Hospitals 'struggling' to protect patient data

It's not as if no one raised this concern. But the train was leaving the station regardless.

If one overlooked (not to say, ignored) consequence of HITECH's agressive promotion of not-quite-ready-for-prime-time electronic medical records technology is now that the risk of having my medical records compromised has increased (which it surely has if almost 60% of administrators have no confidence in their security), can I, the patient, sue the government for damages when my records are lost, stolen or hacked? Probably not. So the benefits of electronic medical records flows to govt, big insurance and big medicine, but the risks, damages and costs go to the patient and the healthcare institution.

Spending $2B after the fact, "managing security breaches" does not ensure that the actual damages of these reported breaches have been rectified. That's just what it cost to try to comply with regulations. As a patient, I may never know the real cost and consequences of my medical records being breached in terms of hiring decisions (for example, "increased insurance cost for existing diabetic condition"), promotion ("father had heart condition - too much risk"), social stigma ("been to a psychiatrist twice for depression"), etc., decisions which could all be made behind closed doors and never disclosed to me. I could never recoup damages because I could never prove they happened. Notifying me that a breach occurred doesn't come close to fixing it.

In addition, a "significant number" of breaches (like maybe "most"?) are probably unreported. So the damages are actually even higher. Which certainly means that the unforeseen costs of eventually increasing security to an appropriate level are not in the already marginal ROI calculations offered by advocates of aggressive EMR adoption.

Believe it or not, I am decidedly FOR EMR adoption for a whole lot of good reasons, but the implementation so far, politically driven with a penchant for simply ignoring any downsides because the votes to do so are there, is extremely frustrating.

View the original article here

Hospitals plan to invest in new information management systems

BURLINGTON, VT – More than 40 percent of U.S. hospitals plan to invest in new health information management systems, according to a new study from healthcare technology research firm CapSite.

CapSite released Oct. 29 its 2010 U.S. Health Information Management (HIM) Study, an analysis of the U.S. HIM market in response to the Health Information Technology for Economic and Clinical Health (HITECH) component of the American Recovery and Reinvestment Act (ARRA).

CapSite executives say the study represents unique insight from more than 500 U.S. hospitals across a series of HIM areas including:

recovery audit contractor (RAC),document management,coding,record management,compliance, andcomputer-assisted coding.

"The objective of our HIM study was to provide a strategic assessment of the HIM market to better understand the business challenges and competitive landscape in terms of vendor market penetration, as well as which HIM vendors are currently top of mind with prospective buyers," said CapSite Director of Research Michael Lee. "Additionally, we wanted to assess the historical and projected purchasing activity within the HIM market.

"Our findings indicate that regulatory requirements and compliance represent the greatest HIM business challenges that U.S. hospitals are dealing with today," Lee added. "As evidence of this focus and business challenge, we found that 50 percent of U.S. hospitals have recently invested in RAC solutions to assist in their preparation for RAC audits."

The vendors covered in the report are: 3M, Advisory Board Co., Cerner, CPSI, Cobius, Compliance 360°, Dolbey, Epic, Healthland, HealthPort, HMS, Hyland, Ingenix (A-Life Medical and Lynx Medical Systems), McKesson, MedAssets, MediRegs, Meditech, MIDAS+, Nuance, QuadraMed, Siemens, Streamline Health and TruCode.

View the original article here