Challenges Faced By EMR: Privacy, Data Protection, And Access To Information

Advantages of EMR

Electronic medical record (EMR) is the process by which the medical history of patients are stored electronically and maintained by provider of EMR. It consists of patient’s past history, medical issues, vital signs for the issues, immunization history, reports of radiology and laboratory data (Pearce & Bainbridge, 2014). The relationship between clinicians and patient is strengthened by using this technology. The providers are able to take better decisions.

The benefits of electronic medical records can be divided into organizational, social and clinical outcomes. As clinical outcomes, EMR is advantageous for building a strong relationship between clinicians and patients (Coorevits et al., 2013). Medical error is reduced while improving clarity and accuracy of medical records by giving clinical reminders and alerts.  Previously patient medical records was made manually whose error rates were extremely high. Electronic health records eliminated the use of manual records thereby reducing error rated (Shoenbill et al., 2013). The quality of care provided to patients is improved. Organizational outcomes include improvement in operational and management performances and societal outcomes consist of conducting further research.

Challenges that are faced by electronic medical records are regarding safety, privacy and security of medical data. Tools that are used for creating digital records are digital imaging, internet and telemedicine (Moja et al., 2014). They are vulnerable to attack thereby, facing confidentiality issues. Sensitivity of health records has led to several challenges. The digital environment allows remote access to records that makes EMRs vulnerable to attacks.

Electronic Health Records have gained a lot of importance presently with the advancement of technology. However, it has triggered privacy issues. Unauthorized individuals are accessing electronic medical records that consist of patient’s health conditions and other personal information (Gajanayake, Iannella & Sahama, 2014). Confidentiality and privacy of medical records are being compromised due to security lapses. Patients have the right to choose with whom to share his/her personal data. However, security attacks to managing institution’s cloud databases might hamper confidentiality of records. Data theft is also a security issue that is being faced by EMR (Shoenbill et al., 2013). Hospitals and other such institutions store medical history of patients in its databases. If this data were lost due to theft, institutions would face huge loss of money.

As a solution to the above described issues, several bodies have laid down standards and laws for electronic health records. One such standard set is HIPAA (Coorevits et al., 2013). According to these standards, regulatory requirements should be met before the use of electronic medical records.

Health records of patients maintained by hospitals and other such institutions facilitate decision-making and effective planning. It also eliminates use of human memory for this purpose that speeds up decision making processes (Shivade et al., 2013). The future existence of hospitals are planned by reviewing these records. Therefore, data protection is important to carry out operations in the hospitals smoothly.

Patients have the right to choose with whom his/her medical record should be shared with. He/she might not be comfortable in sharing his/her medical condition with everyone. Especially when the patients face communicable disease like AIDS and other they feel shy to share their health condition with others (Patil & Seshadri, 2014). If unauthorized access of data takes place confidentiality and privacy of data is lost. Medical conditions of the patients will become visible to all (Coorevits et al., 2013). Patients will no more get privacy to his/her personal medical data. Therefore, privacy of EMR is necessary to maintain confidentiality of medical records.

Challenges faced by EMR

Access to medical records should be limited to ensure privacy and confidentiality. Remote access to information should be limited. The doctors under whom the patient is diagnosed should have control over patient’s medical records (Shoenbillet al., 2013). If the patient is admitted in the hospital then management of the hospital, doctor under whom the patient is admitted and nurses taking care of the patient should have access to health records (Coorevits et al., 2013). The management will have to access health records in order to take effective decisions. Doctors require health records to diagnose patients properly and nurses to take proper care of them.

The issues can be managed by following few set of standards laid down by various organizations like World Health Organization and so on. Technological compliance solutions is another way of managing privacy issues related to electronic medical records (Shoenbill et al., 2013). Data encryption is one such technological compliance solution, where access to medical records are limited by controlling Internet Transfer Protocol (Fildes et al., 2015). Data encryption will hide actual information in a series of code. Therefore, in case of an attack, unknown access will not be able to gain access to original data. Protocols help in guiding transfer functions of data (Raghupathi & Raghupathi, 2014). Patient’s medical history is shared with a number of individuals in the hospital. Therefore, Internet Transfer Protocols checks access identity every time a file is transferred thus maintaining confidentiality and privacy of data.

People have the ability to manage health records. The complexity of health information system and other care settings have demanded for additional skills, information and supportive relationship for meeting health needs.

Health professionals to properly diagnose patients use the additional information and past medical history of them. Past medical history (if any), help health professionals in knowing about the medicines taken by patients in the past and their health condition (Shoenbill, Fost, Tachinardi & Mendonca, 2013). The health information of patients are streamlined by the both private and public institutions by using the Internet and other technologies (Pearce & Bainbridge, 2014). This results in an even greater need for health professionals to develop additional skills in the understanding and use of consumer health information.

The privacy rights of Australia are regulated by State legislation and Commonwealth. Health information in Australia is treated as personal information that require more rules and protection. According to the rules, sensitive information can be used and permitted for disclosure for further research if such situation rises. The two Australian Acts that governs privacy of information are Privacy Act, 1988 (Jensen, Jensen & Brunak, 2012). Recently, Privacy Amendment has amended the Act as Enhancing Privacy Protection Act, 2012. The Australian Parliament passed the Act on 29 November 2012.

The ethical challenges that are being faced by EMR are regarding sharing of medical records with others. The other ethical challenges that are faced by EMRs include security breaches, data theft and data inaccuracies (Appari, Eric Johnson & Anthony, 2013). These situations arises due to security attacks on cloud databases of hospitals and other such management institutions. They lead to loss of huge amount of money.

Privacy and Data Protection

The legal issues that are being faced by electronic health records are complying with the regulatory Acts that are laid down by the parliament. Some security breaches with health records occur that cannot be regulated by the stated Acts.

The recommendations for improving data protection and privacy of e-health are:

1. Sharing patient data only with those who are involved in diagnosis and care.
2. Health professionals should decide with whom to share the records.
3. Unauthorized access to cloud databases should be eliminated by the using strong security cloud servers.
4. Monitoring of medical record should be done regularly (Rind et al., 2013).
5. Remote access to medical records should be allowed only to trusted health professionals.
6. Data encryption technologies should be adopted by health institutions to keep information protected.  

Conclusion:

From the above discussions, it can be concluded that electronic medical records is a new process that is being used by clinics and hospitals to keep a track of patient medical history. EMR has the advantage of eliminating manual records of patient data thereby minimizing medical errors and improving relationship between clinicians and patients. The quality of care is also improved. The health information of patients are streamlined by the both private and public institutions by using the Internet and other technologies. However, some challenges regarding security and privacy is faced by EMR. The access to medical records should be limited to ensure privacy and confidentiality of data. The complexity of health information system and other care settings have demanded for additional skills, information and supportive relationship for meeting health needs. Several standards and Acts guide the process of medical record. The two Australian Acts that governs privacy of information are Privacy Act, 1988. Recently, Privacy Amendment has amended the Act as Enhancing Privacy Protection Act, 2012. It also face various ethical and legal issues. However, the security issues can be eliminated by monitoring databases regularly, sharing sensitive patient data with trusted individuals and stopping unauthorized access by use of strong security servers.

References:

Appari, A., Eric Johnson, M., & Anthony, D. L. (2013). Meaningful use of electronic health record systems and process quality of care: evidence from a panel data analysis of US acute?care hospitals. Health services research, 48(2pt1), 354-375.

Coorevits, P., Sundgren, M., Klein, G. O., Bahr, A., Claerhout, B., Daniel, C., … & De Moor, G. (2013). Electronic health records: new opportunities for clinical research. Journal of internal medicine, 274(6), 547-560.

Fildes, A., Charlton, J., Rudisill, C., Littlejohns, P., Prevost, A. T., & Gulliford, M. C. (2015). Probability of an obese person attaining normal body weight: cohort study using electronic health records. American Journal of Public Health, 105(9), e54-e59.

Gajanayake, R., Iannella, R., & Sahama, T. (2014). Privacy oriented access control for electronic health records. electronic Journal of Health Informatics, 8(2), 15.

Jensen, P. B., Jensen, L. J., & Brunak, S. (2012). Mining electronic health records: towards better research applications and clinical care. Nature Reviews Genetics, 13(6), 395.

Moja, L., Kwag, K. H., Lytras, T., Bertizzolo, L., Brandt, L., Pecoraro, V., … & Iorio, A. (2014). Effectiveness of computerized decision support systems linked to electronic health records: a systematic review and meta-analysis. American journal of public health, 104(12), e12-e22.

Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare. In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765). IEEE.

Pearce, C., & Bainbridge, M. (2014). A personally controlled electronic health record for Australia. Journal of the American Medical Informatics Association, 21(4), 707-713.

Raghupathi, W., & Raghupathi, V. (2014). Big data analytics in healthcare: promise and potential. Health information science and systems, 2(1), 3.

Rind, A., Wang, T. D., Aigner, W., Miksch, S., Wongsuphasawat, K., Plaisant, C., & Shneiderman, B. (2013). Interactive information visualization to explore and query electronic health records. Foundations and Trends® in Human–Computer Interaction, 5(3), 207-298.

Shivade, C., Raghavan, P., Fosler-Lussier, E., Embi, P. J., Elhadad, N., Johnson, S. B., & Lai, A. M. (2013). A review of approaches to identifying patient phenotype cohorts using electronic health records. Journal of the American Medical Informatics Association, 21(2), 221-230.

Shoenbill, K., Fost, N., Tachinardi, U., & Mendonca, E. A. (2013). Genetic data and electronic health records: a discussion of ethical, logistical and technological considerations. Journal of the American Medical Informatics Association, 21(1), 171-180.