Giving a patient medications in the ER, having them pop positive on a test, and then withholding further medications because…
Time Capsule: My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet
I wrote weekly editorials for a boutique industry newsletter for several years, anxious for both audience and income. I learned a lot about coming up with ideas for the weekly grind, trying to be simultaneously opinionated and entertaining in a few hundred words, and not sleeping much because I was working all the time. They’re fun to read as a look back at what was important then (and often still important now).
I wrote this piece in December 2009.
My Simple Solution to Privacy and Security: Publish Everybody’s Electronic Medical Records on the Internet
By Mr. HIStalk
Before I knew better, I worked for a crappy and perpetually money-losing hospital software vendor. A key to our non-competitiveness was an unbroken string of clueless executives (is that redundant?) who were either first-time managers or bottom-feeders.
One of those manglers (as we wittily and privately called them in pathetically insignificant resistance to their tyranny) decided that it made perfect sense that we support center people would pick up each other’s voice mails.
That particular mangler’s underdeveloped brain had reasoned thusly: customers might call an analyst’s extension directly (despite company rules specifically forbidding that practice) and leave an important message (like, “Our entire system just crashed and patients are dying as a result, so I thought I’d leave this personal voice mail message on your unlisted extension rather than calling the 800 number”).
(Spoiler: weeks later, an equally uninspired analyst, in a rare burst of analytical skill, asked the obvious question: couldn’t we just change our voice mail message with instructions for clients to call the 800 number? The mangler furrowed her brow for several minutes and finally acknowledged that this innovative practice might indeed be worthy of a trial project.)
So the mangler decided each of us would pair up with a phone buddy (I wish I was making this up, but I’m not) and we would share our voice mail codes and listen to each other’s messages, thereby helping customers who were loathe to follow our rules about not leaving them in the first place.
It would have happened except for the strenuous objections of one analyst, who was agitated that those messages might include medically related ones (probably depression-related since all of us were on shaky employment ground with our nose-diving employer).
I still think about that ridiculous episode today, primarily trying to answer this question: why are we so protective of our medical records? We’re all subject to the same human frailties, so anything you have that’s dysfunctional, too big, too little, oozing, or wrinkled makes you one of a large number of people having that same characteristic.
In 30 seconds of hard analysis, I drew this conclusion: it’s an animal reflex to hide weaknesses from predators (such as company back-stabbers, stalkers, and insurance companies).
Because of those fears, privacy and security concerns threaten to derail EMR adoption and data exchange. It costs a bundle to encrypt, decrypt, lock, track, and manage electronic health information. Hackers rise to the challenge regularly.
I have a solution. It draws inspiration from those cold-weather socialists in Norway who recently decided to place all tax records online. Anybody can look up anybody else’s income and net worth (“tax porn,” the wags call it). The Norwegians believe that universal access to that knowledge will apply constructive pressure for equality.
My can’t-miss proposal is this: we declare that all medical records and insurance files are immediately and forever placed in the public domain.
I think this flash of insight makes me a thought leader since nobody else has recommended it. Once the initial outrage wears off, we’ll get used to the concept that if society is taking care of everybody, then society gets to see the result. I see many advantages:
- We could immediately stop worrying about breaches of privacy since there isn’t anything to breach. And since there will be no privacy, we also won’t need security.
- Lame RHIOs and HIEs wouldn’t need to keep pretending they have any chance of success that doesn’t involve government welfare since providers can get clinical information directly.
- Providers have no excuse for not checking allergies, meds, and past surgeries since it’s as easy as Googling “Tiger Woods mistress”.
- It adds a much-needed layer of personal accountability to those having their healthcare costs paid for by someone else (which is almost everybody, since patients are appalled at the idea of spending their own money for their health and well-being). Say, neighbor, I happened to run across your medical records and maybe you want to drop a few pounds and cut back on the prescription narcotic use, eh?
- It connects the life sciences industry to potential clinical trials subjects. I noticed that thing growing on your lung – do you want in on our multi-billion dollar drug study in return for a Chili’s gift certificate?
- It would make everybody feel better about their medical condition since they can easily find people who are worse off than they are.
My plan, unlike all those stimulus-happy privacy projects, is revenue-positive. Google and Microsoft are failing miserably to convince people they need personal health records, so the federal government will offer them the chance to outbid each other for the right to host the records and charge for access (or and splatter context-aware text ads on every page). They can charge whatever they want, but Uncle Sam gets his 80 percent cut off the top.
Then we use that money to buy EMRs (which will improve since vendors won’t be wasting their time on privacy and security functions) and to start paying down the crushing national debt.
I couldn’t possibly accept any kind of recognition or compensation for this significant contribution to humankind. Well, maybe just one thing: I get to keep all the ad revenue generated from page views of medical information involving celebrities and politicians.
What in the world did I just read?
Brilliant!
You don’t go halfway, do you?