Electronic Medical Records: Will Your Privacy Be Safe?

When computerized health information floods the ether, current confidentiality rules won't work.

By + More

By Bernadine Healy, M.D.

Doctors are supposed to be nosy. It's not just that they examine your naked body inside and out and record all its imperfections. Physicians are trained to peer into your life, past and present, and ask all sorts of sensitive, if not uncomfortable, questions. Have you ever used marijuana or cocaine? How about steroids? How many sexual partners? Ever had a sexually transmitted disease? An abortion? Had sex with the same sex? How much do you smoke or drink? Have you used Botox or had plastic surgery? Have you been depressed or been treated for mental illness? And how about your marriage—or marriages?

You get the gist; the experience is intrusive. But the doctor-patient relationship was never meant to be other than confidential and privileged and solely for the benefit of the patient. Patients expect it, or they would not be forthcoming. And doctors take the Hippocratic oath, pledging to hold sacred their patients' secrets. This pledge of confidentiality, however, is now challenged by a world where computers rule and health information falls into many hands. One might well ask whether medical privacy is just too outmoded a concept for today's information-hungry world.

We had better decide. Electronic medical records have become a national goal, a way to replace the highly fragmented and inefficient paper system used in most medical settings today. President Obama has made revamping the medical system a top priority, with the national electronic medical record first up in healthcare reform. Indeed, the economic stimulus package assigns billions of dollars to that effort. In light of public sensitivity, this major jump-start for centralized records comes with provisions to further strengthen privacy laws.

However much we Facebook or Twitter about personal stuff, the public remains jittery about losing control of personal health information. Americans treasure their zone of privacy, and polls show they fear that government does not protect nearly well enough the medical information it already accesses. Clearly, once sensitive information is out there, it can't be brought back.

Look at Alex Rodriguez. A breached pledge to keep confidential those urine tests for steroids taken in 2003 has left his career a shambles, and 103 other players are waiting for their results to be leaked to the press, too. Their past transgressions notwithstanding, more than 1,000 ballplayers consented to these tests back then, with the understanding that results would be anonymous. The findings were to be destroyed after the league assessed the magnitude of the problem. (In a similar design years ago, anonymous HIV testing studies helped reveal the size of the AIDS epidemic.) The players' data led to what are now stringent drug testing and penalties, as there were none at the time.

It's easy to translate this situation to a violated personal medical record or, on a larger scale, a research study. Imagine if researchers culled the national health record for information on sensitive groups, whether they be HIV carriers or illegal-drug users. If one of the subjects in the study were under government investigation, might not the other records be sucked up in a sting? Not too far-fetched.

The Institute of Medicine issued a report on privacy of medical records in early February that fuels this concern. The IOM started with the premise that protections for electronic medical records are a must, because the benefit of health IT is so great. The records will speed up access to a patient's health information, cut down on redundant care, and reduce medical errors. Access to the online digital record by researchers also means massive medical databases can be searched, shared, analyzed, and drawn upon. Epidemiological research would be carried out on a scale never before imagined, to improve care, develop better practice guidelines, and determine cost-effectiveness.

Recognizing the importance of the public's confidence in the sanctity and confidentiality of medical records, the IOM came down hard on the current privacy protections that are supposed to ensure this. The group concluded that government rules to protect patients' medical records are simply inadequate. At best, they should be scrapped—or overhauled, at the very least. The report also points to the many security breaches of medical record databases, covering tens of thousands of patients, that have occurred in the past two years, and cites this as a growing problem.

Lack of confidentiality protections for a far more extensive national online record system would surely cause major unrest among most Americans. Despite its shortcomings, the paper record distributed across hospitals and doctors' offices has a limited ability for wide dissemination. A centralized, integrated, electronic record with access to all Americans' files would not only contain more information, but its potential distribution could be measured in the millions, not just the few who could lay their hands on a chart. Would most of those unauthorized eyeballs be gazing for the patient's benefit? Don't think so.

One thing that the IOM calls for is an audit trail of just who accesses online records. In fact, there is no reason that patients themselves should not know who's seen their records, rightly or wrongly, here or elsewhere in the world, where records are now outsourced for insurance review. It's also unseemly that marketers can buy pharmacy information about patients, so they can send them illness-specific advertising, and questionable that insurance companies should send patients mailings that suggest they take a medicine other than the one their doctor has ordered.

Complacency on the part of government about going after violations of medical privacy has stirred up patient concerns. So has the lack of informed consent when researchers use patients' records for studies. Some have complained it's almost impossible to correct mistakes once an electronic record has been created. And if patients visit their doctors imagining that the medical information they provide, which is being typed and sent into a centralized national medical record system before their eyes, might be seen by their employer or just some busybody, they will no doubt be tempted to hide things.

The feds' clout and resources will make the national medical record happen. But to ensure that that record is an accurate and sturdy backbone of a more efficient, safe, and accountable health system, patient privacy is paramount. And now is the time to admit that protecting privacy has not been one of our nation's strong suits.