February 12, 2013

Public Acceptance Stopped by Data Theft Fear of EHRs

Electronic health records (EHRs) are not gaining the acceptance and fear about the security of personal data is at the head of the list. This is as it should be. Most records are not as secure as claimed, contrary to information technology (IT) assurances. Yes, patients are right to worry about the theft of medical and personal information on electronic healthy records. Even though more than half of the nation's office-based physicians are using EHRs, a survey conducted by Harris Interactive for Xerox found that 63% of American patients have a fear of hackers stealing their personal medical data.

About half of the USA population says they are worried that their digitized health data may be lost, damaged, or corrupted. They also worry that a power outage or computer crash could prevent their doctor from accessing their chart during an appointment. The survey shows that the anxiety about digitized health records has increased over the years as more records are converted from paper to computers.

When it comes to people answering straight up questions, only 26 percent of Americans will say “yes” to wanting their medical records digital. In addition, when it comes to believing they will obtain better, more efficient care, the same percent – 40 percent, agreed in both 2010 and 2012. This does not speak for positives in peoples attitudes about EHRs.

Well, people need to be concerned as the number of electronic medical records being broken into keeps rising and thieves are finding it lucrative. In an article in Computerworld, the author reports that in the past three years. About 21 million patients had their medical records compromised in data security breaches that were big enough to need to be reported to the Department of Health and Human Services (HHS), the Office of Civil Rights (OCR).

The breach notification and reporting is part of new rules under the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009. The rules not only require the public reporting of breaches but also increased penalties for violations of the Health Insurance Portability and Accountability Act (HIPAA), which requires organizations to safeguard patient information.”

Much of the data could be protected by encryption and by other means, but most records are not because of the perceived cost. Eventually, physicians, hospitals, and insurance companies will learn the true cost of unprotected records.

No comments: