Bush's Proposal for Electronic Medical Records Poses Privacy Risks
Sat, April 01, 2006
The Bush administration has embarked on an ambitious national health-care initiative to improve the quality of medical care and stem its rising costs, which just in the last decade have risen to an estimated 15 percent of the gross domestic product (GDP), or about $1.6 trillion. The centerpiece of this initiative is a national health information network (NHIN) connecting millions of electronic health records (EHRs) for patients. Advocates of EHRs claim that the use of such records could shrink U.S. medical costs by hundreds of billions of dollars annually, reduce the estimated 100,000 lives lost through medical errors and improve the general quality of patient care. Toward that end, President Bush has set up an Office of the National Coordinator for Health Information Technology inside the Department of Health and Human Services.
I find the argument for EHRs very compelling, both from a personal perspective (as a person who has endured surgery several times) as well as a professional one (as a systems engineer who has worked on large-scale software systems in commercial and government sectors). But in this particular case, my risk alarm bells are ringing loudly.
Why? Take, for example, the often intemperate language being used to sell the national health information network. "Paper [medical] records are an utterly irrational national security risk," and are financially and morally wrong for America, says Newt Gingrich, who has teamed with Senator Hillary Clinton and others to push for EHRs. Other EHR advocates imply that doctors who don’t embrace it are harming their patients. I know that to get something moving in politics, over-the-top language is sometimes necessary, but it doesn’t help to imply that anyone questioning the value of EHRs is immoral or indifferent to national security or their patients. Further, some government health officials are saying that everyone should "get" with the NHIN program or expect one to be imposed. In my experience, resorting to not-so-veiled threats automatically makes me question the feasibility of the underlying business case.
Advocates of EHRs list a myriad of "challenges" to creating a national health record network—interoperability, privacy, security and making the business case for a decent return on investment to small physician practices that will have to invest in such records to achieve their promise. (For more on this, read "The Business Case for Paperless Medicine," Page 64.) Additionally, studies claiming the benefits of a national health information network contain several assumptions. One of the most significant is that networks are composed of EHR systems that are "well-defined and effectively implemented." Yet EHR systems are very complex, human-centered IT systems that must be highly tailored to their operating environment. The HHS department itself has acknowledged that the failure rate for EHR system implementations is 30 percent to 50 percent. Some health-care network providers claim it is as high as 70 percent. So, with thousands of such systems yet to be implemented and interconnected into an interoperable whole, are the benefits being touted realistic?