Online medical records offer convenience, may limit privacy
By Janet Kornblum
When Mary Adams had a mammogram in October, she didn’t have to wait for a call from her doctor â€” or even a note in the mail â€” to get her results.
Instead, she got a message from her Cleveland Clinic doctor that her online health record had been updated. She logged onto MyChart, one of the nation’s first online sites for personal health records, and voilÃ , there were the results: Everything was normal.
“It made me feel great,” says Adams, 45, of LaGrange, Ohio. “I knew at a glance what my test results were.”
Adams may be riding the wave of the future as one of the first to try out a new breed of websites that allow patients to store and access their own medical records. She has since added the newly launched Google Health to her online health arsenal.
A variety of companies â€” from private health-care providers and insurance companies to big technology firms such as Microsoft and Google â€” are developing and launching sites, most of them free, that allow patients to keep personal health records. They can include everything from medical histories to test results, doctors’ notes and prescriptions.
Patients can input their records themselves or have them added by the few doctors’ offices and other medical facilities that keep compatible electronic records online.
Because the field is so new, standards and legislation still are under development. And privacy advocates worry about sensitive records falling into the wrong hands.
But nearly everyone applauds the idea behind the records: They aim to bring the notoriously slow-to-computerize health records out of the era of manila folders and scribbled notes and into the future of electronic information that can be transported with the click of a button.
Most of the sites also are trying to become health leaders by running online health-care malls, where people can do everything from storing their own records to doing medical research online.
Google Health and Microsoft’s HealthVault, for instance, are forming partnerships with companies that provide services such as pill reminders and glucose monitoring.
Adams, who is an information-technology professional, says she’s happy with both MyChart and Google Health.
“I love it,” she says. “I can log in from any computer, anywhere, and I can see the information that’s available in my chart. â€¦ I can see test reminders â€” like you need to have your cholesterol checked in October 2009. I can see when I had my last tetanus shot. Before I had access to MyChart online, I had no clue when I had my last tetanus shot. Even if I had a piece of paper at home, I didn’t have access to it where I was.”
Everything in one place
Advocates of personal health records say they will result in better-informed patients, the elimination of redundant tests and better-prepared doctors who can get a more complete picture by having their patients’ entire medical history in front of them.
With paper records, patients “are either forced to be their own medical historian or their own medical librarian. It’s a real challenge for the typical patient to get everything right,” says C. Martin Harris of the Cleveland Clinic.
“We’re trying to make it easy for individuals to gather all their health information in one place, and they’ll be able to use that information to make health care decisions,” says Colin Evans, chief of Dossia, an electronic-records provider.
Errors will be reduced by quickly giving physicians access to crucial information, such as allergies, advocates say.
“People ought to be much more fearing about 200,000 (people) every year who are killed from medical errors,” says David St. Clair, founder and chief executive of MEDecision, which works with health-insurance companies.
Ultimately, systems could allow emergency room physicians, for instance, to have instant access to incoming patients’ records.
But others warn there’s a big downside to personal health records, especially the chance that private and personal records could be bought and sold by, for instance, pharmaceutical companies.
“The idea is to give power to the end users by providing a set of tools to manage their own health information,” says Greg Sterling, an analyst at Sterling Market Intelligence in San Francisco. “It makes a lot of sense in the abstract.” But “like anything, there’s this other side of it, which is people can get access to this information and misuse it.”
All companies with private personal health records say privacy is of paramount importance and outline strict privacy measures in their terms of service agreements.
But promises are not enough, says Deborah Peel, a physician and founder of Patient Privacy Rights, a non-profit organization that is leading a bipartisan privacy-rights coalition that includes organizations as varied as the American Civil Liberties Union and the Gun Owners of America. “We can’t take anyone’s word for it because the information is so incredibly valuable,” she says.
Data-mining a concern
Privacy advocates worry that companies could legally sell medical records, valuable to drug and insurance companies.
“The concept is wonderful, but because we have absolutely no control over personal health information in electronic form, they’re very dangerous,” Peel says. “There’s essentially no laws to stop (companies) from data-mining that information and using it in a way that you would never want.”
Just the fear that records could be unsafe could lead patients to withhold important information from their physicians, worried that sensitive information, such as news of a sexually transmitted disease or cancer, might become known, says Tim Sparapani, senior legislative council for the ACLU.
“Whenever you digitize information and then make it, of course, searchable because that’s how databases work, you facilitate snooping,” Sparapani says.
Both houses of Congress are in the early stages of considering several pieces of legislation that deal with electronic records.
Peel’s organization is beginning to certify personal health records. And the non-profit Certification Commission for Healthcare Information Technology announced Tuesday that in addition to certifying electronic health records systems, it will start certifying the personal-record sites.
Security risks should be put in perspective, says Peter Neupert, corporate vice president at Microsoft’s health solutions group.
“The risky talk has to be counterbalanced against the benefits of being able to have better health outcomes, better health communications, better services and tools to lead healthy lives.”
Patients ultimately have control over who sees their data, adds Harris of the Cleveland Clinic. They choose who can access their records. And unlike paper records, if there’s an unauthorized viewing of a record, a patient will be informed.
Adams says she understands the risks and is willing to live with them. “For me personally, there are risks with any type of online transaction, whether it’s logging onto my bank or using my credit card online,” she says. “It’s just a matter of perspective.”
William Straw, 59, a Los Altos, Calif., family physician, recently signed up to Google Health to see what the service was like.
“Nothing is 100% private,” says Straw, who is in a practice that uses electronic records. “Electronic medical records are probably more secure than the paper record we used to have, which could be sitting around. â€¦With our records we can trace who had access.”
“It’s fairly clear that the electronic medical record will become much more widespread,” says Robert Steinbrook, a doctor and national correspondent for the New England Journal of Medicine.
“Since we haven’t had a situation where patients have been in control of their data, much less having that data online, this is really a grand experiment, and it will take some time to see whether concerns about privacy and data security are real.”