As America’s healthcare industry scurries to transition from paper medical records to electronic counterparts and meeting the 2015 meaningful-use requirements, experts raise flags about the security and warn about the downside to moving into an all-digital system.
Electronic Health Records, or EHRs, are perceived as a method to enhance care and save billions of dollars in health costs, but doctors and advocacy groups have voiced concerns about the risks of exposing detailed personal health information.
These worries range from the accidental exposure of individuals’ medical history to doctors’ concerns about insurance and drug companies manipulating the records to affect decisions on patient treatment, The Daily Herald reported.
Also, one issue some highlight is the ramifications of leaked, personal information. When cyber criminals drain bank accounts, victims are often able to get their money back. But when the stolen currency is information, customers have little to get in return when their personal information has been exposed and their reputation ruined.
Nowadays, there is no shortage of news highlighting security breaches involving medical records. Privacy Rights Clearinghouse, which lists various types of breaches and impacted entities, reported that in November alone, there were at least 165 breaches concerning healthcare organizations, including hospices, hospitals, insurance providers and nursing associations. Breaches entailed anything from stolen laptops/portable media and hacking incidents, to misplaced/lost data and unauthorized access of medical records.
A report revealed that the cost of all breaches affected healthcare industry amounted to a staggering $6 billion, according to The Wall Street Journal, exposing millions upon millions of pages of personal information to cyber criminals zoning in on identity-theft opportunities and other illegal avenues to make money–even extortion attempts.
Last year, The Washington Post’s Brian Krebs reported how hackers broke into the Virginia Health Professions Database, deleted records on more than 8 million patients and replaced the site’s homepage with a ransom note demanding $10 million for the return of the records.
Health officials are cognizant of the privacy issue surrounding EHRs. Rex Cowdry, executive director of the Maryland Health Care Commission, told HeraldNet, “in the electronic arena, there is a need for more oversight and constraint.”
While the Department of Health and Human Services continues to take steps in bringing America's health records into the 21st century, there is the promise of improved and more efficient healthcare for Americans. But the most important question remains: Will there be enough time for security to catch up? National Health IT Coordinator Dr. David Blumenthal and Georgina Verdugo, director of Office for Civil Rights at HHS, seem to think so, but they also recognized the vital issue of winning the citizens’ trust in the privacy matter.
“Our nation is poised to harness the power of information technology to improve healthcare,“ the duo wrote on the HHS blog. “Transforming our healthcare system into a 21st-century model is a bold agenda. As we enter into a new age of electronic health information exchange, it is more important than ever to ensure consumer trust in the privacy and security of their health information and in the industry's use of new technology.“