So Sue Me...One More Hurdle for the EMR | [node:field-byline] | Healthcare Blogs Skip to content Skip to navigation

So Sue Me...One More Hurdle for the EMR

November 24, 2008
by James Feldbaum
| Reprints

At a dinner party this week I was asked what kind of consulting I did. The explanation that I helped hospitals with the adoption of the electronic medical record provoked a single question “what about security?”

Each morning I receive an automated news alert from Google. My search term is “electronic medical record.” Here are the headlines from yesterday and today:

It is no wonder that there is so much distrust of the electronic medical record. Admittedly we have our good press too, but it seems that our missteps get the biggest headlines. The guests at the dinner party were hard-pressed to enumerate the benefits of an EMR or PHR. We need better PR!

The new California law that takes effect January 1, 2009 will significantly increase fines not only for the illegal use of the medical record but also for unauthorized access of records. The law also opens the doors for patients to sue doctors when their records are accessed even if there is no damage. It is expected that other states will follow suit.

Ironically, a blog listed above describes a medical student’s exasperating attempts to get a copy of one of his procedure reports. It seems to take less effort for morbidly curious eyes to access the medical record then for the rightful owner of that record.

Patient acceptance of the electronic medical record will require better PR. Our President Elect mentioned the EMR only as a cost savings for insurers. There is little press or education available that promotes the clinical and quality benefits for our patients.

Physician adoption of electronic medical record has been slow for many reasons. Now, new laws may have created the greatest hurdle. Now, patients can sue their doctor for improper access to the medical record even if there is no harm done. While the paper chart was equally vulnerable, it did not leave a clear, time stamped and traceable footprint behind. An ambulatory EMR can now be considered a financial and legal risk for physicians already struggling with the decision whether to undertake the high cost and time-consuming implementation of the EMR.

Each handicap is like a hurdle in a steeplechase, and when you ride up to it, if you throw your heart over, the horse will go along, too.

Lawrence Bixby



The project offers significant warnings which might deter most of us from volunteering. Chief among them is the misuse of our personal health record to affect employment or insurability or to reveal the propensity for a disease for which there is no current effective treatment. Imagine, having your genetic information and intimate details of your life searchable and downloadable. If you have anything to hide (who doesn't) you probably should have a thick skin and all the health and life insurance you will ever need.

Wow. I recall scanning your blog at the time. Frankly, it didn't sink in.

Since then, in a blog post "Presidential Genomics ? / The absolute end of innocence of the medical record", the topic took another turn. Several prominent people in either PGP or something similar, publicly disclosed their genetic profile. The author in the original WSJ article, Robert Lee Hotz, cited stated that this is possibly going to become commonplace in presidential contests.

In discussing this with informatics-trained physicians at AMIA two weeks ago, it was suggested that only people who are independently wealthy can afford this degree of disclosure with our current reimbursement system. Do the PGP folks talk about the healthcare coverage aspects of non-privacy?

Jim, I enjoyed your post and appreciated your updates (new California law, PR challenge facing us, the political environment where EMR savings are framed as "for insurers", the linkage to physician adoption of privacy, etc.) Very rich post.  Thank you.

Two observations to add:

1) Your statement, "While the paper chart was equally vulnerable, it did not leave a clear, ...[audit trail]" was valid in the point it was driving. As you know, some people consider an EMR considerably more vulnerable than paper because it can be moved instantaneously and effectively copied without restriction, in our current age. It's not legal to do this; and I don't need to elaborate beyond what you've said.

2) There is an emerging social consensus, evident at your dinner party, that technology is killing privacy.  I've blogged about that here (Privacy is an illusion (Ellison) You have zero privacy, Get Over It (McNealy) )

It was the cover of Scientific American 2 months back; it contains a great keynote by Esther Dyson that fully elaborates the issues.

In summary, you're dead-on correct.  We've got work to do regarding this 'Hurdle'.

Joe, Thanks for your input. I am so tired of the preoccupation with privacy that obfuscates the true clinical value of the EMR. I wrote a blog entry called "Who Gives a Damn about Privacy? on 10.23.2008

It describes the Personal Genome Project that just might change the way we think about medical privacy forever. It is in the process of obtaining and releasing the personal medical history, intimate personal details, and DNA profile for 100,000 people in order to create a public searchable database for the purpose of advancing our understanding of the interplay between genetics, environment, and personal factors.

The PHR/EMR needs a good public relations effort to overcome the privacy hysteria and get the public to demand the benefits that they deserve for their clinical medical care.