Making health care less efficient?
Patients could show up and hand over their memory stick or a Internet address for the files, but doctors on the receiving end might be wary of believing what the records says. “It’s outside a protected chain,” Leiber says. “The second doctors are going to repeat those tests.”
{ 7 comments… read them below or add one }
Why wouldn’t they believe it?
A patient hands you a USB stick. His thumb print, taken on your thumb print reader matches what’s stored on the stick, he answers the security question correctly.
Tests on the stick are in a tamper-resistant format with dates. What’s not to believe? Yes, they could be outdated, or reports could be missing or presented on paper because the provider didn’t write them to the device.
Why would you think that a stick that is the patients possession would be less secure than something you’d punch up from a large database that is subject to heaven-knows what kind of hacking and tom foolery?
With bio-identifiers it would be less subject to identity theft risk.
Personal health records generally mean patient generated records. They are no different from a history taken by the physician except for their electronic form, lack of privacy protection, and being prepared before the visit to the doctor.
They may be inaccurate because of misinterpretation by the patient as he enters the information–this is virtually the norm in taking a history and a major skill in medical practice is evaluating and accounting for unintentional distortions in the history.
They also may be inaccurate because of intentional omissions. Everyone has something to hide, something they are ashamed of, something they don’t think you need to know anyway–but they don’t know, they aren’t their doctor. When taking a history, a good clinician makes judgments as the information unfolds about where the omissions likely are and how important it is to tease out the information vs. letting it slide.
They may also be inaccurate because of intentional misinformation in an effort to defraud or manipulate. I have seen forged records of kidney stones and cancer histories brought in by opiate seekers. I am held responsible by the DEA for my failure to detect such deceit. I have also seen record forgeries in disability cases. Putting it in electronic form doesn’t change the potential for outright falsification in patient generated records one bit. If we are talking about facility generated records that the patient carries, I can see an underground business in made-to-order records blooming immediately.
In short, they wouldn’t believe it if they aren’t rubes, because doctors control access to drugs and money and so get lied to each and every day they go to work.
This was a common problem in our military health system. To save costs, patients were required to carry their own charts from facility to facility, almost always unsealed. A significant minority of (usually psych)patients would take out pages they didn’t want in their record. Physicians would keep important information in separate shadow files, especially if they were concerned about liability issues.
The records could be stored alongside a digital signature. Each record could then be authenticated. Data privacy, integrity and authenticity are solved problems in the computer world.
“Data privacy, integrity and authenticity are solved problems in the computer world.”
Really? At least one massive data security breach reported every week. Identity theft and fraud massive problems. A constant arms race by software makers trying to patch holes as fast as hackers can find them.
If they were “solved problems” there wouldn’t be so many people working to find better solutions.
I have seen just as many inaccuracies in my own history that were doctor or nurse generated. No information system is 100%.
Truly, for some reasons physicians think they are special in regard to this particular issue? It does not matter what field it is, there will be inaccuracies in any given record. Any record should be reviewed with the patient - and, if possible, the other treating physicians. (This, I have rarely seen.)
Both the patient and the medical personnel are just human, and, well, GIGO is still the rule.
Anonymous, you’re comparing unrelated things. I guarantee that I can take a piece of data, encrypt it and digitally sign it, and make it absolutely impervious (for at least the next few decades) to unauthorized disclosure and tampering.
This has nothing to do with the following other problems:
* people steal things
* software has bugs
* people voluntarily disclose data to (evil) 3rd parties
* not all personal data is properly protected (physically if it exists in the physical world, or electronically if it exists in the electronic world, *despite* solutions existing)
We’re talking about patient records on a USB stick, not all things related to identity theft. The specific problem discussed here has been solved.