nevillefm wrote on Thursday, March 10, 2011:
(from Medscape - Business of Medicine) http://www.medscape.com/viewarticle/738169?src=mp&spon=21
March 1, 2011 (Orlando, Florida) — Editor’s note: Protecting the privacy of patients in healthcare settings is a challenge, especially as the use of electronic health records becomes more widespread. But unless privacy concerns are addressed with reasoned and efficient approaches, the result can seriously compromise patient outcomes.
Those challenges, and strategies for dealing with them, were the focus of an educational session presented here at HIMSS 11: Healthcare Information and Management Systems Society 2011 Annual Conference and Exhibition.
The presentation — Protecting Privacy Without Harming Patients — was delivered by Eric Liederman, MD, MPH, director of medical informatics for Kaiser Permanente HealthConnect, in Sacramento, California, and associate clinical professor of internal medicine at the University of California, Davis.
Medscape Medical News spoke with Dr. Liederman about ways healthcare providers can protect patient privacy while maintaining optimal care.
Medscape: What do you see as the primary benefits of electronic over paper medical records when it comes to protecting patient privacy?
Dr. Liederman: Access of paper charts can’t be monitored. With electronic health records, any access to a patient’s data is recorded. The audit trail deters violations and holds violators accountable. Consistent proactive surveillance of electronic health record activity, along with investigation of issues that are discovered, powerfully deters violations of patient privacy. Those sorts of surveillance and investigations serve as periodic reminders to staff members of why they shouldn’t give in to temporary temptations.
Medscape: What are the main strategies to safeguard the privacy of electronic records?
Dr. Liederman: There are 2 main approaches to safeguarding patient privacy — access restriction and accountability.
With access restriction, there are tight restrictions on who can access the medical record; this can reduce the scope of breaches. But that can also risk patient harm if a medical professional can’t access the record or if it takes longer to access the record because of restrictions.
The accountability approach broadens access rights to enable high-quality care. Patient privacy is protected by an audit trail, surveillance, and investigation of any complaints. The key to privacy protection is to deter people from giving in to short-term temptations by making it clear that they are likely to be caught and that the consequences to their job and career are likely to be severe.
There are many benefits to the accountability approach, including deterred temptation; removal of barriers to people doing their jobs, especially clinicians caring for sick patients; and avoidance of proliferation of security profiles, roles — both of which reduce confusion and increase consistency.
Medscape: You made it clear in your presentation that “proactive forensic mining of audit data” is the key to maintaining privacy. What does that mean and why is it important?
Dr. Liederman: Proactive forensic mining of data refers to the practice of creating reports with high specificity that can identify possible violations. Some examples include high-profile patients, unexpected pairs (such as pediatric staff members searching for information on adult patients), or family members or coworkers. This type of surveillance ensures accountability and deters violations.
Medscape: You also talked about the advantages of targeted security reports. What are those advantages?
Dr. Liederman: High-specificity reports (i.e., reports with few false positives) allow us to make the best use of scarce investigatory resources and to avoid unnecessarily bothering people with investigations when their accesses were legitimate.
Medscape: What is meant by a “break the glass” alert, and how can such measures act as a deterrent to snooping?
Dr. Liederman: Break the glass alerts create a pause in access to a medical record, allowing the user to either enter the chart (after declaring a reason and re-entering their password) or to gracefully back out by hitting cancel.
In most cases, people tempted to snoop in a medical record know it is wrong; this forces them to construct a rationalization to convince themselves to do so. Being forced to declare why they are entering the chart acts as a deterrent by more or less exploding the rationalization. The few people who know that what they are doing is wrong — and don’t care — don’t want to implicate themselves by declaring a false reason. Either way, they help deter privacy violations.
Medscape: What are the overall advantages of instituting these types of strategies?
The advantages are the prevention of privacy violations; the retention of highly trained, skilled people who are deterred from career-ending actions; and the ability to provide whatever care is needed to whomever needs it, wherever they need it, and by whomever is the best person to provide it.
Medscape: What are the take-home points from your presentation?
Dr. Liederman: Privacy protections must not increase risk of harm to patients. Proactive forensic audit data mining and judicious use of alerts can be highly effective at reducing the risk of privacy violations without getting in the way of the delivery of medical care.