EHRs — How Safe Are Your Medical Records?July 21, 2015 No Comments
It wasn’t so long ago that doctors unanimously relied on paper charts to record and store patient health information. But thanks to provisions in the 2009 economic stimulus program, many doctors and hospitals have received cash incentives in return for switching over to electronic health records (EHRs). For that reason, most doctors and hospitals now store patient health information electronically.
But many people worry that EHRs aren’t secure — after all, isn’t electronically stored information inherently less safe than information stored the old-fashioned way? While hackers can pose a threat to any electronically stored data, providers and hospitals have done much to ensure that electronically stored patient information stays safe. Much of the work to secure patient data has been driven by The Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires providers to safeguard patient medical information. Health care operations found to be falling short on protecting patient information face stiff penalties thanks to HIPAA. Aside from HIPAA and hacking threats, EHR software creators, providers, and administrators recognize that securing patient data is essential in one of the planet’s quickest growing industries. This is great news for you and your Electronic Medical Record.
Paper Still Plays a Role in Patient Medical Records
Although the economic stimulus package of 2009 offered incentives to hospitals and doctors willing to switch over to EHRs, many medical providers are still using paper records. As of 2014, 6 percent of American hospitals had yet to make the transition to EHRs.
As for physicians, about 257,000 doctors across the country had yet to adopt EHRs as of December 2014. So even though EHRs are becoming far more popular than their paper-based counterparts, many Americans still see their doctors writing down their health information on a paper chart with an ink pen.
Even if your doctor has switched over to EHRs already, that doesn’t mean he or she has digitized your older records. However, many doctors and hospitals are eliminating paper medical records by scanning these documents and adding them to EHRs as image files.
Many hospitals and physicians’ practices continue to rely on fax machines to send and receive copies of patient medical records. Unlike other delivery systems, faxing has a proven track record, going back decades and is universally accepted across the health care industry. Faxed documents are also a safe way to share private information; they’re circuit-based and delivered directly from one fax machine to another, so the risk of a fax being intercepted by hackers is low. Many modern fax services enable providers to link faxed documents to the electronic medical record without the need to print or scan anything. For printed documents and faxes, the provider will need to scan those pages and add them to his or her copy of that patient’s EHRs.
How Safe Are EHRs?
With large data breaches becoming more common, many worry about the safety of EHRs. Hacking is always a possibility when it comes to sensitive electronic data, but EHR advocates point out that those old paper records everyone used for so long weren’t exactly written in invisible ink.
The information found in paper records can be vulnerable if those records are left accessible to unauthorized third parties. Paper records are also vulnerable to theft, and these days, a paper medical chart left open on a counter can easily be captured with the help of smartphone camera.
Providers typically make the protection of patient EHRs one of their top priorities. The consequences are severe for health care providers who allow EHRs to fall into the wrong hands because it amounts to a violation of HIPAA. Providers would also face lawsuits and other financial risks, including covering the cost of identity theft insurance for victims.
While the legal protections of HIPAA can’t guarantee that enterprising hackers won’t find a way to breach a hospital or provider’s EHR systems, they do mean that providers are obligated to do as much as they can to stop this from happening. Steps providers take to protect EHRs include:
- Protecting EHRs from access by unauthorized users with multifactor authentication protocols and data security training for staff members
- Encrypting or otherwise protecting sensitive data while it’s in transit from one point to another, such as when lab results are sent from the lab to the doctor’s office
- Securing the information against malicious hacking attempts through data encryption techniques and other security protocols, such as services that allow remote deletion of data from mobile devices
Companies that provide EHR systems, cloud faxing, and storage are required to make HIPAA compliance and safety a priority, so EHRs are generally much, much safer than paper charts and documents you carry with you or discard in your home trash bin. So as long as your provider is taking the appropriate steps to protect your privacy, there’s no need to be overly concerned about the safety of your records.
EHRs are becoming more common, and many people are concerned that digitizing medical records and health information could jeopardize patient privacy. They point out that electronic records are vulnerable to hacking. But data stored on paper is vulnerable to theft, too.
EHR systems are designed with security and patient privacy in mind — they have to be, to comply with HIPAA. EHRs systems designers, providers, and hospitals all take great pains to protect electronic patient data, while it’s in storage and while it’s in transit. So if your doctor has made the switch to EHRs, don’t let it keep you up at night — your information is in good hands.
Marjorie McAtee is a freelance writer whose work has appeared on numerous websites including BakPakGuide.com, Listosaur.com, Slogr.com, and SanDiegoFreePress.org. She is a graduate of Hollins University and is currently working toward a Master of Arts in Professional Writing and Editing at West Virginia University. Her literary work has appeared in publications including Amarillo Bay, Flashquake, Center: A Journal of the Literary Arts, and The Blotter.HEALTH IT, Inside the Briefcase