President Obama has set a deadline for all medical records to be switched over to electronic form by 2014. This means that anyone who keeps such records whether they be a health insurer or physician’s or dental office are obligated to comply or face being fined.
The reason for the switch is to increase the speed at which information is transferred between health care providers and to increase the accuracy of such records. It is proposed that this change will ensure that medical treatment is provided in timely and appropriate methods.
With the stories of a new data breach in the news media every week, this switch has many people concerned because of the ease in pilfering records stored on hard drives. Currently, more than half of the nation’s records are already being kept electronically and data theft happens very frequently. In the year 2011, more than 380 data breaches occurred which involved more than 18 million electronic medical records. This number was more than twice that of the previous year.
It is important for patients to keep in mind that when a thief makes off with their electronic medical record they are not interested in reading the information about the patient’s last surgical procedure. They are seeking the information so they can commit identify theft.
Once a thief has stolen your identity, they can use the information in their possession to make purchases or take out a loan in the person’s name. They can also assume the person’s full identity in order to obtain a job or gain access to “free” health care.
There are many ways for thieves to get their hands on electronic medical records. It is estimated that during a single hospitalization, about 150 different individuals will be able to access a patient’s electronic medical record at any given point in time. That number does not even include the hundreds of people that handle different parts of the patient’s billing process.
All this information is highly valuable to an identity thief. In the world of stolen data, a pilfered electronic medical record can sell for as much as $50.00. Not bad when compared to the measly dollar or two they can get for a stolen credit card or social security number.
A recent Harris poll survey discovered that about 80% of Americans are worried about the safety of their electronic medical records. Considering that another poll discovered that only about 60% of all health care providers in theUnited Stateshad trained their employees on how to handle the privacy matters surrounding electronic medical records, there is probably good reason to be worried.
The federal government is taking measures to preserve the privacy of electronic medical records. The first measure was instituting the Health Insurance Portability and Accountability Act in 1996. This Act deals with all paper and electronic medical records. Since then, a provision called the Health Information Technology for Economic and Clinical Health was subsequently enacted and covers the switchover to electronic medical records.
There are a few steps that individuals can take to protect their records.
- Check with all your health care providers to see if they are storing records electronically;
- If so, ask if their staff have been trained to safeguard the privacy of those records. If they have not, ask them what they going to do to protect their records;
- Ask if they have ever had any kind of data breach. Ask how they will handle the notification of patients in the event of a data breach;
- Check your electronic medical record annually. The Office of Civil Rights has proposed a rule which will allow each patient to request one free viewing each year as of 2013.
- Regularly monitor the website for the Office of Civil Rights which will keep track of all data breaches.
- If you believe your rights to privacy have been violated, or if you are concerned about them, file a complaint with the Office of Civil Rights.