The Creative Destruction of Medicine by Eric Topol

Author:Eric Topol
Language: eng
Format: mobi, epub
Publisher: Basic Books
Published: 2011-12-15T21:00:00+00:00

PRIVACY AND SECURITY OF THE DATA

Beyond financial considerations and lack of confidence that going electronic will fix the problem with medical errors, the issues of privacy and security represent significant concerns. At least 80 percent of Americans fear that their health data could be stolen, used fraudulently, or abused for marketing purposes. The possibility that hackers could get access to the medical data for any individual looms large, especially when there have already been examples of unintended breaches of data security from a stolen laptop computer with personal health data on 300,000 individuals and a burglarized hard drive with data from almost 200,000 people. There is also the worry that employers or health insurers would get access to the data and use it in a discriminative or exploitative fashion. 51

The basis for comparison is paper records, which are much less apt to be lost to a large-scale breach of security or an electronic “phishing” scheme.52 But a single individual’s medical record is relatively easy to access, and there is no way to tell if the record has been read or copied. An EHR’s metadata—the data of the data, in the form of tags or descriptors for different data elements—serves as a permanent electronic footprint that can track when and where a record has been accessed or modified.53 It can also enable partial transmittal of the information in an EHR. For example, if you are brought to an emergency room, should the hospital have complete access to your medical information? If you have a history of mental illness, should that data be accessible? Are the data for certain conditions like diabetes fair game but other information on previous cancer to be withheld? If other physicians are consulted in your care, should they have complete or partial access to your EHR? If you go for a second opinion, do you want that physician to know the first opinion?

Besides customization of the data flow, the tagged data elements and metadata properties are essential to building optimal privacy and security. The patient information data elements are encrypted or unreadable, when stored or transmitted, and ideally not ever stored on the same computer system as the one that holds the encryption key. The metadata and the patient data itself are inseparable and are typically protected by a digital signature. To maximize security, accessing the data can require two-factor authentication, with not only a password but also a smartcard, physical credential, or biometrics, such as a fingerprint. Predetermined customized authorization by the patient and extensive audit processes are further safeguards that are part and parcel of secure HIT systems.54

Ironically, although EHRs are felt to diminish medical errors and reduce the liability of malpractice, the metadata feature can also be seen to facilitate malpractice claims.55 The recording of all electronic transmissions from the input of medication or other orders to time stamps of activity creates discoverable evidence and can be used to establish a doctor’s culpability. If the EHR was modified at a later and inappropriate time after the treatment was rendered, this can be tagged and used against the physician.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.