Safety Is Key to Use of Electronic Health Records
Careful use and an abundance of caution have to follow the adoption of electronic health records by psychiatrists.
Electronic health records (EHRs) have many real or potential advantages, but those need to be balanced against equally real and potential opportunities for breaches of privacy, confidentiality, and security, said speakers at the APA Institute on Psychiatric Services in Philadelphia in October.
Adoption of electronic health records is inevitable, but needs to be mixed with caution, says Col. Daniel Balog, an Air Force psychiatrist.
Ellen Dallager
Done right, EHRs could help physicians coordinate a patient’s care, reduce prescribing errors and drug interactions, and speed administrative tasks and claims processing, said U.S. Air Force Col. Daniel Balog, an assistant professor of psychiatry at the Uniformed Services University of the Health Sciences in Bethesda, Md.
EHRs could also help patients fill out forms, answer screening protocols such as the PHQ-9, and monitor their health information.
Special issues arise for psychiatrists, Balog noted. On which servers will psychotherapy notes reside, and who will be authorized to access them? How will patients’ concerns about EHR vulnerabilities affect their sense of trust and influence how psychiatrists record diagnostic details?
“Privacy is the patient’s right,” said Zebulon Taintor, M.D., a psychiatrist in private practice in New York. “Confidentiality is what the doctor does to keep the patient’s information between doctor and patient. Security is what others do.”
And security is the most problematic area for Taintor. Outsiders, he maintained, want to break into EHRs for three reasons: to steal money, identity, and patient data.
To get money, thieves go after credit-card information and bank-account numbers.
Others look for insurance identification numbers. A stolen Medicare card is worth $100 these days, he said. Identity theft can cause the patient to lose insurance coverage, be asked to pay for health care someone else received, or have their credit rating downgraded.
Less often, adverse medical data about a patient may fuel custody battles, employment background checks, or landlord-tenant feuds, he said.
“Technology is getting ahead of protection, and theft gets easier as data are connected in a chain,” said Taintor. “When doctors connect with a hospital system, for instance, it puts all their data at risk.”
The clinical process may also be affected if a patient fears security breaches. Patients may not disclose previous diagnoses such as cancer, mental illness, or sexually transmitted diseases, for example, worried that such medical information could eventually harm them.
Protecting medical information calls for action by patients, physicians, and organizations, said Taintor.
“Patients should look carefully at their Explanation of Benefits for services they did not receive and should protect their health insurance ID cards,” he stated. “If security is breached, they should notify doctors, insurers, hospitals, the police, and the Federal Trade Commission and then check their credit reports.”
Physicians’ offices must institute good computer security practices, such as cancelling passwords once an employee leaves the job, he pointed out. “Think as if you are an organization.”
That’s what Taintor does. When he works with an actual organization, he follows all its health information policies and procedures. In his private practice, he files patient data in a computer that is never connected to the Internet. He uses different passwords when possible and turns off all computers when not in direct use.
And perhaps the field missed another alternative, he said. At a panel on EHRs at the APA annual meeting in 2012, Taintor asked who in the audience would prefer adopting an old tried-and-true system for ensuring medical-record security like that used by the Department of Veterans Affairs. Everyone in the room applauded. ■
Information from APA about electronic health records is posted at http://www.psychiatry.org/practice/managing-a-practice/electronic-health-records.
Information & Authors
Information
Published In
History
Published online: 6 December 2013
Published in print: November 16, 2013 – December 6, 2013
Keywords
Authors
Metrics & Citations
Metrics
Citations
Export Citations
If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.
For more information or tips please see 'Downloading to a citation manager' in the Help menu.
There are no citations for this item
View Options
View options
Get Access
Login options
Already a subscriber? Access your subscription through your login credentials or your institution for full access to this article.
Personal login Institutional Login Open Athens loginNot a subscriber?
PsychiatryOnline subscription options offer access to the DSM-5-TR® library, books, journals, CME, and patient resources. This all-in-one virtual library provides psychiatrists and mental health professionals with key resources for diagnosis, treatment, research, and professional development.
Need more help? PsychiatryOnline Customer Service may be reached by emailing [email protected] or by calling 800-368-5777 (in the U.S.) or 703-907-7322 (outside the U.S.).