WARNING: Eight EHR Hazards

 

July 9, 2014
 
**To receive this commentary directly to your email, click the "subscribe to the Health Freedom eNews" button above.
 

 

There’s triple trouble with electronic health records: patient safety, medical privacy, and data security. And there are at least eight hazards. But much taxpayer money has been thrown at the highly speculative, untested EHR for political and profit purposes.

 
England has already tried and failed. The National Health Service, which serves a population of 53 million, began building a national EHR system in 2002. By 2007, it missed key deadlines. In 2011, the $20 billion project was shut down.
 
Safety issues surfaced early in the U.S. In 2005, the VA, which has the “the largest integrated healthcare system in the USA,” created a special Informatics Patient Safety (IPS) reporting system for EHR-related safety concerns.
 
But the 2009 Recovery Act, signed into law a month after Obama’s inauguration, provided $27 billion for EHRs and mandated doctors and hospitals establish EHRs or face annual financial penalties.
 
With all this in mind, here is a short list of hazards of digitized patient data:
 
  • DANGEROUS CARE: A study of 100 out of 344 patient safety incidents at the VA found a majority “reflected a poor fit between information needs and the task at hand…[leading to] increased potential for patient harm.” The FDA has testified to at least six deaths and more than 40 injuries due to Health IT.
  • CONTROL OF DOCTORS: “Built into each electronic medical record is a set of protocols that we doctors must follow. Each year we don’t follow them, we get cut by another percentage point as far as our reimbursements from any government-sponsored plan.” – Dr. Ted Roberto, podiatric surgeon, NJ
  • LIABILITY CHARGES:  EHRs generates “frequent, annoying, and disruptive alerts” for drug-to-drug interactions. Doctors with "alert fatigue" who ignore them may be found liable if following the alert could have prevented harm.
  • DATA BREACHES: Criminal attacks on health care data have increased by 100 percent in four years. Most come from human error. Of the breaches, 78% took months to discover and 84% were discovered by outsiders (often law enforcement). In 2013, 199 breaches exposed more than 7 million patient records.
  • HACKERS: For 10 months, the Montana Health Dept. didn’t realize hackers accessed data on 1.3 million people including “names, addresses, dates of birth, Social Security numbers” and potentially “health assessments, diagnoses, treatment, health conditions, prescriptions, and insurance” information.
  • GOVERNMENT SURVEILLANCE: “Local, regional, and national governments, large health care organizations, insurance companies, and academic research centers are all exploring ways to use data from EHRs to monitor health and inform health care policies and programs.” NYC Dept of Health, July 2013.
  • BROAD SHARING: The 2009 HITECH Act provided $564 million for state health information exchanges (HIEs) to facilitate nationwide sharing of patient data. All federal funds are gone. Already states HIEs have disbanded due to lack of funding, but government officials hope cloud computing might give them access to the data (see below).
  • DETAILED TRACKING: Unless Congress again delays the transition, on October 1, 2015, the federal government will expand its diagnosis coding system (ICD-9) from 18,000 codes to 140,000 codes, which will be used to “track, identify, and analyze new clinical services and treatments…”
 
State legislators can protect patients. Ask your state legislators to enact state privacy laws, including
 
  • No data sharing without patient consent
  • No patient data in state health information exchanges without patient consent
  • Physician freedom to not establish electronic medical records
  • Patient right to request a paper medical record
  • Patient right to refuse the presence of a scribe during the clinic visit
  • Requirement that physicians inform patients about government- or insurer-prescribed treatment protocols, and any penalties for non-compliance.
 
HIPAA does not protect patient privacy, but states are authorized under HIPAA to write medical privacy laws that do. And those state laws supercede any federal law on medical data, including HIPAA. The time to enact real privacy and patient protection laws is now.
 
Protecting your rights and freedom,

 

Twila Brase, RN, PHN
President and Co-founder