National Health Database: Good Medicine Or Privacy Nightmare? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Electronic Health Records

National Health Database: Good Medicine Or Privacy Nightmare?

State health information exchanges could eventually pool patient data into a vast national database, but privacy advocates have significant concerns.

Healthcare IT Cloud Safety: 5 Basics
Healthcare IT Cloud Safety: 5 Basics
(Click image for larger view and slideshow.)

State health information exchanges could one day connect, compiling patient data into a vast national database.

Such a centralized repository of information won't necessarily result from a request for proposal and years of integration work. Rather, it's probably starting right now, as states create health information exchanges that ultimately will connect, allowing professionals from throughout the country to access records regardless of location or insurance plan.

Advocates argue that creating a centralized storage center makes sense medically. Patients located on the West Coast, for example, could get treatment from specialists in Boston, assured that clinicians can access their complete and current healthcare information. Patients would no longer spend hours completing duplicate forms for each individual clinician since every provider's office could access all patient records. Risks and costs would drop as test results and other medical information become available nationally.

[Has your organization taken these steps to bolstering security? See 10 Ways To Strengthen Healthcare Security.]

Earlier this year the Office of the National Coordinator (ONC) for Health Information Technology (HIT) unveiled its 10-year interoperability plan, which aims to improve care, cut costs, and enhance patient engagement by enabling government agencies to access patient data from a broader spectrum of providers.

"There is no better time than now to renew our focus on a nationwide, interoperable health IT infrastructure -- one in which all individuals, their families, and their healthcare providers have appropriate access to health information that facilitates informed decision-making, supports coordinated health management, allows patients to be active partners in their health and care, and improves the overall health of our population" the report says.

Access to patients' records regardless of their hometown or primary physician would reduce the number of accidental deaths related to medical errors, said Stephen Cobb, senior security researcher at ESET North America. In 2013, between 210,000 and 400,000 patients in the US died as a result of medical errors, according to the Journal of Patient Safety, with serious harm 10 to 20 times more likely to occur than lethal harm.

"If we had better... access to data, we could solve these [problems]," Cobb said. "Imagine if you were able to [swipe] an unconscious person's fingerprints and pull up the person's records to find they're allergic to latex or penicillin."

On the other hand, the Citizens' Council for Health Freedom argues that centralizing the nation's patient records is dangerous and intrusive. EMR benefits are negligible and unproven, countered Twila Brase, the organization's president and co-founder, and the risks far outweigh any rewards.

"Our government is funneling billions of dollars into systems that will dump all of our private medical records into one giant hub -- accessible by many," Brase said. "The government is touting these procedures as ways to streamline patient care, but they're actually an attempt to capture and store Americans' private medical data and share it with agencies that have nothing to do with health care."

Critics of a national health database worry about where this data will be stored, how it will be used, and who will have access to the information. Despite laws that protect individuals from discrimination due to medical condition, and insurers' inability to ban coverage because of prior medical conditions, skeptics of a nationwide health database fear misuse, abuse, and theft of these personal records. They suspect companies will profit

Alison Diana has written about technology and business for more than 20 years. She was editor, contributors, at Internet Evolution; editor-in-chief of 21st Century IT; and managing editor, sections, at CRN. She has also written for eWeek, Baseline Magazine, Redmond Channel ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Page 1 / 6   >   >>
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
8/26/2014 | 3:36:11 PM
Consider the source
This "Citizens' Council for Health Freedom" is nothing more than a front for factions that want to undo the ACA. They probably also worry about alien abductions and Sharia law being established in Iowa. 
impactnow
IW Pick
100%
0%
impactnow,
User Rank: Author
8/26/2014 | 3:39:03 PM
Safety and security

While I see the benefits of such a system the issues around privacy and security are tremendous. Having universal access to medical record by thousands of medical professionals is great but also very dangerous. It's currently happening at the drugstore clinics like Walgreens and CVS without many even knowing that their medical records are available in their local drugstore. There is so much sensitive data in a patient's medical records the access at so many points is still unnerving.

Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/26/2014 | 3:46:51 PM
Re: Consider the source
Not every organization that wants to do away with ACA is filled with wingnuts. This group does. however, seem to have its share of conspiracy theories but on the other hand, it makes logical sense that we are moving toward a time when all state's HIX networks will interconnect and either become one database (unlikely) or accessible from anywhere in the country (very likely, IMHO). The ONC said as much and some privacy advocates are concerned -- which has some merit, i think. I do, however, believe the benefits far outweigh any risks. Any time there's change, especially change regarding storage and access to personal information, you're going to have a hue and cry and lots of worry. That's a good thing. It helps stop worst-case scenarios, I think!

Last year a friend had a stroke while driving solo in California, far from his east coast home. It took EMTs forever to figure out his medical information because he couldn't talk (he has, thankfully, improved since then). Had they been able to simply plug in his name and DOB or license info and learn his conditions, treatment would have been faster -- and better. 
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
8/26/2014 | 3:56:38 PM
Re: Consider the source
Absolutely there are privacy and security risks, as there are any time PII is out of the owner's direct control. My point was that groups with the end goal to kill the ACA have zero incentive to help figure out how to offset those risks. In fact, a breach plays into their agenda. Having them as part of the conversation pretty much guarantees that no solution will be found, because they don't want one.
asksqn
50%
50%
asksqn,
User Rank: Ninja
8/26/2014 | 7:10:17 PM
Another Epic Government Fail to Screw Americans
You mean instead of having my confidential EMR hacked while stored at the local HMO I can now have it hacked by international criminals?  Sign me up, Obama.  What a brilliant plan!
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
8/26/2014 | 9:39:36 PM
Re: Another Epic Government Fail to Screw Americans
@asksqn: The hacking is inevitable. This is one of those scenarios where it's fitting to ask, in a voice dripping with sarcasm, "what could possibly go wrong?" As a patient whose medical records span multiple states due to the need for specialists and a cross-country relocation, I can see the value in interoperability and shared information. At the same time, I agree it just makes it that much easier for my information to be accessed. I think for now I'll choose the inconvenience that the lack of shared data means for me as a patient...
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
8/26/2014 | 9:42:27 PM
Re: Safety and security
@impactnow: Yikes! our pharmacy records are in the hands of retail national operations already...thanks for giving me something else to lose sleep over.

Have there been any major hacks (yet) at these pharmacy chains that you're aware of? They'd seem to be quite a likely target.
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
8/27/2014 | 9:34:02 AM
Re: Safety and security
I agree @impactnow. While I absolutely love the idea of having a connected, national healthcare system that will allow for the sharing of records between agencies, the reality is that the more providers and other utilizers of the data (such as pharmacies etc), the more points of entry we have into this system. This is especially worrisome since if the proper controls aren't even in place on the government side, how can we expect these other agencies to have the right controls to protect user data.  Could you imagine if healthcare records were breached at the retail level?  In order for a system like this to work, the security and privacy policies must be enforced on all levels, not just the government end.
M2SYS
50%
50%
M2SYS,
User Rank: Apprentice
8/27/2014 | 10:07:33 AM
Interoperability is positive, but accurate patient ID is the linchpin
Great post Alison. We consistently hear about the positive effects of establishing state and national HIEs and the benefits which could be derived from these repositories to advance both individual and population health. However, the one key linchpin to the success of any HIE or interoperability initiative is the ability to accurately identify patients and match that identity with a unique medical record. The horrors of dduplicate medical records and overlays put into question the data integrity of certain healthcare providers, some of which have proactively adopted more modern technologies (biometrics for example) to accurately identify patients which drastically improves data integrity and practically eliminates duplicates, and others who still rely on older, antiquated methods of identifying patients. You would most likely feel much more confident in the integrity of health data if a patient's identity is not only accurate, but you know that there aren't any duplicates or overlays that exist for the patient to ensure that the medical data you see is accurate and there isn't any additional information that may exist. We always have believed that when it comes to HIEs, interoperability, etc. the industry is very much putting the cart before the horse in terms of securing technology that has the ability to offer near 100% patient identfication accuracy. 
progman2000
50%
50%
progman2000,
User Rank: Ninja
8/27/2014 | 10:30:57 AM
Sounds like a fairy tale more than a nightmare
It's hard getting a couple of hospitals to share patient information.  Having a true unified National Health Database sounds like something that will never happen.  On paper the benefits probably outweight the risks, but, yes, given the security involved I'd say the risks are probably pretty large.
Page 1 / 6   >   >>
Slideshows
Reflections on Tech in 2019
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  12/9/2019
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll