Interesting People mailing list archives
Re: More Regarding the Online Medical Records Trap
From: David Farber <dfarber () cs cmu edu>
Date: Fri, 5 Oct 2007 20:18:41 -0400
Begin forwarded message: From: "Ed Biebel" <edward () biebel net> Date: October 5, 2007 6:49:24 PM EDT To: lauren () vortex com Cc: ip () v2 listbox com, dave () farber net Subject: Re: [IP] More Regarding the Online Medical Records Trap Lauren, I certainly agree with you about the danger of a centralized records database. Being gay, I have a heightened sense of concern because of the many stories that I've become aware of over the years where medical records were used to discriminate against LGBT folks. Being an emergency provider though, I do see some value in being able to access *some* patient medical information in the event of a person being unconscious. What I think most laypeople don't understand is there is a decidely small set of information that is valuable to emergency personnel and ER staff in the event of an acute illness. Emergency reponders are looking for information of three key types: 1. Information that will allow us to quickly identify a chronic problem that a person may be experiencing. These are conditions that might cause a person to wear a "medic-alert" bracelet. 2. Information that will affect emergent treatment decisions. This includes things like "I'm allergic to x medication" or "I have a pacemaker." 3. Emergency contacts or next-of-kin information. In addition, it would be "nice to know" things like a quick summary of medical history -- patient has emphysema, high blood pressure, cardiac problems -- and what medications a patient takes in order to assess how serious a condition is. (In fact meds are probably more valuable than anything because they give a reliable indicator of what a physician was trying to treat unlike verbal histories from patients which are often unclear because the patient doesn't understand their medical problems.) These things are nice to know but not essential to know. Beyond that, any other medical history is not really useful because a). You are so sick that regardless of your history, you are going to get a specific treatment because it is literally a "do or die" situation or b). you are stable enough that the ER will run diagnostic tests before treatment to confirm their diagnosis and course of action. With that in mind, it may be worthwhile to carve out a *very small* portion of information that would be useful in situations where the patient was "in extremis" and encrypt everything else. However, the information needed in those cases is minimal and is not a valid argument to providing open access to a patient's entire medical record. Ed On 10/5/07, David Farber <dfarber () cs cmu edu> wrote:
Begin forwarded message: From: Lauren Weinstein <lauren () vortex com> Date: October 5, 2007 11:58:56 AM EDT To: dave () farber net Cc: lauren () vortex com Subject: More Regarding the Online Medical Records Trap More Regarding the Online Medical Records Trap http://lauren.vortex.com/archive/000307.html Greetings. In response to my discussion of "The Online Medical Records Trap" ( http://lauren.vortex.com/archive/000306.html ), I've been asked what would happen if a central medical records system were encrypted in the manner I suggested, where the service provider couldn't access the records even in the face of an outside demand (like a court order) without the user's permission, in the case of the person being incapacitated or unconscious. There are several rather simple answers to this. The most basic is that to depend on a centralized system as the only location where medical records are stored would be incredibly foolhardy. If doctors or hospitals needed access to that data, and their local computers or Internet connections were down, or if the central servers had been hacked or were having other problems (including possible connectivity issues) then patients would be S.O.L. (that is, up the creek without a paddle). It should be required that doctors and hospitals maintain local copies of patient records, ideally not only on their local computers (the same level of encryption and access control that I propose for central medical records systems would not be necessary nor desirable on these local systems), but also the records should be kept in hardcopy form as well. Yes, I said hardcopy. A hassle that devalues the computerized systems? Yep, but I want my medical records kept locally in a form that doesn't depend on computers or even electricity. I like those manila folders on the shelves, especially living in an area where earthquakes and other natural disasters (with their resulting power outages) are always a possibility. Most other areas also have their own risks of disasters or problems that could make computer-based access to patient records impossible just when they're needed most, especially if those records are centralized and communications are down. As far as access to a central system is concerned, nothing says that a user couldn't provide friends, next-of-kin, etc. with their access key, or even have it noted on whatever emergency contact information that they hopefully carry routinely. I have a slip of paper in my wallet with a few contact names and numbers for emergency use, mainly in case some idiot wipes me out making a left turn in front of me when I'm riding, but the point is that while carrying around your passwords isn't a great idea in the general case, this is one specific situation where it could make sense. I should add that it's also wise to include on your contact sheet full information about any allergies or other serious medical conditions that exist so that responders will know about them in emergencies. To depend on access to a centralized medical system for such info in these situations could be disastrous, even if none of the central data were encrypted or otherwise access controlled -- there's no guarantee that the central system would be reachable when you might need it most. So what does this all boil down to? A centralized medical records system should never be depended upon for anything other than secondary access to medical data, if that. Doctors and hospitals must be required to maintain local copies of patient data since there is no guarantee that central systems will be accessible at any given time, particularly in disaster or other emergency situations. To help prevent misuse of central medical records systems, all personal medical data on those central systems should only be accessible with the permission of the user or their designated contacts, and should be encrypted in a manner that makes other access impossible. Period. Anything short of this opens up enormous abuse potential. --Lauren-- Lauren Weinstein lauren () vortex com or lauren () pfir org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Founder, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- More Regarding the Online Medical Records Trap David Farber (Oct 05)
- <Possible follow-ups>
- Re: More Regarding the Online Medical Records Trap David Farber (Oct 05)
- Re: More Regarding the Online Medical Records Trap David Farber (Oct 10)
- Re: More Regarding the Online Medical Records Trap David Farber (Oct 10)
- Re: More Regarding the Online Medical Records Trap David Farber (Oct 10)