In an effort to contextualize concerns about the confidentiality of electronic health records, the National Alliance for Health Information Technology this month published a report that compares the security of paper and electronic medical records. According to John Morrissey, author of the report and director of knowledge at NAHIT, the report will be useful as patients, providers and policymakers weigh the advantages of implementing electronic record systems.
Morrissey said that it is important “to publicize as much as we can the relative security of electronic versus paper-based records and also get across that the operative word here is not ‘privacy.’ It’s ‘confidentiality.'” According to Morrissey, discussions about EHRs must take into account the need to secure patient information but that security must not come at the expense of making information readily available to “a limited number of people who will not let it go out of their circle.”
“One of the points I try get across in this narrative is that it’s pretty plain that the old chart is of pretty limited use,” Morrissey said. “It just sits there on a shelf. What good is it there?”
Methodology, FindingsTo prepare for the report, Morrissey observed operations at three health care organizations: “a typical hospital using paper records, a hospital using an electronic system and a paper-deluged community clinic.” The bulk of the narrative focuses on one day at the paper-based hospital, where Morrissey tracked the progress of one patient’s medical record as it followed the patient through five trips within the hospital.
Between 7:20 a.m. and 2:50 p.m., the patient’s chart changed hands 17 times, Morrissey writes. He adds that “the chart will be perused not only by the attending doctor and assigned nurse but also by technicians in the neurology, cardiology and radiology departments as well as by a physical therapist and occupational therapist.” Morrissey notes that everybody who looks at the chart is a professional but cautions that they are given free rein to review “anything they want to look at.”
Morrissey writes that, in contrast to the paper-based hospital, nursing stations at Evanston Northwestern Healthcare — which has an EHR system — “are uncluttered and nearly devoid of paper with any medical details of patients.” He goes on to write that “nurses and doctors have unrestricted access to clinical information, but their electronic mark is on everything they call up on a computer screen using a password-protected sign-in.” Employees who perform billing or reception work can access information they need to perform their jobs. Unlike the paper-based hospital, some workers — including those who transport patients within the hospital — have no access at all to patient information.
The narrative concludes that paper records are less effective than electronic records at making information readily available to caregivers at multiple locations and that the inaccessibility of paper records does not necessarily correlate to a high level of confidentiality of patient information. At one point in the narrative, Morrissey observes that the sensitive details of a patient’s medical records are “only as secure as the ethics of the hospital workers pushing her wheelchair or flipping through the chart to read observations.”
Next StepsMorrissey said NAHIT hopes the report will generate a more informed dialogue about the relative security of EHRs. He said advocates of electronic records recognize that one of the “road blocks” to proliferating health IT is “fears about security, fears about disclosure, fears about breaches in privacy.” Morrissey said that many patients do not have a full understanding of the vulnerabilities of their paper records and that he hopes this report will create a more informed understanding of the security weaknesses associated with a paper-based system.
“The issue of security needs to be examined in a broader context of why patient records exist at all,” Morrissey said, adding, “Once you address that question, you get to the benefit of medical records as a means of getting all the information captured at many different sites of care.”
KFF Health News is a national newsroom that produces in-depth journalism about health issues and is one of the core operating programs at KFF—an independent source of health policy research, polling, and journalism. Learn more about KFF.Some elements may be removed from this article due to republishing restrictions. If you have questions about available photos or other content, please contact khnweb@kff.org.