Editorial: Online records a proper prescription for UPMC patients

| More

By Staff Editorial

published: Thu, 4 Mar, 2010

Medical record storage these days is hardly cutting edge: information sits stuffed on shelves or in cabinets in myriad alphabetized, manila folders. It’s time for an upgrade.

The University of Pittsburgh Medical Center recently began a process that will allow patients to view parts of their medical records online, according to the Pittsburgh Tribune-Review. The hospital is working with Google Health to accomplish this.

Online medical records could allow for the rapid, efficient exchange of information between doctor and patient. For example, records can quickly be updated and kept uniform should a patient visit multiple doctors. A patient could easily check test results and cut down on unnecessary calls. Should a patient have an inconsistency or possibly dangerous pairing of medication, online records could provide quick notification.

Such an organizational revamp is important for a large medical institute like UPMC. But online medical records have been around for a few years, and they’ve caused potential privacy concerns among those opposed. While often associated with financial business, online hacking and spying is a concern whenever private information is saved online. Aside from snooping on private data, hackers could try to pilfer money from patients by sending fake bills after examining their records.

The dangers are a possibility, but the impending benefit online records would bring to patient-doctor interaction is substantial. Dr. Bill Fera, vice president of medical technology at UPMC, said that information is secured through encrypted lines similar to how financial information at credit card companies is secured. As UPMC works with Google Health, part of the security also lies in Google’s hands — and Google isn’t exactly a small, new or disreputable company either. Fera said security breaches are more common should a computer with medical information be stolen, and that he hasn’t heard of any problems with hacking involving online medical records.

As it stands, health care employees could compromise medical information lying in folders. William Straw, a California family physician implemented online records through Google Health back in 2008 and told USA Today he considered them more secure.

“Electronic medical records are probably more secure than the paper record we used to have, which could be sitting around ... With our records we can trace who had access,” Straw told the paper.

Organizing and synchronizing records would be much easier if done digitally. The health care industry can be notoriously slow — from long stalls in waiting rooms to giving your doctor just a minute to put on his glasses and sift through pages of your records. The industry needs every break it can get as far as expediting its processes. In this case, making a process more efficient would likely actually decrease misreading and other errors on the part of doctors.

For an industry always on the cusp of technology in the operating room, office operations should also be brought up to speed.
 

Comments

by Anonymous (not verified) | Fri, 03/26/2010 - 2:42am

Just a few comments on quotes

Just a few comments on quotes from this article.

"Dr. Bill Fera, vice president of medical technology at UPMC, said that information is secured through encrypted lines similar to how financial information at credit card companies is secured."
--I shouldn't be concerned then because no one has ever compromised the credit card system right? Oh wait....
--Hackers aren't dumb. They won't try to decrypt encrypted information in transit. It is much easier to just trick a doctor into providing the hacker their login credentials or infect the doctor's home computer via malware with keystroke logging software that retrieves the doctor's login information as they remote into the hospital to work from home. Especially fruitful for a hacker attacking an organization such as UPMC whose IT password policy doesn't require users to ever change their password. So once the hacker has the password, they likely have the doctors/employee's login for the life of that person's employment with UPMC.

"As UPMC works with Google Health, part of the security also lies in Google’s hands — and Google isn’t exactly a small, new or disreputable company either."
--Google isn't exactly blemish free in regards to security. Google keywords: Google hacked

"“Electronic medical records are probably more secure than the paper record we used to have, which could be sitting around ... With our records we can trace who had access,” Straw told the paper."
-- When the paper record is sitting on the doctor's desk, a Russian hacker thousands of miles away doesn't have the opportunity to gain access to it. With online records he and every other person on the internet has an opportunity to hack the system and access it. Thus, the attack surface is much larger with a online record than a paper record and therefore less secure. --Hackers bypass tracing systems, that is why they are called hackers.

Interesting editorial, but I think the security issue could have been expanded upon.


Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.

More information about formatting options


CAPTCHA
Are you human? (we've been getting a lot of spam lately...)
Image CAPTCHA
Enter the characters (without spaces) shown in the image.

Right Sidebar

MULTIMEDIA

Pittsburgh Pride Week

By Jamie Martina / Staff Photographer

published: Mon, 21 Jun, 2010

 Pittsburgh's Pride March was held in Lawrenceville on June 13. The parade was the end of a week-long celebration for Pride Week. 


Cloudy with a chance of...

By John Manganaro / Assistant News Editor

published: Wed, 16 Jun, 2010

 About 100 Pittsburghers gathered for the second Cinema in the Parks. Little did they know that the characters on screen wouldn't be the only ones running for dry ground. 





Centennial Celebration