Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

EHR Privacy Debate Heats Up

Soulskill posted more than 5 years ago | from the doctored-files dept.

Privacy 182

CurtMonash writes "The New York Times reports on President-Elect Obama's continued commitment to electronic health records (EHRs), which on the whole are a great idea. The article cites a number of legislative initiatives to deal with the privacy risks of EHRs. That's where things start to go astray. The proposals seem to focus on simply controlling the flow of information, but from a defense-in-depth standpoint, that's not enough. Medical care is full of information waivers, much like EULAs, only with your health at stake. What's more, any information control regime has to have exceptions for medical emergencies — but where legitimate emergencies are routine, socially-engineered fake emergencies can blast security to smithereens. So medical information privacy will never be adequate unless there are strong usage-control rules as well, in areas such as discrimination, marketing, or tabloid-press publication. I've provided some ideas as to how and why that could work well."

cancel ×

182 comments

Sorry! There are no comments related to the filter you selected.

HAY GUYS! (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#26514939)

r MM MM MMNMMMM MMMMMMMMM MMMMMMMMMMMMMMMM MMMMMM MMMNM MM M Fuck your mother and your father
r MrMrr'ro',oro',o',oro',o',oro',o',oro', ',oro',o',rrrrr@MM Fuck your mother and your father
rMMrWrM'ro',oro',o',oro',o',oro', ',oro',or,r'ro`rr7MrXrM Fuck your mother and your father
rM,rrrM'ro',oro',o', ro',o',oro',o',oro',or,r'ro',rrrrMrrBr0 Fuck your mother and your father
rMrWrrM'ro',oro',o',oro',o',oro', ',oro',or,r'ro',rrrWMrr0rMX Fuck your mother and your father
rM2rSrMr;r,rXi'ro',o o',o',oro',o',oro', ',oro',o',rrrM7rrii@ Fuck your mother and your father
rMSr@MMrX0'ro',oro',o',rrrrSrrrrr;i'ro',oro',o',rr rrrrMMrrMrM Fuck your mother and your father
rMWMMM'ror`rra0BMMMZo',or`rrXBrrSrrroMMMMMMMMMB'ro ',rrrMrrMrM Fuck your mother and your father
rMMrMMrrrrMMMMM MMMMMMMMMMr'ror`r:MMMMMMMMMMMMMMMMMWrrrMMrMiS Fuck your mother and your father
r MMM2rrMMMMM (o) MMMMMMMMMM rr XMMMMMMMMMMMMMMMMMMMMorBM:MX Fuck your mother and your father
r MMMrrMMMMMMMM MMMMMMMMMMMMM r MMMMMMMMMMMMMMMMMMMMMMrrMMMM Fuck your mother and your father
rMMZrrBMMMMMMMMMMMMMMMMMMMMMM r MMMMMMMMMMMMMMMMMMMMMBrrrrMM Fuck your mother and your father
rMrrrrMMMMMMMMMMMMMMMMMMMMMMM r MMMMMMMMMMMMMMMMMMMMMWrWMrrM Fuck your mother and your father
WMrrirMMMMMMMMMMMMMMMMMMMMMMM rM MMMMMMMMMMMMMMMMMMMM,rrrrrM0 Fuck your mother and your father
MXrrrrMMMMMMMMMMMMMMMMMMMMMM'ror` MMMMMMMMMMMMMMMMMMM'ror`rMM Fuck your mother and your father
MZrrrr7MMMMMMMMMMMMMMMMMMMM rrorZr MMMMMMMMMMMM MMMMMrrXrrrZM Fuck your mother and your father
MMrrZrrMMMMMMMMMMMMMMMMMM; rrMMrMMr WMMMMMMMM (o) MMrrarrrrM0 Fuck your mother and your father
rMrr,rrrrXMMMMMMMMMMMMM rrr:MMMrMMM:r MMMMMMMMM MMrrrr7rrrrM Fuck your mother and your father
rMM'ro',rrrr,M0'ro',rrrrr,,MMMBrMMMMr,rrrrZMMM:rrr raWrrrrrMM Fuck your mother and your father
r MrrrrriirXrrr7rrSr,2rrrrSMMMMrMMMM'ro',rrrrrr2:r'r o',rrrM Fuck your mother and your father
r MM'ro',oro',or,r'ror`r8:MMMMMrMMMMMr;rr;iio',or,r' ror`rMM Fuck your mother and your father
rr MM'ro',oro',o',rrrrrr;WMMMMMrMMMMMrM'ro',oro',o',r rroMM Fuck your mother and your father
rrrr MMM'ro',oro',o',rrrrrMMMMMrMMMMM'ro',oro',o',rrrXM MM Fuck your mother and your father
rrrr 0MMMMr'ror,r'ro',rrrrBMMM@rZMMM;'ror,r'ror`rraMMMM M Fuck your mother and your father
'ror` MMMMMMrMr,rr;'ror,r'ror`ri'ror,r'ror`rirrrrMMMMaMa Fuck your mother and your father
'ror` MrrBMMMMr2rZMrr@rrrrZ'ro',rrr,,rror'rrrMrr;M@rrrM Fuck your mother and your father
'ror` MMrrrM2MMM8MrrrZrrrXMrrrX,rrrrMorrrrrrrMMMM@rrrrM Fuck your mother and your father
'ror` MMrrrMrrrZMMMMMMMMMMMiMMMrrrrrWMSMMMMMMMrZMrrrrMM Fuck your mother and your father
'ror`r MWrrMMrrWrrXrrrMrrriMaXMMMMMMBMrSrr7rr:rMMrrrrMX Fuck your mother and your father
'ror`r MMrrXMM2MMrMrrrMrrr,rrrM' or`rrrrBraMBMrM2rrriM Fuck your mother and your father
'ro',rr M2rrMrr@rrMMMMMMMMMr rMrrMorMMrZMZMMr;MMrrrrMM Fuck your mother and your father
'ro',rrr MrrrMMM0rZrrrMr rMMB7MM2MMrMrrSrrrrrMWrrrrrM Fuck your mother and your father
'ro',rrr MrrrrrSMMMMWSMr rrirrMrrrarMrrrM:MMBrSrrrrMM Fuck your mother and your father
'ro',rrr MM'ro',rrr2XMMMWMMMM0MMMMMMMMMMMMrrrrrrrr2M Fuck your mother and your father
'ro',rrrr MMr:'ro',rrrrrr;rrrrr8'ro',oro',o',rrrrMM Fuck your mother and your father
'ro',rrrrr XMMM'ror`roaM'ror`rr, rrrr;;:'ror`rrMMM Fuck your mother and your father
'ror,r'ro',rr WMM'ror,r' or`rBrrMrr rao',or`rMMMr Fuck your mother and your father
'ro',oro',o',rr MMMr:rr,rrrrMorrXS2,rrrrrZMMMX Fuck your mother and your father
'ro',oro',o',rrr rMMMZMMrrr;rrrrBrrrrrrMMMM Fuck your mother and your father
'ro',oro',or,r'ror` irXS2MMMMMMB8ZMMMMX: Fuck your mother and your father
TROLLKORE HEAD, I'M IN YOUR BED and your father
I'M FIZZY FIZZY WIZZY, I'M OFF MY HEAD and your father

Re:HAY GUYS! (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#26514957)

Shittiest troll ever

0/10

sage (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26514989)

go back to 4chan faggot

Dangers of EHR (4, Interesting)

gravos (912628) | more than 5 years ago | (#26514975)

The danger of an Electronic Health Record is that it may perpetuate mistakes which of course do happen and any mistakes can carry on and lead to more problems. Sometimes for people with mental health problems, a diagnosis is made and then subsequently it's discovered that that was not the actual diagnosis. Having this kind of an electronic trail to follow you around forever could be extremely dangerous, in my opinion.

Re:Dangers of EHR (3, Insightful)

Wormholio (729552) | more than 5 years ago | (#26515095)

The danger of an Electronic Health Record is that it may perpetuate mistakes which of course do happen and any mistakes can carry on and lead to more problems.

It cuts both ways. With electronic records some cross-checks are possible, such as checking prescribed drugs for interactions, or perhaps even checking that the symtoms and/or treatment really match the diagnosis.

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26515099)

This will sort out pretty quickly when Obama's family and friends, or supermodels/celebs have their details splashed about.

So easy to dig around STD /Pregnancy tests, or when little daughter sought the pill.

Paper is vastly superior, privacy wise.

As stated, the minimum wage secretary, or virus infected machine, will ensure wholesale disclosure if there is a buck to be made.

Obviously life insurance and HMO's will be interested buyers.

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26515105)

As I see it, as long as the correction is in the chart too, that's a pretty good idea. Especially if you have one of those diseases that look like every other disease in the book ("It's not Lupus!") having a record of "nope, not that" helps any other doctor know what has already been ruled out.

Re:Dangers of EHR (2, Insightful)

FredFredrickson (1177871) | more than 5 years ago | (#26515351)

having a record of "nope, not that" helps any other doctor know what has already been ruled out.

Apparently you watch enough house to quote it, but not enough to know that a chart with records of what it's not will only make doctors less thorough! What if the test was done wrong? Do it again! "But we already did the test." Test again!

Re:Dangers of EHR (2, Insightful)

zappepcs (820751) | more than 5 years ago | (#26515977)

I absolutely agree. The point of getting a second or third opinion is not to have them use the first opinion in their diagnosis. Not even your auto mechanic should do that. If you take your car in and say it sounds like the transmission and all your mechanic does is check the transmission, he's a shitty mechanic.

Records are good, but they are of limited use for most people, most of the time. Sure that medica-alert bracelet is almost ALWAYS useful in medical emergencies, so would a bracelet with USB/MicrSD card attached, but the ER nurse really doesn't need to know you had crabs last year to set your broken bone.

Imagine you are walking across a big bridge during a rainstorm and get swept over the railing through wind and clumsiness. As you are being wheeled into the ER, that is exactly the wrong time for them to read that you once tried to overdose on aspirin 25 years ago, as a 14 year old. I know, bizarre example, but there are others. I want medical staff diagnosing my problem, not my record.

How long before DNA sequencing becomes cheap enough to quickly add it to your records? What are the dangers of that?

Re:Dangers of EHR (1)

LingNoi (1066278) | more than 5 years ago | (#26516091)

How long before DNA sequencing becomes cheap enough to quickly add it to your records? What are the dangers of that?

uh.. being able to see you might have a high risk of heart disease so checking that out first if you have such symptoms? possibly checking you for signs of cancer if you have a specific gene know to cause it so they will find it in early stages?

oh no, the horror?

That actually happened to me (0)

Anonymous Coward | more than 5 years ago | (#26516625)

that you once tried to overdose on aspirin 25 years ago, as a 14 year old

I tried to kill myself by taking 500 aspirin. But after the first two I felt better.

Re:Dangers of EHR (3, Insightful)

db32 (862117) | more than 5 years ago | (#26515127)

It also provides accurate records of those mistakes. The lack of medical information following you is going to be FAR more dangerous than a mistake in that record. Picked up on emergency? Can't talk? I hope you don't have any allergies or you could be killed by the response team. Heart condition, diabetes, etc... The number of circumstances where NOT having this information readily available is extremely dangerous outnumber your circumstances by a large factor. Nevermind that EHRs can be corrected and probably far easier than the existing mess of paper records.

In other news, going outside your house is extremely dangerous. For that matter, just staying inside your house is extremely dangerous. Driving to the store for food is extremely dangerous.

Re:Dangers of EHR (2, Insightful)

aethelrick (926305) | more than 5 years ago | (#26515347)

you are assuming that an EHR can be delivered to the emergency care professional in a form that actually helps them in an emergency. The key to this is patient identification which is hardest when your patient is sufficiently injured to be unable to tell you who they are, this coincidentally is also when they are least likely to be able to tell you about their allergies. In short, if your patient is able to tell you enough information about themselves to safely ID them in your EHR, my bet is that they can mention their "thingymycin" allergy. Where the patient is not conscious you have to go a long way to beat a bracelet attached to their arm with this detail on it. (no I don't work for medic-alert or similar, I'm an IT professional that spent the last seven years working on EHR systems)

Re:Dangers of EHR (1)

db32 (862117) | more than 5 years ago | (#26516183)

I agree. I think we have a long way to come on that portability piece. I work in healthcare IT and I don't think a day goes by that I don't want to do horrible things to our vendor reps just so they wind up in our hospital and suddenly have a vested interest in their systems behaving EXACTLY as advertised. That said, having been around elderly patients (which is probably the majority of any patient population), they tend to be far more likely to remember personal identification material rather than medical history stuff.

Re:Dangers of EHR (3, Insightful)

commodore64_love (1445365) | more than 5 years ago | (#26515595)

Read the stories who have had their Credit Records hijacked with false information, and their inability to get loans due to that.

Now imagine the same thing with Medical records, but instead of just inability to get a loan, now you cannot get a job because your employer thinks you suffer from paranoia ("it's right there in your record Mr. Smith, it must be true. I'm sorry but we can't hire you."). For that matter the employer might not even tell you the reason. They might just never call back.

You may think this sounds absurd, but the same thing is happening now with the internet, where employers are digging-up 10-15-20-year old posts or photos from the net, and using them as justification to not hire someone. ("We found this photo of you drinking beer in a frat party in 1995. It's at the psu.edu/alphadelts website. We can't hire you as a teacher. Sorry.")

Re:Dangers of EHR (2, Interesting)

db32 (862117) | more than 5 years ago | (#26516329)

I can't even begin to the imagine the fun of catching a company using healthcare information in such an unbelievably illegal fashion. Now, I agree there are security things to be addressed. But, medical records already exist in a fairly extreme state of paranoia even if some of the IT pieces are lagging. If anything, I would want the credit industry held to the same standards that medical records are. If you are a nurse and you access a record that isn't one of your patients you can be expected to be called out on it and likely lose your job. Shit like that is actually tracked in an EMR system. It is actually more secure against snooping than the current paper copies given that there is no per access tracking that happens when you thumb through a paper record.

The problem with the credit industry is that they are not held accountable for the losses of information, so it is more profitable for them to play fast and loose with it and hand out loans and credit in the hopes of profit. Hospitals ARE held accountable for lost information, and their model of profit doesn't even begin to resemble the credit industry. In fact, hospitals LOSE money when the records aren't accurate because insurance/medicare/medicaid/etc refuse to pay out. Hospitals invest a tremendous amount of resources in making sure all of their records are as accurate as humanly possible for that very reason.

Re:Dangers of EHR (1)

Comboman (895500) | more than 5 years ago | (#26515797)

Picked up on emergency? Can't talk? I hope you don't have any allergies or you could be killed by the response team.

That's why people with those conditions generally have a bracelet stating it (which EMTs are trained to look for). Compare that to the EHR: The guy can't talk? Check his wallet for a name. John Smith? Let me type that into the computer. Too many responses, what's his driver's license I.D.#? JSMITH234084329. Let me type that into the computer. Opps, we're in a dead zone for wireless internet coverage, we'll have to wait until we get the hospital.

Now, I'm not saying the EHR has no merit, I believe it does, I just don't think it is very useful in the situation you suggest (unless your EHR is stored on a subcutaneous RFID tag, but that raises even more privacy/security issues).

Re:Dangers of EHR (1)

db32 (862117) | more than 5 years ago | (#26516127)

EMTs are trained to look for those. However, is it still there? Did they even wear one? In the situation I suggest I probably wasn't clear enough, but initial emergency response isn't the same as the following hospital treatment. I doubt EMTs are going to pull up your medical record on the spot to care for you even if they could. Every second counts n all that. However, once stabilized and sitting in a hospital bed those medical history questions start becoming more important. Even more so for the elderly n such. When you go to the hospital they will ask you the same series of questions a dozen times. It isn't because they are stupid, or think you are stupid, its because there is a HIGH rate of "oh yeah, I forgot about..." happening the 2nd or 3rd time the question is asked.

Re:Dangers of EHR (2, Interesting)

jbolden (176878) | more than 5 years ago | (#26515137)

The thing is there is likely embarrassing stuff on most people's medical records.

A used to use drugs
B had a horrible depression
C has a fatal disease that kill them over the next 10 years
D got an STD at a sex party

etc...

Right now people freely talk about physical injuries they got from reckless behavior. It could be that with leakage mental disorders stop being something that people have more embarrassment about discussing.

Re:Dangers of EHR (1)

n1ckml007 (683046) | more than 5 years ago | (#26515167)

Auditing of access of medical records would actually improve. If someone looks at your paper files, how would anyone know? If someone looks at your EHR documents, sure it might potentially be easier to access, depending on your position, but you likely will be promptly fired.

Re:Dangers of EHR (1)

Thanshin (1188877) | more than 5 years ago | (#26515169)

A used to use drugs
B had a horrible depression
C has a fatal disease that kill them over the next 10 years
D got an STD at a sex party

A - I'm not hiring drug addicts in my company.
B - I'm not hiring him. He may have a depression during some important project.
C - I'm not hiring him. What if he dies before finishing the project?
D - I'm not hiring perverts in my company.

No, I don't think people will freely discuss their medical records.

(replace hiring with promoting for post interview discussion)

Re:Dangers of EHR (1)

CurtMonash (986884) | more than 5 years ago | (#26515233)

Exactly why we need anti-discrimination legislation in ADDITION to privacy protections.

Re:Dangers of EHR (1)

Thanshin (1188877) | more than 5 years ago | (#26515353)

Exactly why we need anti-discrimination legislation in ADDITION to privacy protections

Anti-discrimination laws aren't working, right now. What makes you think they'll start working if we make discrimination much easier and much (really, very much) more profitable?

P.S.: I speak from the PoV of Spain; maybe in the states anti-discrimination laws really work and saying you're two month pregnant during a job interview wouldn't alter the result in the least.

Re:Dangers of EHR (1)

CurtMonash (986884) | more than 5 years ago | (#26515519)

Exactly why we need anti-discrimination legislation in ADDITION to privacy protections

Anti-discrimination laws aren't working, right now. What makes you think they'll start working if we make discrimination much easier and much (really, very much) more profitable?

P.S.: I speak from the PoV of Spain; maybe in the states anti-discrimination laws really work and saying you're two month pregnant during a job interview wouldn't alter the result in the least.

Fair enough. But I was talking about discrimination for smaller factors, such as mere statistical risks of ill health.

You're right that anti-discrimination for gross disabilities is only partially successful. In the US it's the Americans With Disabilities Act.

Re:Dangers of EHR (1)

FredFredrickson (1177871) | more than 5 years ago | (#26515375)

anti-discrimination legislation

Anti-discrimination legislation will never work.

"Your honor, I did not not hire him because of his genetic defects, it's simply because he wasn't a perfect fit for the job. We found somebody who types faster."

Problem solved.

Re:Dangers of EHR (1)

CurtMonash (986884) | more than 5 years ago | (#26515545)

anti-discrimination legislation

Anti-discrimination legislation will never work.

"Your honor, I did not not hire him because of his genetic defects, it's simply because he wasn't a perfect fit for the job. We found somebody who types faster."

Problem solved.

Anti-discrimination legislation is, in general, partially successful. Your extreme position adds more humor than insight.

Re:Dangers of EHR (1)

commodore64_love (1445365) | more than 5 years ago | (#26515665)

What makes you think that will work???

"We can't hire him because he has repeating bouts of depression."
"You're not allowed to hack into medical records!"
"So? Do YOU want to hire a manic depressive?"
"Good point. ..... Well the damage is done, but we can't let anybody know what we did."
"Um..."
"Let's make up a false reason."
"He doesn't know how to use a Macintosh, and we have Macs in our labs."
"Yeah that sounds good. I'll send off the rejection letter immediately."

Watch the movie GATTACA to see how laws are completely ineffective in stopping corporations from using medical history to disqualify employees.

Re:Dangers of EHR (1)

CurtMonash (986884) | more than 5 years ago | (#26515781)

And HR managers will risk jail over the hacking to play out your scenario?

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26515949)

An HR manager would have no clue in that scenario. You interview a candidate and make the decision to hire or not. Many times I've heard things like "Just got a hunch this guy won't work out". What's HR going to say?
 

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26516571)

It would be no different than people who use Google now to determine who to disqualify, without even considering the age and/or validity of the information they are using. HR doesn't tell anyone specifically they were disqualified based on a Google search, so that the information used can be cross-checked for accuracy, so HR certainly won't tell them that they were disqualified due to a peek at their medical records. Plus won't even have to hack people's records--many will just start requiring electronic medical records access as part of their background check process.

Either that, or someone will "lose" a laptop full of medical information (read: intentionally leave it in a high risk theft area and then call it lost when they knew it would be stolen), and someone will now have millions of medical records for their own use.

Oh, and one more thing... don't forget that when (note: not if, but when) advertisers do get their text ads, banner ads, Flash-based ads, etc. in the medical records systems, they will already have sneak-a-peek access to everyone's medical records, even if just in (yeah right) aggregate form. Without a doubt, I think that Google/Doubleclick will probably be the first in line for that.

Always predict the worst when deploying a new technology, never assume people are inherently good and wait for the problems to actually occur before fixing them.

Re:Dangers of EHR (2, Insightful)

commodore64_love (1445365) | more than 5 years ago | (#26516901)

HR managers (or bosses or small business owners) already violate all kinds of laws against discrimination. What makes you think they'll just suddenly stop when they learn you have heart problems? They'll discriminate then, just as they discriminate now in regards to color, sex, religion, and so on.

Over in my local university, Millersville PA, they refused to hire an adjunct teacher because she posted a photo on her myspace.com where she was drinking beer. She tried to sue, but the court determined they can refuse to hire for whatever reason. If you can refuse to hire someone over a stupid photo, or because they have bad credit ratings (companies are checking that too), there's nothing to stop the Corporate masters from denying access for medical reasons.

Wake up! The corporations have access to the information, and they will use the internet to uncover facts and deny jobs.

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26516797)

Last I checked, GATTACA is a fictional movie? Correct me if I'm wrong.

Re:Dangers of EHR (3, Insightful)

jbolden (176878) | more than 5 years ago | (#26515405)

The thing is that everyone is an A,B a C or a D.... You have to hire someone.

Re:Dangers of EHR (1)

LingNoi (1066278) | more than 5 years ago | (#26516123)

I don't know about the US, but in England I had a pain in the ass of a time trying to get my medical history on paper records from one clinic to another 300 miles away.

Re:Dangers of EHR (0)

Anonymous Coward | more than 5 years ago | (#26515213)

This is not true, at least in America, where a mental illness diagnosis can remove a number of your (remaining!) rights...

Full power to them! (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26514959)

Nothing [goatse.fr] like niggers in the morning!

Logged in computers (1)

BadAnalogyGuy (945258) | more than 5 years ago | (#26514969)

Every receptionist who leaves her PC logged in at the clinic will be a risk factor.

Either you get over yourselves and take the good with the bad, or you shut yourself in and never gain the benefits of the technology.

This isn't even specific to medical records. There will be bumps in the road for any technology.You can make sure your car or bike never hits a pothole by never driving it. But then you will need to walk to where you're going.

Re:Logged in computers (1)

htnmmo (1454573) | more than 5 years ago | (#26514995)

Same can be said for leaving files unattended while the receptionist goes to flirt with the new doctor.

We can't let that be a reason to use technology to help people be healthier.

Nice the dems are back in charge. Continuing on Gore's invention of the internet, Obama invented http://www.usaspending.gov/ [usaspending.gov]

.

Re:Logged in computers (1)

morgan_greywolf (835522) | more than 5 years ago | (#26515057)

Nice the dems are back in charge. Continuing on Gore's invention of the internet, Obama invented http://www.usaspending.gov/ [usaspending.gov] [usaspending.gov]

Actually, Obama was one of the inventors of that site.

Welcome to USASpending.gov
The Federal Funding Accountability and Transparency Act of 2006 (Transparency Act) requires a single searchable website, accessible by the public for free that includes for each Federal award

If we look a the Wikipedia article for that Act [wikipedia.org] :

The bill was introduced by Senator Tom Coburn, for himself and Senators Barack Obama, Tom Carper and John McCain on April 6, 2006.[1] After two "secret holds" placed by Senators Ted Stevens, a Republican, and Robert Byrd, a Democrat were revealed and removed[4][5], it was passed unanimously in the Senate on September 7, 2006 and by the House on September 13, 2006. The bill was signed into law by President George W. Bush on September 26, 2006.[6]

Note that this bill is a bi-partisan initiative: Coburn-R, Obama-D, Carper-D and McCain-R introduced this bill.

Re:Logged in computers (1)

htnmmo (1454573) | more than 5 years ago | (#26515159)

Actually, Obama was one of the inventors of that site.

That's what I said.

Re:Logged in computers (1)

commodore64_love (1445365) | more than 5 years ago | (#26515387)

>>>you shut yourself in and never gain the benefits of the technology.

Last I checked that's not even an option. You can't tell a doctor to erase your medical records from his PC, because he's reuired by Obama's new laws to keep it stored electronically.

Re:Logged in computers (1)

krenaud (1058876) | more than 5 years ago | (#26515029)

It depends on the design of the system. A base requirement would be to limit access depending on the roll of the person reading the journal. A receptionist should only see limited information such as which doctors the patient has and other need to know stuff.

A properly designed system should also have an audit trail so it is possible to see who has accessed the journal and this information should be easily accessed by patients.

It should also be possible to have information which requires special access rights which can be used for extra sensitive information such as mental diagnoses.

I've seen systems where information cannot be accessed by medical personel unless they receive a code from the patient. Having such a component in place seems like a good idea.

Re:Logged in computers (1)

h4rm0ny (722443) | more than 5 years ago | (#26515115)


Patients should have their health records under their control. They can then allow people to look at them (e.g. their doctor) or not as they choose. Some records will have to be kept on the doctor's side, e.g. prescriptions for controlled medications such methadone, but many records need not be.

Re:Logged in computers (1)

n1ckml007 (683046) | more than 5 years ago | (#26515135)

One of the features of some of the implementations of EHR is the ability for patients to review their own records, via the tubes.

Re:Logged in computers (3, Insightful)

commodore64_love (1445365) | more than 5 years ago | (#26515403)

USA TODAY, circa 2015:

"It has reported that a laptop has been stolen, allowing thieves to gain access to over 1 million patients' records. Officials lied.... er, reassured the public that no harm has been caused."

Re:Logged in computers (1)

aethelrick (926305) | more than 5 years ago | (#26515553)

great idea, but it does not work well in practice. The most vulnerable patients are the ones you are most like to injure with the wrong medication or similar. These vulnerable patients include the very old, the very young and the badly injured. These people are often not able to be their own medical book keeper.

Re:Logged in computers (1)

CurtMonash (986884) | more than 5 years ago | (#26515245)

I'm glad to see so much emphasis on audit trails.

I called out that point in an early post re government data use, but you guys are right that it applies in the medical case as well.

Unlikely (5, Informative)

professorguy (1108737) | more than 5 years ago | (#26515433)

OK, I run a hospital network, so I see medical data whizzing around more than most people. Here's a typical example:

.

A doctor dictates his diagnosis into a microphone on a PC. It becomes a data file. It sits in his output queue. It is then sent to a server to be electronically signed (a Word Macro is run). It sits on it's input queue until done then sits in its output queue. Then it gets sent to an HL7 routing engine where it sits on queues. Then on to our medical database. This generates some billing info which goes to the HL7 router then on to a private company in Tennessee, which sends results to a website....

Now I'm sure there will be controls on who can get at the medical database. But what about the data whizzing around the network? Tell me about the audit trail that lets me know who saw some of the info generated by that one encounter. Because it sat on at least 7 machines in 3 states for some amount of time.

And now you want each of those machines to check to see if the patient has signed off on that machine getting the info? Good luck with that.

And if someone shows up unresponsive in the ER, how do we send the X-ray to the remote radiologist if the patient can't release the data? And if 'emergencies' override that control, expect to see EVERY encounter be an emergency.

Re:Logged in computers (1)

aethelrick (926305) | more than 5 years ago | (#26515505)

It's best to limit access by role *AND* location thus making sure that staff at the reception desk (even doctors) cannot open sensitive records on such public terminals

Re:Logged in computers (1)

n1ckml007 (683046) | more than 5 years ago | (#26515123)

Thanks for that Bad Analogy Guy. The PC being logged is both address from a domain policy and application level. Bigger areas of concern include protection againist removeable media, and uptime. You really need 99.999% uptime if someone's life depends on having their medical history available.

Re:Logged in computers (1)

aethelrick (926305) | more than 5 years ago | (#26515435)

what does a national EHR do for the doctor and the patient that a local GP system doesn't already do? Most people having this discussion have not considered this. Try listing the benefits and penalties and then decide whether you'd spend your cash putting it in place. While you consider this... note the following: Most people do not migrate, they are born, live and die in the same place. So local systems work well for these people. Emergency medical staff do not have time to correctly identify a patient in order to find the correct medical record for them on a central system in an emergency. This requires quizzing the patient and for the most part, if the patient is well enough to tell you who they are, they are well enough to tell you what they are allergic to and their existing medical conditions, if not, then you're flying blind no matter what. Would it not be better for the government to spend their time setting a standard for data exchange between the existing local systems? The closest thing that exists to this is called HL7 but it's so slack and non-standard in every implementation I've seen that it's no more useful than generic XML.

Re:Logged in computers (1)

Timberwolf0122 (872207) | more than 5 years ago | (#26516271)

Perhaps some kind of inactivity time out is in order?

EHR from a software testing point of view (3, Informative)

Anonymous Coward | more than 5 years ago | (#26515009)

I saw this [case.edu] the other day. Basically, a pair of professors, one in law and another in computer science (specializing in software testing) are trying to bring the problems with EHR to a wider audience.

They call for testing and certification of EHR systems (Though thankfully not through the FDA).

It'll be interesting whether anyone listens to them.

i can see it now (4, Funny)

ionix5891 (1228718) | more than 5 years ago | (#26515013)

$emails = $DB->get('SELECT email FROM records WHERE records.dysfunction LIKE "%erectile%"');

foreach( $emails as $email ){

      mail($email, 'hello i hear you are in need of herbal via....');
}

Re:i can see it now (1)

CurtMonash (986884) | more than 5 years ago | (#26515253)

LOL.

Exactly one of the things I suggested be made illegal.

Re:i can see it now (2, Funny)

swillden (191260) | more than 5 years ago | (#26515323)

LOL.

Exactly one of the things I suggested be made illegal.

Spam is already illegal, so that problem is taken care of.

Re:i can see it now (1)

CurtMonash (986884) | more than 5 years ago | (#26515497)

Might not be spam. ALL marketing based on medical information should be illegal, with only the narrowest of carve-outs for your actual healthcare providers.

Re:i can see it now (2, Interesting)

swillden (191260) | more than 5 years ago | (#26515853)

Might not be spam. ALL marketing based on medical information should be illegal, with only the narrowest of carve-outs for your actual healthcare providers.

Which will work just fine with respect to traditional marketing channels, but will be as effective against much Internet-based advertising as CAN-SPAM is against spam.

I have no objection to legal protections, but laws are insufficient. Actually, I do have one objection: laws often provide a false sense of security, and occasionally even work against the interests of the people they're supposed to protect.

What we need to assure the privacy of medical information is technological means to place the control of the data squarely in the hands of its rightful owner -- its subject. My doctor shouldn't have my file, I should. What information from that file is available in emergency situations should be under my control. Whether or not any of my data is available for use by researchers should be my decision.

The first step is to legally bar medical providers from storing patient data at all, and require them to give it to the patient. Unlike random distributed marketing organizations, health care providers are very easy to regulate and control. To make that work, we need solid, implementable standards for health care information exchange, not the convoluted, under-specified crap that HL7 et al have thus far developed. We also need a standardized FREELY AVAILABLE coding system, rather than the balkanized for-fee code sets we have now (ICD9, etc.).

Of course, after you put peoples' medical data under their control, there's a risk that they'll do stupid things and release stuff they shouldn't. To some extent, that's on them, but it's probably a good idea to back it up with legislation of the sort you propose, but as a backup, a safety net, rather than the primary privacy/security mechanism. Defense in depth is a key feature of any trustworthy security scheme.

Re:i can see it now (1)

dmr001 (103373) | more than 5 years ago | (#26517099)

This would be a fascinating study of evolution in action. As a physician, barring me from storing medical records would result in a host of epiphenomena: people purposefully withholding histories of mental illness, drug and alcohol addiction, and even high blood pressure diagnoses they didn't agree with. Moreover, population control could be augmented while untangling how we'd implement getting ahold of critical information in emergencies, or when people forgot their passwords or access keys. For what it's worth, in the developing world, where I worked for a while, people do carry their own medical records - typically on index cards or other scraps of paper they would bring to their appointments, as clinics could not be expected to bear the expense or trouble of maintaining them. This went for immunization records, logs of taking your TB medicine, and records of diagnosis and treatment of chronic diseases. Notwithstanding medical records being lost in open sewers when my disabled patients lost their balance on their crutches, the system didn't work very well. The sicker people tend to be, the more difficult it is for them to manage basic affairs. This strikes me as a solution looking for a problem. Just how often do people truly find their medical records being used against them?

Re:i can see it now (1)

swillden (191260) | more than 5 years ago | (#26517189)

In the developed, networked world, there are simple and obvious solutions to all of the problems you mention. I disagree that people choosing to withhold information from their physicians is a problem. Yes, it endangers their health, but that's their prerogative, or should be.

Re:i can see it now (1)

Dolphinzilla (199489) | more than 5 years ago | (#26515867)

Spam being illegal certainly has curbed its proliferation - NOT !

Re:i can see it now (1)

swillden (191260) | more than 5 years ago | (#26516269)

That's my point.

Re:i can see it now (1)

CurtMonash (986884) | more than 5 years ago | (#26516539)

Spam being illegal certainly has curbed its proliferation - NOT !

All kidding aside, I think you're wrong about that.

http://edge.networkworld.com/community/node/36965 [networkworld.com]

Re:i can see it now (1)

swillden (191260) | more than 5 years ago | (#26517223)

You're basing your argument on some random prediction that spam will stop being a problem during the next year, in spite of previous similar predictions which have been spectacularly wrong?

Spam is semi-controlled at the moment through purely technical means -- filtering. Unfortunately, filtering has made e-mail unreliable and reduced its value.

Re:i can see it now (0)

Anonymous Coward | more than 5 years ago | (#26516837)

LOL.

Exactly one of the things I suggested be made illegal.

Spam is already illegal, so that problem is taken care of.

yes. of course. no one receives spam since it was made illegal.

The temporal framework (4, Insightful)

Thanshin (1188877) | more than 5 years ago | (#26515079)

One of the problems with EHR is that it potentially follows you your entire life.

If information about your economic status, familiar situation, physical location, customs, etc. Usually becomes unreliable after some time. A leak on those informations slowly loses effect.

Medical information, however, is permanent in many cases. A single leak of a person's data can have fresh information for, literally, a lifetime.

Re:The temporal framework (1)

freedumb2000 (966222) | more than 5 years ago | (#26515133)

I wish I had mod points. I feel the same way about my fingerprints and DNA.

Re:The temporal framework (3, Funny)

MadKeithV (102058) | more than 5 years ago | (#26515217)

To counteract that problem, I change my DNA and fingerprints every few weeks, together with my windows login and password.

Re:The temporal framework (1)

commodore64_love (1445365) | more than 5 years ago | (#26515451)

>>>A single leak of a person's data can have fresh information for, literally, a lifetime.

Go watch GATTACA for an example. Yeah sure they had laws to forbid discrimination against employees who had bad medical records, but since when do corporations follow the law? It is easy to make-up other excuses:

"This guy has a high history of heart problems according to his government file, so let's not hire him."
"We need a better excuse then that."
"Um... he doesn't know how to program Cobol."
"Yeah that will work."

And of goes a brilliant guy who, due to heart problems can't get a high-wage job, and is therefore trapped being just a lowly janitor or McDonalds burger flipper.

Seperate nationwide network (4, Interesting)

modmans2ndcoming (929661) | more than 5 years ago | (#26515109)

banking has a network for wire transfers that is not accessible from the internet. Make electronic medical records transferable and accessible only from within a closed off network. Then information can not be stolen from an outside attacker and you are left with the same risk you had before, insiders stealing data.

Re:Seperate nationwide network (1)

fulldecent (598482) | more than 5 years ago | (#26515991)

except that... banks have an incentive not to get hacked, their money is at stake. hospital do not have an incentive to prevent information leaks.

Re:Seperate nationwide network (0)

Anonymous Coward | more than 5 years ago | (#26516985)

Actually, HIPAA and various other regulations have penalties unauthorized disclosure. So they do have some financial incentive to protect the information.

There are also laws that require notification of people whose information has been compromised (you frequently hear about these in the news). These have financial costs as well as being bad for the reputation of the companies involved.

Re:Seperate nationwide network (1)

DMoylan (65079) | more than 5 years ago | (#26516649)

not sure that would really work. was in hospital 5 weeks last year over 3 occassions.

most of the pcs containing records were generic compaqs that we sell at work. i was left on many an occassion in cubicles with these machines with a curtain giving a fair chunk of privacy to any attempt i should want to attempt. and the medical staff are not i.t. people thinking of security or fast typists so i was able to see a few of the passwords been typed in. out of curiosity more than any other reason this was interesting as we have customers in the security industry and i'm used to seeing staff be cautious with passwords/logging in.

with the doctors permission i took pictures of my mri scans from the screen and the small text was perfectly readable on my nokia e71. so it didn't need a usb drive or connection to copy the data.

this was in ireland so i'm sure that there are better more secure systems out there. however unlike a bank many of these terminals will be in semi private areas so that medical staff can refer to them while dealing with a patient in confidentiallity.

Welcome to the 20th Century, USA. (4, Interesting)

tygerstripes (832644) | more than 5 years ago | (#26515157)

This has been in place in many other countries for years, including the UK where - for all the bureaucracy and wastage of the NPfIT [wikipedia.org] initiative - it's been largely successful.

The system isn't perfect, and human error is the main source of problems and breaches (as ever), but the benefits have so vastly outweighed the risks that I'm surprised this is even being debated.

Most importantly, all the problems envisaged by critics have already been anticipated, encountered and (largely) overcome in other countries. Take a look outside your borders and learn a few things. Find out what works and what doesn't, and use the mistakes of others to build a better system. Just don't start panicking over nothing. This is not a pioneering initiative, in global terms.

Re:Welcome to the 20th Century, USA. (1)

commodore64_love (1445365) | more than 5 years ago | (#26515485)

I hear a lot of UK citizens complain about Parliament's healthcare. One guy said, "We're treated as just another cog in the machine, and if the bill costs too much the politicians have decided to send us home without care so they can save money. This happened to me several times."

Re:Welcome to the 20th Century, USA. (1)

tygerstripes (832644) | more than 5 years ago | (#26515569)

Fair comment, but that's because our health-care system is knackered and has been run into the ground by the government for years. Nothing to do with the information systems, everything to do with under-funding and heavy-handed, bureaucratic micro-management, usually based on political knee-jerk responses to the latest media orgy.

Any UK resident who's had dealings with the NHS (National Health Service) will tell you the same: no problems with records, information management or any of that. It's just the provision and availability that's a post-code (zip-code) lottery. Don't even get me started on trying to find a dentist in this country...

Re:Welcome to the 20th Century, USA. (1)

commodore64_love (1445365) | more than 5 years ago | (#26515733)

>>>our health-care system is knackered and has been run into the ground by the government for years.

Wouldn't it be nice if you had CHOICE? i.e. If the Parliament-run hospital sucks, you could switch to a different hospital, like Apple or Linux or even (shudder) Microsoft Hospital? Choice is better than a monopoly. If the monopoly sucks (it does), you're stuck with it.

Re:Welcome to the 20th Century, USA. (2, Insightful)

tygerstripes (832644) | more than 5 years ago | (#26515895)

There is a private health-care industry in the UK - and it's growing all the time, out of sheer necessity. It's just prohibitively expensive for the proles, especially given that we already pay for the NHS, which is chartered to provide for every person's health-care needs.

"From the cradle to the grave" used to be an unofficial slogan, back in its more socialist hey-day. Now it's more of a grim prediction...

Re:Welcome to the 20th Century, USA. (1)

commodore64_love (1445365) | more than 5 years ago | (#26516773)

That sounds a lot like the U.S. School System. We have private schools, but since the school tax is ~$3000 a year, people simply lack the money to choose the private option.

I'd like to see a system were, if parents send their kids to private school, they would be exempt from paying school tax for that year. It would give people the extra money they need to "escape" the government school.

Many people have private insurance. (2, Interesting)

jotaeleemeese (303437) | more than 5 years ago | (#26516813)

I am by no means rich and have been privately insured all my working life in the UK.

When I need to be treated quickly I go for private insurance, for long term treatment I rely on the NHS.

Underfunding? You are joking, right? (1)

jotaeleemeese (303437) | more than 5 years ago | (#26516787)

The amount Labour has thrown to the NHS is almost obscene.

There is a lot of mismanagement to be sure (if it is worst than a bank would be open to debate, at least most people get relatively decent health service) but to say the NHS is underfunded is not a serious point, as can be quickly checked.

Re:Welcome to the 20th Century, USA. (1)

aethelrick (926305) | more than 5 years ago | (#26515713)

having worked in patient care software for the NHS for the last seven years with many other vendors and 3rd party systems. I can honestly say that national program for IT is largely useless (from a clinical perspective). The project has been cut back so many times that all it amounts to now is a patient master index that contains no clinical information (e.g. a big list of names and addresses). Useful clinical data is locked in departmental systems where no-one can get access to it because no decent minimum national standards exist for storage and transmission of data from one system to another. Issues around data privacy have not been addressed, some recommendations have been made but none of which cater for what is to be done with the bulk of clinical data in legacy systems and how this data is practically going to be migrated.

Re:Welcome to the 20th Century, USA. (1)

tygerstripes (832644) | more than 5 years ago | (#26516023)

I feel for you, I really do. Just wait and see what happens with ContactPoint, the new all-embracing central child database. Home Secretary's dream come true, I tell you...

Re:Welcome to the 20th Century, USA. (2, Insightful)

gad_zuki! (70830) | more than 5 years ago | (#26515869)

The difference being that Americans have been fed so much corporate propaganda about healthcare and political propaganda about expansion of government services, that they just dismiss successful programs overseas as impossible or astroturf right-wing talking points about "how they dont really work." You'll see this in replies to your post in 3...2...1...

Re:Welcome to the 20th Century, USA. (1)

N1AK (864906) | more than 5 years ago | (#26516263)

including the UK where - for all the bureaucracy and wastage of the NPfIT initiative - it's been largely successful.

I don't work with and haven't used any of the NPfIT systems, however I have read a lot of coverage regarding this including recent material in IT and Medical news sources. I certainly haven't gotten the impression the system is remotely successful. I'm not saying it isn't, but I'm yet to see anything that doesn't make it sound like a gigantic project failure, that has completely lost site of its objectives and isn't finished even though it is massively over-budget and past-deadline.

If anyone can link to some decent sources that have a positive opinion on the services to come out of NPfIT then I genuinely would like to read them.

The biggest difference..... (1)

DigitalReverend (901909) | more than 5 years ago | (#26516995)

between the U.S. and the rest of the world is the rest of the world gives up their rights readily and freely without a fight. You claim to welcome us to the 21st century simply because it's based on technology, and I say, enjoy the your life in 16th century based on the rights your government protects for its citizens.

DRM based OSes (2, Interesting)

jbolden (176878) | more than 5 years ago | (#26515163)

Essentially what you need is DRM. The data is only available on a limited number of machines and then strictly limited in what you can do with it, with strong audit trails. Not using general purpose computers but rather devices might help.

But in the end I don't think this is likely to work, the incentives for hacking are too strong and the distribution has to be too wide. EHRs mean that there will be substantially less medical privacy in exchange for better medical care and lower costs (70b-300b / year). That doesn't seem like a bad trade.

Re:DRM based OSes (1)

CurtMonash (986884) | more than 5 years ago | (#26515263)

the incentives for hacking are too strong and the distribution has to be too wide.

Hence the need for strong laws to add to the DISincentives for hacking.

Re:DRM based OSes (1)

jbolden (176878) | more than 5 years ago | (#26515393)

I don't see that as likely working. The main problem is the only crimes the US law enforcement seem to really care about are speeding and murder.

A produces a legit machine which can access records
B produces a machine that spoof being a machine of type A but also copies the records off via email.
C owns a medical office
D get a job in C's office as a receptionist. and replaces A's machines with B's machines over a period of a week. D then quits and gets a job at another office....

E lives outside the US and receives the records. Each machine of type B has pushing through say 500 records / week on average. Placement is currently costing about $1500 per machine and they work for say 20 weeks on average before the scam is discovered.

That works out to 7 records for a $1.

Re:DRM based OSes (1)

CurtMonash (986884) | more than 5 years ago | (#26515577)

And those records will illicitly be used -- how? Spam? We all get plenty of medical spam anyway. Non-spam? Legitimate businesses can be seriously penalized. Discrimination? Too much of a "paper" trail for discrimination to use that vector.

Re:DRM based OSes (1)

jbolden (176878) | more than 5 years ago | (#26516291)

Oh I see. You mean make it illegal to receive the records not create them. That means you have to hit extracts from, derived works from the records regardless of source. I have some serious questions about the constitutionality of laws like that. Remember you have to be able to prove beyond a reasonable doubt a law was broken.

Try and write one up that gets around all the ways the data can me modified and then sold.

Re:DRM based OSes (1)

CurtMonash (986884) | more than 5 years ago | (#26516431)

Oh I see. You mean make it illegal to receive the records not create them. That means you have to hit extracts from, derived works from the records regardless of source. I have some serious questions about the constitutionality of laws like that. Remember you have to be able to prove beyond a reasonable doubt a law was broken.

Try and write one up that gets around all the ways the data can me modified and then sold.

Now you're on the right track!

I'm sure I haven't thought of everything that's necessary. But I'm game for as many rings of defense as it takes. You mustn't transfer the info illicitly. You mustn't sell it. You musn't buy it. You musn't use it for the purposes people would want to buy it for. And you surely mustn't do hacking to get it.

Re:DRM based OSes (1)

russotto (537200) | more than 5 years ago | (#26515409)

Hence the need for strong laws to add to the DISincentives for hacking.

There's only so strong you can make the laws. You can make the penalty death and forfeiture of all property to the state, but if the incentives FOR it are strong enough, and the chance of getting away with it perceived to be good enough, it'll happen anyway.

Re:DRM based OSes (1)

CurtMonash (986884) | more than 5 years ago | (#26515611)

Hence the need for strong laws to add to the DISincentives for hacking.

There's only so strong you can make the laws. You can make the penalty death and forfeiture of all property to the state, but if the incentives FOR it are strong enough, and the chance of getting away with it perceived to be good enough, it'll happen anyway.

No argument. But my point is that the incentives FOR using people's medical records against them aren't really that high, especially if the what the records show is merely elevated probabilities of some unfortunate outcome(s).

Your health is not at stake (1)

thereimns (1110955) | more than 5 years ago | (#26515883)

"Medical care is full of information waivers, much like EULAs, only with your health at stake."

This is sloppily worded, but let's be clear that medical privacy is not the same thing as "your health". If someone sees my private medical records, it doesn't make me sicker. If anything, more eyeballs would tend to make me less sick, as medical errors would be more likely to be caught.

Re:Your health is not at stake (1)

CurtMonash (986884) | more than 5 years ago | (#26516569)

"Medical care is full of information waivers, much like EULAs, only with your health at stake."

This is sloppily worded, but let's be clear that medical privacy is not the same thing as "your health". If someone sees my private medical records, it doesn't make me sicker. If anything, more eyeballs would tend to make me less sick, as medical errors would be more likely to be caught.

What I meant is that if you want to reject the EULA, you can't use the software. If you want to reject the waiver, you can't get healthcare.

Great idea? (2, Informative)

Mr. Slippery (47854) | more than 5 years ago | (#26515955)

Funny this should come up, considering what I just read last night in the RISKS Digest [ncl.ac.uk] :

Software glitch causes incorrect medication dosages
Jeremy Epstein jeremy.j.epstein@gmail.nospamnospamnospam.com
Fri, 16 Jan 2009 11:51:46 -0500

``Patients at VA health centers were given incorrect doses of drugs, had needed treatments delayed and may have been exposed to other medical errors due to the glitches that showed faulty displays of their electronic health records, according to internal documents obtained by The Associated Press under the Freedom of Information Act. The VA's recent glitches involved medical data -- vital signs, lab results, active meds -- that sometimes popped up under another patient's name on the computer screen. Records also failed to clearly display a doctor's stop order for a treatment, leading to reported cases of unnecessary doses of intravenous drugs such as blood-thinning heparin. According to interviews and the VA's internal memos, the glitches began after the VA distributed its annual software upgrade last August [2008].''

The proposition that EHR are a good idea remains as unproven as the idea that touchscreen voting machines with no paper trail are a good idea. Sometimes electronic documents and records introduce brave new failure methods that outweigh any benefit.

It's just as simple as... (0)

Anonymous Coward | more than 5 years ago | (#26516693)

...Making your information no longer valuable. What use are medical records to a script kiddie if we're in a single-party payer system? Not that I'm a fan of either one...Obama's friends on the left seem to favor this approach..not that he necessarily does. Just sayin..

Why does the information need to be centralized? (4, Interesting)

jotaeleemeese (303437) | more than 5 years ago | (#26516853)

Whose information is that?

The patient's.

Who should control it?

The patient.

Any other solution should not be allowed to prevail.

An intelligent card, easy to back up at home and protected by well thought of security mechanisms is all what is needed.

There is no need for massive centralized databases, you just send the encrypted information to the person that needs to see it in an "as needed basis", perhaps by swapping your card in terminals connected to a private network that allows the sharing of this data.

 

Re:Why does the information need to be centralized (2, Interesting)

joocemann (1273720) | more than 5 years ago | (#26517091)

I completely agree. I do not understand, whatsoever, how it is burdensome for a patient to bring their medical records to their doctor. The doctor and/or hospital keep those records privately; access and review/add to them when necessary--- and if the patient needs to see another doctor, they can get a copy and carry them on over to the new doctor.

This is how it already works; this is NOT a big deal.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>