That has providers walking a fine line between securing patient data and keeping up with the trends.
Experts say that struggle is especially real when it comes to electronic medical records, or EMRs, which make up the most commonly used technology across all specialties in the health care industry. Todd Brower, a health care attorney at McCarter & English, said “technology is advancing so fast … ahead of safeguards,” but noted it was “astounding” how few providers use encryption tools for their records.
Scott Christie, one of Brower’s colleagues at the Newark-based law firm, said the explanation is twofold.
“I think it’s a lack of thought and, secondly, a lack of tech savviness,” said Christie, an attorney with McCarter & English’s cybersecurity and data privacy group. “Many of the programs these days have the feature where you can easily, by default, encrypt stuff. But there is some concern that if we encrypt it, what if we are not able to decrypt it in time?”
Yet the same problem that exists with electronic records is the one that has long existed with paper documents: human error.
Cybersecurity breaches occur when an individual accidentally opens an email attachment or clicks on a malicious link.
So does the fear of a cybersecurity breach outweigh the benefits of using technology in a very personal industry?
“There are new associated risks with technology, but it’s less scary than when everything was completely manual,” said Joe Carr, chief information officer for the New Jersey Hospital Association.
When a record was manually retrieved, there was no way to track its every move — including who has seen or made a copy of it. Now, one can track each file and every individual accessing it, with time stamps, and know every time it is copied or shared.
“A piece of paper cannot tell you who looked at it, and it cannot regenerate if you pour gas and throw a match on it,” Carr said.
But with the online push comes the battle of software, as proprietary technology has restricted various health systems from easily sharing files and patient data.
The federal government is working to address this issue with the Precision Medicine Initiative. The White House has recently discussed making health data more portable and ensuring patients can easily access and share their own health data.
That dovetails with the business model of companies established in recent years such as Health Gorilla, a 4-year-old startup whose platform links doctors and clinicians with thousands of diagnostic labs and radiology centers around the country.
And it has helped providers such as Nayla Mumneh of the Allergy Treatment Center of New Jersey, who has used Health Gorilla since 2013.
“(Electronic medical record) companies have made it their job to not have easy communication. They have been working against health care reform when the aim is to help coordinate care,” Mumneh said.
But records are just the first step, as technology sought by hospitals and health care services of the future are increasingly the stuff of sci-fi movies.
Ambulances can connect in real time with a hospital to determine the severity of a patient before he or she ever reaches the emergency room, Brower said.
Patients can be monitored in real time by either being directly connected to technology that sends signals to the doctors.
One example of the real-time monitoring is Cherry Hill-based DocView software, which helps with the transitional care of heart failure patients. By checking in on patients frequently and with simple response options, hospitals can avoid readmissions, said CEO and President Greg Westerbeck.
But all these devices can also be vulnerable. As was revealed at this year’s Derbycon hacker conference in the United Kingdom, hackers search for medical devices like MRIs to attack.
Security researchers Scott Erven and Mark Collao revealed that at least 68,000 medical systems from a U.S. company were vulnerable, according to the BBC.
But with consumers’ love for technology and the health care industry’s increasing dependence on it, the security measures, safety and quality metrics, and laws governing its use need to catch up.
“I think part of it is also going to be insurance company reimbursement, you know, because you can plan the sci-fi hospital of the future, but if you are not going to get reimbursed for this whiz-bang equipment, what good is it?” said Christie. “I think it’s going to be a progression, and it will not be as quick as some people might like. …
“The financial side has to be considered as well.”
E-mail to: [email protected]
On Twitter: @anjkhem