The advent of technology has had an impact on almost every facet of our lives. Today, thanks to technology, the maintenance of patient records is becoming increasingly easy and efficient. In this text, I will concern myself with electronic health records (EHR). In so doing, I will amongst other things take into consideration the effect of EHRs on health care and the implications of adopting this technology from a privacy and security perspective. Further, I will highlight HIPAA privacy and security rules and how they relate to EHRs.
Electronic Health Records (EHRs): An Overview
Electronic health record according to Kirch (2008) "describes a longitudinal (lifetime) record of a patient's health and health care." However, a more comprehensive definition of EHR has three key components. According to the Institute of Medicine - IOM (as cited in Niles, 2010), these components are "the collection of longitudinal data on a person's health, immediate electronic access to this information, establishment of a system that provides decision support to ensure the quality, safety, and efficiency of patient care." In that regard, EHRs significantly differ from paper-based records. In the opinion of Kirch (2008), the various needs of modern medicine have necessitated the adoption of EHRs in place of the more traditional paper-based approaches. In contrast to the paper-based approaches, the functionality of EHRs is much greater. For instance, multimedia information can easily be integrated into the EHR system. This makes it possible to have radiology images amongst other things as part of patient records. The other range of data which may be captured in EHRs include a patient's personal statistics such as weight and age, test results from the laboratory, known allergies, medical history, etc.
The Impact of EHR on Health Care
The relevance of new technology in health care cannot be overstated especially when it comes to the enhancement of both quality and efficiency. Apart from EHRs, technology is also being actively utilized in many other health care settings including but not limited to performance of invasive cardiac procedures, magnetic resonance imaging etc. Some of the key benefits of EHRs are rather obvious.
One of the key benefits of EHRs has got to do with availability. As Kirch (2008) points out, as opposed to its paper-based counterpart, EHRs are available at all times. In the author's opinion, EHRs make it possible to retrieve information and transfer the same miles away. Thus health care providers can now access patient information from remote locations. With paper-based approaches, records are usually kept in one location. It thus becomes difficult for personnel in other centers or in remote locations to access the same. Although paper-based records allow for the duplication of copies so as to have multiple copies in several locations, storage considerations makes this approach impractical. Further, it is impossible to keep such copies updated at all times. In addition to enhancing the availability of health records, especially to those who are not in proximity to the hard copies of the same, EHRs also ensure that such records are available in an updated format.
Further, storage considerations also make EHRs more practical, convenient and realistic than the paper-based approach. As Kirch (2008) points out, EHRs do not consume a lot of space. Today, virtual storage of information based on cloud computing has freed the much needed physical space which can instead be utilized for other functions. Given that the records in the case of EHRs are not paper-based, which would otherwise make them subject to tear and wear, they can be stored for much longer. Physical records may also be lost to fires and natural disasters such as floods. This necessitates the need to back up such records. Given their non-physical nature and vast storage potential, EHRs ease the backing up of such records.
Yet another key benefit of EHRs has got to do with enhanced security. In the words of Kirch (2008), security is enhanced in this case largely because "access is limited to authorized and authenticated users, and can also be restricted to just one portion of the record that is important for the user." For instance, the information available to the registration personnel in this case can be limited to the patient's demographic data only. This effectively conceals the patient's entire health report from those who are not authorized to view it. With EHRs, it is also possible to track access to patient records through an examination of logs. In such a scenario, it becomes relatively easy to discern any instance of privacy violation.
Further, studies have in the past pointed out that EHRs enhance the accuracy of records. This according to Niles (2010) is more so the case given that when it comes to EHRs, the need to replicate data is significantly reduced. Further, EHRs make records more readable. It is important to note that people's handwritings differ significantly. This effectively means that some notes entered into a patient's records by one individual could be illegible to another. This could occasion errors resulting to adverse clinical consequences. As Iyer, Levin and Shea (2006) note, computerizing record keeping allows for the creation of records that are legible. This in the authors' opinion keeps readers from having to guess what some writings actually mean.
Although EHRs have some key benefits over the traditional paper-based systems, this technology also has its downsides. Most of the issues raised in this case have got to do with both the security as well as privacy implications of developing and implementing Electronic Health Records. Although EHRs have got their strong points when it comes to the enhancement of health records security, they are not fool proof. According to Iyer, Levin and Shea (2006), it is possible for dedicated hackers to gain access to volumes of EHRs. This in the authors' opinion could expose potentially embarrassing patient details. Such information can be used by individuals with ulterior motives in a number of ways. For instance, leaked details about an individual's sexual orientation, HIV status, mental illness, etc. could according to Iyer, Levin and Shea (2006) be used to blackmail the unlucky victim. Further, it is also important to note that the leakage of such information can wreck the careers of some individuals or even bring down families (Iyer, Levin and Shea, 2006).
Apart from security and privacy, there are other considerations as well when it comes to the development and implementation of EHRs. Kirch (2008) points out that the start-up costs in this case could be significant. This according to the author is more so the case when it comes to the cost of software and hardware. In the words of Iyer, Levin and Shea (2006), "hardware, software, and training costs can range from $3 million to $10 million per hospital." It is also important to note that the cost of training personnel charged with the operation as well as maintenance of the system could end up being too high. In some scenarios, facilities may also be forced to hire additional specialized staff for purposes of system maintenance (Kirch, 2008). There is also the issue of resistance to change. People resist change for a myriad of reasons including but not limited to fear of the unknown, misplaced views regarding the subject matter as well as attachment to the old ways of doing things. Indeed, as Iyer, Levin and Shea (2006) point out, "physician and nursing resistance to the use of computers is a factor that complicates the introduction of computers in a healthcare setting." It is possible that the introduction of EHRs might be met with stiff resistance from the health care personnel. Failure to effectively address such resistance could lead to sabotage.
HIPAA Privacy and Security Rules and how they relate to EHRs
In the opinion of the U.S. Department of Health and Human Services (as cited…