The March 2006 edition of Consumer Reports included an article entitled: "The New Threat to Your Medical Privacy." The first paragraph is as follows:
A national system of electronic medical records could easily save your life. And it could also jeopardize the security of your personal health information.
The article goes on to give a general look at the pros and cons of a NHIN (National health information network) and even quotes David Brailer, so it is not all bad. But the title certainly raised my eyebrows as to the underlying intent of the author. Consumer protection and privacy is paramount from their standpoint, but is there risk in such a system?
I think a lot of this depends on how the system is set up. If there is a central repository for information it will pose a privacy risk. A single location of all of a person's medical information would make it easy for people to know where to go to get your private information. If, on the other hand, it was more like the banking industry, it would be safer.
The banking industry has no one repository for all of your financial information. There is no repository, but instead a series of potential connections. If you take out money from an ATM machine, regardless of where in the world you are, it can query your bank and check to see if there is enough money to cover and then report to your bank that you withdrew money. The decentralized nature of this is part of the safeguard against people getting your information.
In healthcare, even highly evolved IT at this time does not do much interconnecting. If I go to a local hospital, which has its own IT network, and have a heart attack. The only way for another hospital to know this fact is to get a paper copy of the record sent from the first hospital. It is very difficult to get prescription information, outpatient care info, or any other information that may be highly valuable to a provider at any given time. We rely wholly on the patient to alert us to changes.
An option that has often been suggested is for patients to carry a USB drive or card containing medical information (Personal Health Record). Again, the problem is one of potential theft of information if not guarded properly. While I see the value in PHR's, I don't think this will solve the problem of getting accurate information when it is needed. We need a network like the one the banking industry has, connecting physicians to pharmacies to hospitals to other ancillary facilities. If information is needed it can be queried just like the ATM machine queries the bank to check for sufficient funds.