Privacy Risks of Interoperable Electronic Health Records: Segmentation of Sensitive Information Will Help

Privacy Risks of Interoperable Electronic Health Records: Segmentation of Sensitive Information Will Help

At the turn of this century, as the United States began shifting from paper to electronic health records (EHRs), the new records were touted as promoting improved care, efficiency, patient safety, and patient participation in their own health management. EHRs were said to have several highly valuabl...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:The Journal of law, medicine & ethics medicine & ethics, 2019-12, Vol.47 (4), p.771-777
Hauptverfasser: Rothstein, Mark A., Tovino, Stacey A.
Format: Artikel
Sprache:eng
Schlagworte:
Application programming interface
Archives & records
Beneficiaries
Bioethics
Caregivers
Childrens health insurance programs
Coordination
Electronic health records
Emergencies
Federal government
Health care industry
Health care policy
Health services
Health technology assessment
Hospitals
Information technology
Interoperability
Medicaid
Medical records
Medicare
Participation
Patient safety
Patients
Privacy
Rules
Software
Statutes
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:At the turn of this century, as the United States began shifting from paper to electronic health records (EHRs), the new records were touted as promoting improved care, efficiency, patient safety, and patient participation in their own health management. EHRs were said to have several highly valuable characteristics, including that they are comprehensive (capturing substantially all of a patient's clinical encounters in the health care system), longitudinal (capturing health information from cradle to grave), and interoperable (permitting access for viewing and uploading new information from multiple locations).1The promise of interoperability was a significant justification for the effort to switch from paper records to EHRs. Interoperability meant that (1) patients, caregivers, and providers would be relieved of the burden of providing or obtaining repetitive health histories for each new patient-provider relationship; (2) costly and onerous duplicative tests, imaging, and diagnostic procedures need not be repeated; (3) more efficient coordination of care and health benefits would be possible; and (4) complete health records for treatment in emergencies could be accessed in real time from distant locations.2By 2015, encouraged by $35 billion in federal financial incentives from the Health Information Technology for Economic and Clinical Health Act (HITECH Act),3 78 percent of physicians4 and 96 percent of hospitals5 had an EHR system certified by the Department of Health and Human Services (DHHS). Although EHRs were, to a degree, comprehensive and longitudinal, they were generally not interoperable, owing to incompatible software, access “blocking” to protect the proprietary interests of EHR vendors and health care providers, and the federal government having other regulatory priorities.By 2019, federal regulatory priorities had shifted, and the Centers for Medicare and Medicaid Services (CMS) of DHHS published a proposed rule to establish standards for interoperability.6 As discussed below, the proposal goes into great detail about the technical aspects of interoperability under various federal statutes and programs. Nevertheless, the proposed rule astoundingly fails to address the significant risks to health privacy posed by interoperable EHRs. This article analyzes one of the key privacy risks, interoperable comprehensive records.
ISSN:1073-1105
1748-720X
DOI:10.1177/1073110519897791