status amongst the billions of users then why can we not find a method to protect our medical information for the sake of an improvement in our healthcare system?

The Health (IT) Basics

September 5, 2010

      A clear lack of health information understanding is evident in the healthcare industry.  As a student volunteer of various medical records departments, I remember being quite baffled as to how easily talk of 5010 x12 transactions, ARRA, and HITECH provisions seemed to go over the heads of the staff.  Is this indication that the problem with health IT adoption lies beyond government incentives or confusion over meaningful use criteria?  Could it be that real health information expertise has been limited to decision makers only.  If this were the case then I’m afraid adoption of  EMR and other healthcare information technologies will continue to lag.  Maybe aside from simply presenting the benefits of EMR software to physicians and staff perhaps we should speak more of the bigger picture when trying to encourage the use of health IT.  The picture should paint the effort to reestablish the US healthcare system as one of the best in the world.  When medical data is made readily available (adhering to confidentiality policies of course) to be used in emergency situations at the point of care countless lives can be saved.  Eventually this could positively impact the modest life expectancy rate of 78.2 years old in the U.S.  The business world has become  increasingly accelerated by means of an IT infrastructure and it is proven that accurate data delivery at an increased pace will boost productivity.  wouldn’t the same be true of the current healthcare system?  Not to take away from the complexity of this transition but,…well  I guess I am trying to take away some of the complexity and  this begins by extending health IT education beyond boardrooms to all those who may usher in and utilize these new technologies on a daily basis.