Electronic Health Records as a Threat to Privacy

Article excerpt

Introduction

Governments across Canada are investing millions of dollars into the creation of electronic health records systems. While these systems offer great promise of improving the nation's health care system, they also pose considerable risks to individual privacy.

In this brief paper I hope to do two things. First, I hope to foster a clearer understanding of the risks. The risks are often misrepresented or misunderstood because of some prevalent misconceptions about the nature of the proposed electronic systems. For that reason, some explanation of the systems is needed. I use Alberta's Electronic Health Record as an exemplar. Once the nature of the risk is delineated, I sketch some of the steps which I believe are necessary for dealing with them.

Alberta's Electronic Health Record--Wrestling with Misconceptions

Discussion of a provincial or national electronic health record (EHR) often conjures up the image of a massive new database created by the government and containing a lifetime of one's health information. This picture is undoubtedly fostered by the loose descriptions which are so often offered by proponents of such systems. But it is mistaken on at least two significant counts.

In the first place, there is no new warehouse of information. Rather, the Alberta's EHR is an electronic network that links the patient records which are collected and maintained by health professionals and by regional health authorities. The EHR provides a portal through which this information can flow from one care provider to another. Pharmacist Kumar, who operates a community pharmacy, can use his computer to obtain information about a patient from Dr. Lee's record. A crucial point to emphasize is that professional responsibility is maintained by those who have traditionally had responsibility for the collection, use and disclosure of health information. I will return to this point below.

A second common misconception is that all information collected by any health professional will be made available through the data exchange system. This need not be the case, and at the present time it is not the case. For instance, the information which is currently available through the Alberta Electronic Health Record is merely a subset of the information which is available within Capital Health's netCARE. (1) And the information which is available through netCARE is itself just a subset of information which physicians and clinics in the region maintain within their own records. Simply stated, much of the health information collected in a variety of settings is not available through current electronic health records.

Security and Electronic Health Records

The creation of a network linking databases full of health information, information which most people find to be among the most sensitive, creates some new risks. Hackers may invade the system and view individuals' health information or--far worse--change it. Health records may be lost through computer failures. But electronic databases loaded with important personal information are now ubiquitous, and dangers such as these threaten all of them. We have developed confidence in our ability to deal effectively with these hazards. Why should we doubt our ability to manage threats to electronic health records using the state-of-the-art technology and practices developed for other arenas of the electronic environment?

Electronic Health Records and Professional Responsibility

As noted earlier, the EHR is not a massive new record; rather, it is a portal for the transfer of patient information. Information is collected and recorded by one health care provider and flows through this network to other health care providers. In one sense, the advent of the system changes nothing. Health care providers--be they individual professionals or large regional authorities--maintain responsibility for their patients' health information. …