The electronic medical record (EMR) for most of us has been a game changer in caring for patients. The EMR has allowed for the ease of sharing information, the ability to review historical information, and for multiple providers to be interacting with patient information at the same time. I know I would not want to go back to the world of a paper chart!
Additionally, the EMR allows for the use of technology to aide in the care of our patients. The data of nearly 380,000 patients, obtained from the EMR, was entered into a database to develop, implement, and validate an automated early warning score to identify patients who will likely deteriorate within the next 12 hours (Kipnis et al., 2016). Another study reviewed the hospital records of 565 hematology patients, specifically laboratory values and vital signs, to develop a neural network to review the multiple data points entered in the EMR to predict and alert significant patient decline (Hu, Wong, Correa, Li, & Deng, 2016). Fernandez (2019) anticipates the key components of EMR use will be clinical decision supports and the ability to track compliance with regulations. Access to these large datasets and the common place use of the EMR is changing the way we care for our patients. But what are the risks?
One risk is the potential breach of data. In 2016, 3.7 million patients were affected by the breach at Banner Health, potentially costing the corporation $6 million. Not to mention the additional costs of improved data security. A breach is defined as the “an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information”. The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) requires entities to notify when a breach has occurred (U.S. Department of Health & Human Services, n. d.). Another potential risk is the inadvertent use of patient information. Though most would agree, reviewing the EMR and large databases to improve the way in which we care for patients is permissible, however we are also accessing protected PHI. When using large databases to complete retroactive studies or evaluate trends, we must be sure that we are following the national guidelines (HIPPA) and if applicable international guidelines (GDPR) that are more strict.
Specifically, regarding providing prophylactic mastectomies as a benefit for Medicare patients, there is little information available about the benefit in this specific population. Additional research is needed regarding cost and survival benefits. The ability to utilize large databases from the EMR or a system like The Oncology Research Information Exchange Network (ORIEN) improves access to the needed data points to evaluate the survival or treatment benefits. Overall, as healthcare providers, we must always consider that this data is PHI, private details of a persons illness and experience. We need to remain diligent in it’s protection, and respectful of it’s use.
References:
Anonymous (2020, March 2). National Breast Cancer Coalition. Email correspondence.
Davis, J. (2019, December 9). Proposed $6M settlement reached in Banner Health data breach lawsuit [webpage]. Retrieved from https://healthitsecurity.com/news/proposed-6m-settlement-reached-in-banner-health-data-breach-lawsuit
Fernandez, M. (2019). Clinical decision support systems revolutionize the EMR to become the leader for patient empowerment [webpage]. Retrieved from: https://ww2.frost.com/news/press-releases/clinical-decision-support-systems-revolutionize-the-emr-to-become-the-leader-patient-empowerment/
Kipnis, P., Turk, B., Wulf, D., Laguardia, J., Liu, V., Churpek, M., . . . Escobar, G. (2016). Development and validation of an electronic medical record-based alert score for detection of inpatient deterioration outside the ICU. Journal of Biomedical Informatics, 64, 10-19. DOI: 10.1016/j.jbi.2016.09.013
M2Gen (2020). Oncolocy Research Information Exchange Network [webpage]. Retrieved from: https://www.oriencancer.org/
Hu, S., Wong, D., Correa, A., Li, N., & Deng, J. (2016). Prediction of Clinical Deterioration in Hospitalized Adult Patients with Hematologic Malignancies Using a Neural Network Model. PLoS One, 11(8), E0161401. DOI: 10.1371/journal.pone.0161401
U.S. Department of Health & Human Services (n. d.). Health Information Privacy [webpage]. Retrieved from https://www.hhs.gov/hipaa/for-professionals/breach-notification/index.html
Wyllie, D., & Davies, J. (2015). Role of data warehousing in healthcare epidemiology. Journal of Hospital Infection, 89(4), 267-270. DOI: 10.1016/j.jhin.2015.01.005
Preventative Mastectomy 
The process of accumulating patient health data is necessary, to assess, diagnose, treat, and evaluate care. This process is facilitated by the use of electronic medical records. Without the use of medical records providers would be relying on paper notes to review health trends. As you mentioned in your blog, we have the luxury of becoming providers during a time that electronic medical records are utilized to make decisions. I agree with you that I would not want to revert back to paper medical record as the efficiency level would drop dramatically for me.
The luxury of electronic health records also comes with a responsibility to protect patient health data. The storage, usage, collection and sharing of patient protected health data must be done properly in order to protect patients. The sharing of data for research purposes is a topic I am unfamiliar with. Despite my understanding that data can help move science forward I am unsure of the legal ramifications of sharing data for medical purposes in this manner. Did you come across any articles regarding sharing of private health information for these purposes?
Your blog caught my interest and so I turned to PubMed to look at the sharing of patient data for research purposes. I found an article which evaluated the data sharing practices in Jordan but found it applicable to the work researchers do in the United States.
According to Karasneh, Al-Azzam, Alzoubi, Hawamdeh, and Muflih (2019), past research practices allowed data to be shared that was not needed. In order to protect patient confidentiality, it is vital that only pertinent data is shared amongst needed personnel in research situations. Data such as date of birth, social security information, and patient’s names most often are not indicated. Additionally, the author points out, laptops are not ideal for storing patient data as they are portable and easily stolen.
References
Karasneh, R., Al-Azzam-S, Alzoubi, K, Hawamdeh, S. & Muflih, S. (2019). Patient data sharing and confidentiality practices of researchers in Jordan. Dove Medical Press. (12) 255-263. Retrieved at https://ncbi.nlm.nih.gov/pmc/articles/PMC6890205.
LikeLike