Home » Time Capsule » Currently Reading:

Time Capsule: My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet

November 8, 2013 Time Capsule 3 Comments

I wrote weekly editorials for a boutique industry newsletter for several years, anxious for both audience and income. I learned a lot about coming up with ideas for the weekly grind, trying to be simultaneously opinionated and entertaining in a few hundred words, and not sleeping much because I was working all the time. They’re fun to read as a look back at what was important then (and often still important now).

I wrote this piece in December 2009.

My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet
By Mr. HIStalk


Before I knew better, I worked for a crappy and perpetually money-losing hospital software vendor. A key to our non-competitiveness was an unbroken string of clueless executives (is that redundant?) who were either first-time managers or bottom-feeders.

One of those manglers (as we wittily and privately called them in pathetically insignificant resistance to their tyranny) decided that it made perfect sense that we support center people would pick up each other’s voice mails.

That particular mangler’s underdeveloped brain had reasoned thusly: customers might call an analyst’s extension directly (despite company rules specifically forbidding that practice) and leave an important message (like, “Our entire system just crashed and patients are dying as a result, so I thought I’d leave this personal voice mail message on your unlisted extension rather than calling the 800 number”).

(Spoiler: weeks later, an equally uninspired analyst, in a rare burst of analytical skill, asked the obvious question: couldn’t we just change our voice mail message with instructions for clients to call the 800 number? The mangler furrowed her brow for several minutes and finally acknowledged that this innovative practice might indeed be worthy of a trial project.)

So the mangler decided each of us would pair up with a phone buddy (I wish I was making this up, but I’m not) and we would share our voice mail codes and listen to each other’s messages, thereby helping customers who were loathe to follow our rules about not leaving them in the first place.

It would have happened except for the strenuous objections of one analyst, who was agitated that those messages might include medically related ones (probably depression-related since all of us were on shaky employment ground with our nose-diving employer).

I still think about that ridiculous episode today, primarily trying to answer this question: why are we so protective of our medical records? We’re all subject to the same human frailties, so anything you have that’s dysfunctional, too big, too little, oozing, or wrinkled makes you one of a large number of people having that same characteristic.

In 30 seconds of hard analysis, I drew this conclusion: it’s an animal reflex to hide weaknesses from predators (such as company back-stabbers, stalkers, and insurance companies).

Because of those fears, privacy and security concerns threaten to derail EMR adoption and data exchange. It costs a bundle to encrypt, decrypt, lock, track, and manage electronic health information. Hackers rise to the challenge regularly.

I have a solution. It draws inspiration from those cold-weather socialists in Norway who recently decided to place all tax records online. Anybody can look up anybody else’s income and net worth (“tax porn,” the wags call it). The Norwegians believe that universal access to that knowledge will apply constructive pressure for equality.

My can’t-miss proposal is this: we declare that all medical records and insurance files are immediately and forever placed in the public domain.

I think this flash of insight makes me a thought leader since nobody else has recommended it. Once the initial outrage wears off, we’ll get used to the concept that if society is taking care of everybody, then society gets to see the result. I see many advantages:

  • We could immediately stop worrying about breaches of privacy since there isn’t anything to breach. And since there will be no privacy, we also won’t need security.
  • Lame RHIOs and HIEs wouldn’t need to keep pretending they have any chance of success that doesn’t involve government welfare since providers can get clinical information directly.
  • Providers have no excuse for not checking allergies, meds, and past surgeries since it’s as easy as Googling “Tiger Woods mistress”.
  • It adds a much-needed layer of personal accountability to those having their healthcare costs paid for by someone else (which is almost everybody, since patients are appalled at the idea of spending their own money for their health and well-being). Say, neighbor, I happened to run across your medical records and maybe you want to drop a few pounds and cut back on the prescription narcotic use, eh?
  • It connects the life sciences industry to potential clinical trials subjects. I noticed that thing growing on your lung – do you want in on our multi-billion dollar drug study in return for a Chili’s gift certificate?
  • It would make everybody feel better about their medical condition since they can easily find people who are worse off than they are.

My plan, unlike all those stimulus-happy privacy projects, is revenue-positive. Google and Microsoft are failing miserably to convince people they need personal health records, so the federal government will offer them the chance to outbid each other for the right to host the records and charge for access (or and splatter context-aware text ads on every page). They can charge whatever they want, but Uncle Sam gets his 80 percent cut off the top.

Then we use that money to buy EMRs (which will improve since vendors won’t be wasting their time on privacy and security functions) and to start paying down the crushing national debt.

I couldn’t possibly accept any kind of recognition or compensation for this significant contribution to humankind. Well, maybe just one thing: I get to keep all the ad revenue generated from page views of medical information involving celebrities and politicians.

View/Print Text Only View/Print Text Only

HIStalk Featured Sponsors


Currently there are "3 comments" on this Article:

Subscribe to Updates



Text Ads

Report News and Rumors

No title

Anonymous online form
Rumor line: 801.HIT.NEWS



Founding Sponsors


Platinum Sponsors




























































Gold Sponsors
















Reader Comments

  • HIT Observer: What I find most interesting here, is people defending their common practices rather than truly taking this as invaluabl...
  • Bob: There's no incentive for the provider to spend time doing a price comparison for the patient. Nor is it a good use of th...
  • Peppermint Patty: Veteran - can you clarify what was "fake "? Was something made up (definition of fake) or did you disagree with Vapo...
  • Pat Wolfram: Such a refreshing article. Thanks -- there really can be a simpler version of an acute HIT implementation. But I do ...
  • Woodstock Generation: Bravo to HIStalk's Weekender recaps and other news/opinions. I read it first thing on Monday mornings..................
  • Veteran: #fakenews...
  • Vaporware?: Secretary Shulkin: "the American healthcare system hasn’t yet figured out interoperability, but the VA can lead the wa...
  • Justa CIO: The reported go live date for McLaren Oakland is wrong. There are no dates set for activations for any locations. Post...
  • Brian Too: I admit I am partial to the quoted ICD-10-CM of "S07.9XXA Crushing injury of head, part unspecified, initial encounter....
  • Cosmos: As others in the comments section have pointed out before, GE's EMR for athletes is ironically a health record for the h...

Sponsor Quick Links