Home » Time Capsule » Currently Reading:

Time Capsule: My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet

November 8, 2013 Time Capsule 3 Comments

I wrote weekly editorials for a boutique industry newsletter for several years, anxious for both audience and income. I learned a lot about coming up with ideas for the weekly grind, trying to be simultaneously opinionated and entertaining in a few hundred words, and not sleeping much because I was working all the time. They’re fun to read as a look back at what was important then (and often still important now).

I wrote this piece in December 2009.

My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet
By Mr. HIStalk


Before I knew better, I worked for a crappy and perpetually money-losing hospital software vendor. A key to our non-competitiveness was an unbroken string of clueless executives (is that redundant?) who were either first-time managers or bottom-feeders.

One of those manglers (as we wittily and privately called them in pathetically insignificant resistance to their tyranny) decided that it made perfect sense that we support center people would pick up each other’s voice mails.

That particular mangler’s underdeveloped brain had reasoned thusly: customers might call an analyst’s extension directly (despite company rules specifically forbidding that practice) and leave an important message (like, “Our entire system just crashed and patients are dying as a result, so I thought I’d leave this personal voice mail message on your unlisted extension rather than calling the 800 number”).

(Spoiler: weeks later, an equally uninspired analyst, in a rare burst of analytical skill, asked the obvious question: couldn’t we just change our voice mail message with instructions for clients to call the 800 number? The mangler furrowed her brow for several minutes and finally acknowledged that this innovative practice might indeed be worthy of a trial project.)

So the mangler decided each of us would pair up with a phone buddy (I wish I was making this up, but I’m not) and we would share our voice mail codes and listen to each other’s messages, thereby helping customers who were loathe to follow our rules about not leaving them in the first place.

It would have happened except for the strenuous objections of one analyst, who was agitated that those messages might include medically related ones (probably depression-related since all of us were on shaky employment ground with our nose-diving employer).

I still think about that ridiculous episode today, primarily trying to answer this question: why are we so protective of our medical records? We’re all subject to the same human frailties, so anything you have that’s dysfunctional, too big, too little, oozing, or wrinkled makes you one of a large number of people having that same characteristic.

In 30 seconds of hard analysis, I drew this conclusion: it’s an animal reflex to hide weaknesses from predators (such as company back-stabbers, stalkers, and insurance companies).

Because of those fears, privacy and security concerns threaten to derail EMR adoption and data exchange. It costs a bundle to encrypt, decrypt, lock, track, and manage electronic health information. Hackers rise to the challenge regularly.

I have a solution. It draws inspiration from those cold-weather socialists in Norway who recently decided to place all tax records online. Anybody can look up anybody else’s income and net worth (“tax porn,” the wags call it). The Norwegians believe that universal access to that knowledge will apply constructive pressure for equality.

My can’t-miss proposal is this: we declare that all medical records and insurance files are immediately and forever placed in the public domain.

I think this flash of insight makes me a thought leader since nobody else has recommended it. Once the initial outrage wears off, we’ll get used to the concept that if society is taking care of everybody, then society gets to see the result. I see many advantages:

  • We could immediately stop worrying about breaches of privacy since there isn’t anything to breach. And since there will be no privacy, we also won’t need security.
  • Lame RHIOs and HIEs wouldn’t need to keep pretending they have any chance of success that doesn’t involve government welfare since providers can get clinical information directly.
  • Providers have no excuse for not checking allergies, meds, and past surgeries since it’s as easy as Googling “Tiger Woods mistress”.
  • It adds a much-needed layer of personal accountability to those having their healthcare costs paid for by someone else (which is almost everybody, since patients are appalled at the idea of spending their own money for their health and well-being). Say, neighbor, I happened to run across your medical records and maybe you want to drop a few pounds and cut back on the prescription narcotic use, eh?
  • It connects the life sciences industry to potential clinical trials subjects. I noticed that thing growing on your lung – do you want in on our multi-billion dollar drug study in return for a Chili’s gift certificate?
  • It would make everybody feel better about their medical condition since they can easily find people who are worse off than they are.

My plan, unlike all those stimulus-happy privacy projects, is revenue-positive. Google and Microsoft are failing miserably to convince people they need personal health records, so the federal government will offer them the chance to outbid each other for the right to host the records and charge for access (or and splatter context-aware text ads on every page). They can charge whatever they want, but Uncle Sam gets his 80 percent cut off the top.

Then we use that money to buy EMRs (which will improve since vendors won’t be wasting their time on privacy and security functions) and to start paying down the crushing national debt.

I couldn’t possibly accept any kind of recognition or compensation for this significant contribution to humankind. Well, maybe just one thing: I get to keep all the ad revenue generated from page views of medical information involving celebrities and politicians.

View/Print Text Only View/Print Text Only

HIStalk Featured Sponsors


Currently there are "3 comments" on this Article:

Subscribe to Updates



Text Ads

Report News and Rumors

No title

Anonymous online form
Rumor line: 801.HIT.NEWS



Vince Ciotti’s HIS-tory of Healthcare IT

Founding Sponsors


Platinum Sponsors




















































Gold Sponsors















Reader Comments

  • Burgers: Android permissions are a good example of one software provider using imprecise permission definitions to screw over con...
  • clinical nlp: I also think that most health systems will feel threaten with this Amazon Care. It will be (i think) the biggest player ...
  • Erin Wabol: I just saw this post from CNN: https://edition.cnn.com/2020/01/18/us/tiktok-doctors-nurses-trnd/ Physicians and nurses...
  • Ross Koppel: Thank you for this. Currently, "influencers" focus on snake oil, worse nonsense, and of course reflect the wishes of Rus...
  • Frank Poggio: Funny, I must be 'over the hill' since I always considered clients 'customers'., some even called them 'partners'. Yep,...
  • Bill O'Toole: Interesting that Epic distances from Google due to lack of customers' interest and Meditech signs up with Google. Two of...
  • Bill O'Toole: Government and Politics are forever part of health technology, however, I am constantly irritated with the government ma...
  • Ok Boomer: 👆...
  • meltoots: If Cerner received top marks for IT hospital support, then I cannot imagine how bad it really is out there. Cerner IT su...
  • TH: Everything you said in that comment is true... And it's still a voluntary choice people make. It may be the case th...

Sponsor Quick Links