Sunday, April 20, 2008

Electronic Medical Records - EMR

Now that Microsoft, Google and RevolutionHealth are all getting into the EMR business, many people are concerned about the safety and security of their health records online, and whether they should place their records online. EMR is inevitable. The question is who will control it. The technology required for safeguarding protected information is available, but has to be applied properly. If Google and Microsoft want to be the storehouses of EMR then they will have to deal with HIPAA just like doctors, hospitals, clinics, etc. Otherwise, all of Britney Spears’ records will be online for the whole world to see. Currently patients upload their records to HealthVault so Microsoft is technically exempt from HIPAA regulations since patients are not bound by HIPAA laws, only healthcare providers are. However, if Microsft’s and Google’s partners (Mayo Clinic, Johns Hopkins, Columbia Presbyterian) upload records to Microsoft’s servers then Microsoft will be required by federal law to sign HIPAA agreements with these medical institutions which are already HIPAA-regulated. The security and privacy systems can and will be instituted once these organizations upload medical records. And, they will be safe. When was the last time your bank account or credit card account was broken into on Citibank’s or American Express’s servers? By the way, current paper medical records have almost no security at all. Ask the cleaning and maintenance people who have access to them on a daily basis in hundreds of thousands of doctors’ offices all over the USA. Online EMR can certainly be more secure than that. ‘What Doctors Think’ performed healthcare market research in December 2007 on the subject of EMR. We performed an online physician survey of nearly 500 primary care physicians scattered across the USA to find out their views on EMR and HealthVault. The results can be found at sults
In question 20 we asked doctors which EMR vendor they would be most comfortable with. Microsoft won with 23%. The federal government came in with 13%, WebMD was third with 11%, and Google was fourth with 9%. However this survey was completed before Google’s announcement a few months ago. Personally, I believe that Medicare should create a Universal online EMR that should be used for every Medicare patient. Since virtually every senior citizen and physician in the USA is in Medicare’s billing/financial database, building an EMR on top of that would not be an insurmountable project. Ultimately a Medicare EMR that every physician and hospital had access to, and that patients would be required to join as part of receiving Medicare benefits, would save the government tens of billions of dollars over the years and would save the entire Medicare System from collapsing in the long run. The Medicare EMR could then serve as the template and basis for EMR systems used by non-Medicare patients as well, operated in conjunction with Medicaid, private insurers, HMOs etc. The current fragmented system with literally hundreds of different EMR companies selling systems to doctors and hospitals that don’t “talk” to each other is wasteful and will cost billions to overhaul in 5-10 years. All of the millions of dollars in federal and state government grants currently being dished out to test various EMR systems is also counterproductive. The only EMR that will work efficiently, benefit patients and save tens of billions of dollars is a universal, online system. Microsoft and Google are on the right track but haven’t figured out the details yet. Additionally, MSFT and GOOG are marketing to consumers instead of doctors. This is a backwards approach as well since doctors have access to thousands of records that they can upload to servers, whereas patients can only upload one at a time, and most patients don’t know what’s important to upload and what’s not. Perhaps MSFT and GOOG don’t want to deal with doctors because that forces them to deal with HIPAA laws. It’s unavoidable if they want to be players.
Robert Cykiert, M.D.