Are Electronic Records Too Much Risk?
Two doctors recently spoke out about possible EMR privacy loopholes; the issue drove one doctor to withdraw from the Medicare program and Yale Medical Group over fear that her patients’ privacy was at risk. Both doctors are concerned about the number of people who can access patient records due to the implementation of EMR — electronic medical records — across the nation.
One physician shared a story about her patient. She treated the woman for a sensitive condition. Later, the woman visited a dermatologist, and that physician had access to all her previous records. The woman was understandably upset — patients share information with single medical providers in confidence without realizing an entire network of providers and employees may have access to the information.
Medical Identity Theft and EMR Privacy Loopholes
Outside of the discomfort of very personal information being shared across provider networks, EMR privacy loopholes may increase the chance of medical identity theft. Records that include personally identifying information such as full name, address, social security number, and date of birth are viewable by dozens, if not hundreds, of employees in a doctor’s office, hospital, or insurance center. It only takes one employee willing to risk illegal action to collect data and sell it to fraudsters.
Certainly, the risk of medical identity theft isn’t new. In the past, however, records were finite. They existed in hardcopy form at the physician’s office. Limited access meant limited potential for criminal activity. Today, records can be viewed by multiple people at a time and downloaded with the click of a button.
Benefits May Outweigh Risks
On the other side of the argument are doctors and others who argue that the benefits of EMR systems outweigh security risks. EMRs make it easier for providers to work together to provide optimal treatment for patients; they’ve also been shown to reduce errors and increase efficiency in offices. Due to federal mandates, EMRs are definitely here to stay. That means patients and providers must work together to close security gaps and maximize benefits.
What do you think of these EMR privacy loopholes?