The move to electronic health records is in full swing for most of the medical community, but holdouts point to security issues as an argument to keep their records on paper.
The news is riddled with stories about data being compromised these days, but is paper really safer than digital when it comes to health records?
Paper vs. Processor
Stealing paper records isn’t too difficult on a small scale, but thieves would probably need a truck to steal 6,000 paper records. However, stealing a laptop that contains thousands of electronic health records is as easy as grab and go.
That’s exactly what happened last April in Boston when a laptop was stolen out of a locked vehicle with the protected health information of 6,000 patients.
EHRs do deliver greater mobility and accessibility to information, but can also increase security risks if the appropriate precautions are not taken. However, digital records can actually provide greater security if properly implemented and monitored.
EHR Security Advantages
Electronic records are not inherently safe or unsafe, but those that are properly secured according to HIPAA Security Rule best practices are much less likely to suffer a security breach.
Encryption – If EHRs are appropriately encrypted, then even if data is accessed improperly the information is unreadable. Unlike paper records that can be read by anyone, encrypted files require a specific code key to read them, rendering the data useless to thieves.
Internal Control – Anyone working in clinical practice could potentially access, view and copy protected health information without leaving a paper trail. With electronic data, who accesses any file is easily tracked.
This feature allows for the source of data breaches to be immediately located and stopped. Several cases of healthcare staff accessing files they shouldn’t have made the news, with the offending parties being disciplined accordingly. On paper, these people would still be unlawfully viewing records without repercussions.
Natural Disaster Recovery – One of the greatest advantages of digital records is the backup aspect. While paper records are susceptible to catastrophic loss due to natural disasters, fires, and thefts, remote backups protect healthcare providers from this problem.
Following Katrina, we saw the effects of physicians not having access to medical records because they were destroyed. Patients struggled to get the treatments and medicines they needed.
Web-based EHR systems utilize remote backups to allow doctors secure access to critical data from anywhere they have the Internet.
Deciding on Digital
There are basically two electronic health record methods: client-side servers and cloud-based systems. Client-side systems house patient records on site, while cloud-based systems store information off site.
Client-side servers tend to require manual backups that are then transferred and stored off-site, creating vulnerability in transport. This was illustrated last December in New York when the personal information of 1.7 million patients, hospital staff, and associated employees was stolen from an unlocked van transporting these backups.
The servers themselves are only as secure as the place they are stored. The sensitive patient data is often unencrypted in the servers, making them easy to compromise with minimal IT knowledge.
The advantage of cloud-based EHR systems is that files are not as vulnerable to theft during the transfer because they are encrypted and transmitted online, so even if hackers do get access to information it is almost impossible to decode.
The information itself is stored in high-level data security centers with multiple backups to prevent data loss. Security measures are handled by IT experts and are updated automatically for the most current security measures available.
While the fear of transferring sensitive medical information to digital documents is understandable, the benefits ultimately outweigh the risks. As technology improves to protect the data, more providers will realize the advantages of going digital.
Have you had an experience with data loss? Tell us how it happened.