Within the U.S., there seems to be a rare consensus that it is necessary to digitize medical records. The benefits seem obvious:  helping the environment by reducing the printing of large files; easier to track patient’s medical histories and prescriptions across multiple institutions, doctors, and pharmacies; easier to track and monitor major disease outbreaks; and, creation of new, medical records jobs

Yet there are obvious challenges as well, privacy being the chief concern. How will hospitals, doctor’s offices, and pharmacies safeguard these files from hackers and identity theft? Who will gain access to patient information? Privacy Rights Clearinghouse notes that a stolen laptop from Manhattan Veteran’s hospital in 2006 exposed 1600 patients; more than 180,000 patients were put at risk when a California clinic manager stole computer equipment.¹  Identity theft is an even larger privacy risk, as people go to hospitals and give medical information from a stolen identity.

Many fear that information from medical records might be sold to pharmaceutical companies, who will market their products to patients thru mailed prescription updates. Others fear that this type of database might be made available to employers who would deny jobs based on an applicant’s health. Will there be one universal, standard system file system, who will decide that standard?  Which system, amongst the current ones will be chosen, if any? Who will cover the extra costs, an estimated $150 billion?²

The US stimulus plan sets aside $19 billion dollars for digitizing medical records within the next five years, including buying new IT systems. Providers who treat Medicare and Medicaid patients that do not comply will be penalized. Records will contain medical information on every American, from birth to death. This comprehensive database will be quite useful, but dangerous if hacked into. The Institute of Medicine recommends that all electronic records have an audit, noting who has visited the record, similar to a credit report.³ 

The U.S. is not the first country to explore electronic medical records (EMR). In the United Kingdom, there has been a longtime effort to digitize medical records. The U.K. has already struggled with the same challenges being debated within the U.S. For example, London’s Royal Free Hospital lost £10m and has been forced to treat fewer patients because staff has to spend a lot of time fixing technical glitches; an extra 40 staff members were hired to handle the extra work.⁴ This example offers insight into the challenges U.S. politicians should consider vis-a-vie deciding which EMR system to adopt and how to roll-out the project to avoid problems faced by London’s Royal Free Hospital.

In the Netherlands, the Parliament voted in February 2009 to introduce a new centralized medical record system, which will be compulsory for hospitals, but patients will be allowed to opt out of the system at a cost of 12 euro per child. Patients will require permission of their physicians to see their records. The Netherlands government has hired hackers to find system loopholes.Most of the complaints are about paying to opt-out and requirements for the patient to see his or her records. ⁵

Despite all the challenges and concerns, many support the digitization of medical records, but want to make sure that it is done properly. The use of EMRS is not new and there are already many systems in place, including systems used by Kaiser. Implementation of the mandate to digitize medical records will be quite challenging and hopefully the U.S. will be able to learn from the UK experience and address privacy concerns and the question of competing standards and technologies.