Technology: Privacy and security risks of electronic medical records
Electronic medical record technology has not only increased the efficiency of recording keeping in hospitals, but also enhanced better sharing of information between relevant parties on a given medical issue (Elekwachi, 2013). Health information privacy is a crucial element in health care delivery, and absolute care should be taken to ensure individuals’ health data is safeguarded at all costs. Protecting the integrity, confidentiality, and availability of patient data is not a goal anymore, but a legal obligation (Skolnik, 2011). Despite the benefits associated with electronic medical records, concerns have been raised about the privacy and security risks and controls associated with this technology. Particularly, electronic medical records are associated with the risk of inappropriate access, record tampering, record loss, and the risk of technology becoming obsolete. To deal with these risks, it would require implementing a number of control measures such as issuing passwords to users, locking computer rooms, training staff members on how to handle records, and undertaking regular auditing of records.
There is also the risk of data loss. Errors account for a large percentage of data loss in electronic medical records. For instance, deleting information mistakenly may cause a permanent loss of information because in some cases, such information cannot be retrieved. Besides, information could also be stored in a wrong device, making it difficult to access the same when required. Software malfunctioning may make it difficult either to access or retrieve medical information from a storage device, and this occurs mostly when the software is not updated regularly (Skolnik, 2011).
Lastly, there is a risk of technology becoming obsolete. Electronic records largely rely on computing technologies, which have short lifecycles. For the period of an average medical record, numerous generational changes could have occurred in computing technologies. New technology generation means that the previous one becomes of no or little use, and its production either stops or reduces considerably. This implies that the technology on which the electronic health records systems depends would be unsustainable. Thus, it becomes necessary to adopt the new generation technology, which could lead to added costs (Skolnik, 2011).
Various control measure could eliminate or reduce the above mentioned electronic medical record security risks. Firstly, training the medical staff is necessary. Security gaps exist because medical staffs lack the know-how of handling electronic medical records. Therefore, training the staff on the same could reduce errors committed in the process of keeping or accessing electronic record (Williams & Samarth, 2011). Secondly, physical controls could be of great help. This includes installing passwords in computers, and putting locks on computer rooms to limit accessibility. Only those with passwords and keys will access the records (Kavaler, Alexander & Kavaler, 2014). Those without passwords and keys can only access the records when authorized and/ or when under supervision of the keeper of the records. Besides, the right to make changes should remain under a single specific individual, especially who is in charge of the control room. This could reduce frequent alterations of medical records by those handling those records. Lastly, auditing of medical records should be carried on a regular basis. Auditing will not only reduce cases of record alterations, but also ensure all the computers are updated with current software to reduce malfunctioning that could lead to loss of vital data (Kavaler, Alexander & Kavaler, 2014).
References
Elekwachi, A.O. (2013). Limitations to the utilization of electronic medical records by healthcare professionals: a case study of small medical practices. London: ProQuest
Gkoulalas-Divanis, A., & Loukides, G. (2012). Anonymization of electronic medical records to support clinical analysis. New York: Springer.
Kavaler, F., Alexander, R. S., & Kavaler, F. (2014). Risk management in healthcare institutions: Limiting liability and enhancing care. Burlington, MA: Jones & Bartlett Learning.
Skolnik, N. S. (2011). Electronic medical records: A practical guide for primary care. New York: Humana.
Williams, T., & Samarth, A. (2011). Electronic health records for dummies. Hoboken, N.J: Wiley