Electronic Medical Records and Information Security

https://www.fortinet.com/blog/industry-trends/recent-healthcare-regulations-and-guidelines-providers-should-be.html

Electronic medical records have changed how the healthcare industry operates. Previously paper records were used but the use of EMR has almost eradicated the use of paper records. This new technology is being implemented across the country.

Background of EMR

Electronic medical records are a way to store patients’ medical information electronically rather than how they were previously stored physically. The first system was created by the Regenstrief Institute. In 2009, the United States passed the American Recovery and Reinvestment Act which allocated nineteen billion to be used for information technology in the health care field (Sibona 2011).

https://blog.radware.com/wp-content/uploads/2019/07/healthcare.jpg

Benefits

EMR has created a new world of how health records are kept, recorded, and shared. It has made documenting in a patient’s chart easier. It has allowed a care team to document their time with the patient, allowing other health providers to view what has been done for the patient. This new health care technology has caused the time of patients’ stay to decrease because there is less time spent on communicating between the care team. Patient satisfaction has been shown to increase with EMR and its relation to reducing time in the emergency room (Sibona 2011). The Congressional Budget Offices explained that the area of health information technology has the ability to increase efficiency and improve quality of health care services (Sibona 2011).

https://www.cio.com/article/3509462/healthcare-s-digital-transformation-5-predictions-for-2020.html

Legal and Ethical Issues

HIPAA stands for the health insurance portability and accountability act. Under HIPAA are the regulations on electronic medical records. The “security rule” within HIPAA has three sections. The first section is what involves the prevention of data breaches. There have been concerns about data breaches with EMR. This is a justifiable concern as there have been instances of patients’ data and personal health information being stolen. The second section focuses on the “physical security” such as things like locks, cameras, and having areas for restricted access (Brooks 2015). This can prevent the physical stealing of information such as stealing a physician’s laptop. The final section is aimed at administrative rules for employees. This is a major concern for hospitals and health care facilities. There have been many instances of employees sharing photos of patients’ or their personal information.

Security Concerns

Data breaches are a reasonable thing to be concerned over with 390 of the 2,250 breaches still under investigation. One reason that data breaches are such a concern is because employees are behind 58% of recent breaches (Chernyshev 2019). Data breaches are so troubling is because they involve private and personal information that hospitals and healthcare facilities are responsible for protecting. There can be large data breaches involving hacking into the entirety of the facilities’ system or simpler security breaches such as a physician’s computer being stolen. This information getting leaked is an issue with HIPAA and organizations must take appropriate security measures to prevent any form of healthcare records being intercepted.

Future Use and Improvements

There have been proposals to improve EMR such as increased security technologically as well as continuing education for employees. There are to areas of improvement, the first being the EMR system needs to have continued security updates and surveillance. However, there is also a responsibility on the hospitals and facilities to provide ongoing education for HIPAA practices. There should be more ethical guidelines as well as having proper protocols for documentation (Richards 2009). When implementing EMR systems there can be resistance as you are interfering with work patterns that employees have put into place (Skolnik 2011). To improve EMR’s use in the future there needs to be a better system for introducing the systems to staff. If EMR systems are adequately explained and the staff is comfortable with it there will not be such a resistance to the change.