Can Electronic Medical Records Be Secured?

Can Electronic Medical Records Be Secured?
Can Electronic Medical Records Be Secured? 

By Mitch Wagner
December 5, 2009 

While electronic medical records promise massive opportunities for 
patient health benefits and reductions in administrative costs, the 
privacy and security risks are equally huge.

The Obama administration has set an ambitious goal--to get electronic 
medical records on file for every American by 2014. The administration 
is offering powerful incentives: $20 billion in stimulus funds as per 
the American Recovery and Reinvestment Act (ARRA) of 2009, and stiff 
Medicare penalties for healthcare providers that fail to implement EMRs 
after 2014. 

EMRs offer tantalizing benefits: Improved efficiency via the elimination 
of tons of paper files in doctors' offices, and better medical care 
through the use of the same kinds of database and data mining 
technologies that are now routine in other industries. One example: EMR 
systems can flag symptoms and potentially harmful drug interactions that 
busy doctors might otherwise miss.

But the accompanying privacy and security threats are significant. When 
completed, the nation's EMR infrastructure will be a massive store of 
every American's most personal, private information, and a potential 
target of abuse by marketers, identity thieves, and unscrupulous 
employers and insurance companies.

Regulators are attempting to craft rules that would unlock the benefits 
of EMRs while protecting Americans from the security risks. Healthcare 
IT pros will be required to implement systems and business processes 
that conform to these regulations, or face lost funding, institutional 
fines -- and, in some cases, personal criminal penalties.

The new regulations come as the healthcare industry faces big privacy 
problems, going back years. In 2003, a medical transcriptionist in 
Pakistan threatened to post patient records from the University of 
California San Francisco's Medical Center on the Internet unless she was 
paid for her work for a transcription service company hired by the 


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 

Site design & layout copyright © 1986-2014 CodeGods