Doctors are supposed to be nosy. It's not just that they examine your naked body inside and out and record all its imperfections. Physicians are trained to peer into your life, past and present, and ask all sorts of sensitive, if not uncomfortable, questions. Have you ever used marijuana or cocaine? How about steroids? How many sexual partners? Ever had a sexually transmitted disease? An abortion? Had sex with the same sex? How much do you smoke or drink? Have you used Botox or had plastic surgery? Have you been depressed or been treated for mental illness? And how about your marriage—or marriages?
You get the gist; the experience is intrusive. But the doctor-patient relationship was never meant to be other than confidential and privileged and solely for the benefit of the patient. Patients expect it, or they would not be forthcoming. And doctors take the Hippocratic oath, pledging to hold sacred their patients' secrets. This pledge of confidentiality, however, is now challenged by a world where computers rule and health information falls into many hands. One might well ask whether medical privacy is just too outmoded a concept for today's information-hungry world.
Most of us are aware that the risk to privacy of any information increases exponentially with each additional person whom we tell. This is especially true for electronic communication. Social networking members, who have shared what they thought was private information with “friends,” have too often found that the information is now accessible far beyond what they ever imagined; now it is permanently engraved in cyberworld. These observations rightly raise concerns when information in a medical record is involved.
People are asking whether any kind of electronic records can be made safe. If one is looking for a 100% privacy guarantee, the answer is no. But then, paper records are not 100% secure either. There have been cases where paper medical records, especially parts of them, have disappeared. There was a case where boxes of patient records from a doctor’s office were found in a garbage dumpster and a case in which stolen medical records were recently found washed up on a Maine shore.
On a hospital unit, a patient’s paper record (chart) is often available to anyone with a white coat, a badge that looks like the identification badge of the agency, and the courage to pick up the chart. With an electronic record, it is more difficult for an unauthorized person to gain access to a healthcare record. To do so a person needs more than a white coat and a badge; the person also needs a login name and a password.
To answer the question posed by the title, despite opposition from those who have a vested interest in not having an EHR, or even an EMR, such as drug companies whose drugs are creating previously uncovered side effects, or agencies that make money by repeating lab tests, electronic health records are a plus. This does not mean that efforts to protect healthcare data should be lessened. It does mean that we need to acknowledge the considerable progress already made in protecting healthcare data and the progress that will continue to be made. No, the records will never be 100% safe; but the benefits outweigh the risks, and no information, once shared, is ever 100% safe from disclosure.