Medical Data Storage Also Prone To Dumb Mistakes

The push to try and digitize patient's medical records into EMRs (Electronic Medical Records) is an attempt to reduce costs, improve portability and to also allow vast pools of data to be anonymized and used for disease research. This is one of the provisions of the Affordable Care Act - to mandate the implementation of EMRs. However personal user data is lost, stolen or otherwise made available with disappointing frequency, and I don't see any real reason to believe that medical data will be any different, regardless of the good intentions of those involved. 
Here's a recent example, thankfully affecting a (relatively) small number of patients:
Hospitalist and intensivist company Cogent Healthcare, based in Nashville, Tenn., contracted with Las Vegas-based medical transcription and software vendor M2ComSys to transcribe care notes dictated by physicians. M2 stored protected health information on what was supposed to be a secure Internet site. The site, in reality, had its firewall down. The access to these notes through the site began May 5, 2013, and ended following Cogent Healthcare’s discovery of the lapse on June 24, 2013.   Patient data compromised included patients names, physician names, dates of birth, diagnosis description, treatment data, medical history and medical records numbers. 

When this kind of information gets out, the potential damage could be devastating of course. I just hope we can treat this with the seriousness it deserves, and not put it on the same level as someone's Xbox Live account getting hacked.

No comments :