LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: RAINDrop - Lawsuit Filed Against Stimulus Act
From:	Larry Medina <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 9 Jul 2009 17:32:05 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

>That's true.  HIPAA privacy rules are already a challenge to comply
>with in a "closed" or internal electronic records system.  In addition
>some states have privacy laws in place that add to this complexity.
>
>Another issue I've seen raised on a couple of medical forums is the
>likely hood of hackers breaking into such a mammoth system.  
>Security for such a massive system will be extremely onerous to
>manage.  I doubt small medical practices have the technical expertise
>or funds needed to support or hire security personnel necessary to
>keep the outsiders out.

Yep, the only answer is going to be to find ways to compartmentalize the
information and only allow access to ranges of information on patients
without the need for secondary authentication of the "need to know" certain
things.  And as you said, long-term management of the protection of privacy
and limiting access is going to be horrid.

The whole concept of wide open analysis of data on patients from information
entered into this system of records will continue to be challenged - about
the only records they're going to have the ability to perform that type of
data mining on are those belonging to Federal employees, those in the
military, in prison or on public subsistence and that's because they are
required to waive certain rights to privacy.  They're still protected by the
majority of the provisions of HIPAA, but not in the same way private
citizens are. 

It's like I've said though, this system is going to face many challenges
besides these.  The lack of a legitimate National unique ID system is one
thing that will hamper collection of information as people's lives change...
through marriage, divorce, adoption, gender changes, etc and the ID is not
going to be an SSN... it will need to be a predetermined set of characters,
including a mix of alpha, numeric and symbols.  

Even so, the volumes of legacy information that exist on people born prior
to the institution of this system will still result in there being two sets
of information that will need to be referred to to establish a clear
understanding of someone's health background prior to treatment. And when a
US Citizen travels abroad and needs or receives treatment, there will be
difficulty in obtaining access to their EMR/EHR information here in the US,
and/or maintaining a complete record of treatment provided elsewhere...
which will result in gaps.

It's sort of like how when we discuss the need for conversion and migration
and IT tells us it's a 'lossy process' but that 97.8484748504% accuracy
should be acceptable... or when a certain storage provider says in 99.8% of
all transactions nothing is lost, if you're in that outlier percentage,
you're not feeling too confident.  

Larry
[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US