Electronic Medical Records (EMR) Security Adoption Issues
First for those of you saying what EMR vs. EHR is let me give the simple difference. EMR is a single provider and patient record while EHR is a patient record shared with all providers involved in the patient’s care. The EHR is what the ARRA act and federal government really are after in the believe this will reduce health care costs.
A 2010 Comptia study showed practices with EMR started or fully deployed was 26% for solo practices & 55% for group practices—so adoption has begun. Better patient care & improved efficiency (read revenue) are the top drivers at 70 and 68% respectively. Notice the stimulus reimbursement is not at the top of adoption drivers—in fact it is turning out to be a negative since the physician community has major distrust to federal medical regulators. When the top security concerns of doctors are surveyed: HPAA compliance, unauthorized data access/use & external breach are top factors considered.
When approached your physician prospects/clients understand that when asked in same study what improvements they would like to see made in EMR solutions ranked 9th of 9 major areas. When asked what factors were inhibiting their EMR adoption one of top 6 reasons was security/privacy. So leading with a value of security probably won’t resonate. So it is recommended you lead with with the following:
• Regulations/penalties—Good old FUD still works when you explain financial and criminal penalties
• Discuss Patient record integrity – alterative or destruction –important to doctor’s profile
• Better Patient Privacy—Improves relationship between doctor/patient so they really care.
Below are the critical security issues to address as EMR gets adopted:
• Risk profile or assessment of your provider clients
• Secure authentication of anyone accessing patient records
• Secure data storage AND retrieve of archives
• Logging & access activity monitoring
• Secure data transmission and at rest—read- encryption
• A new thought to security community—NSAP(Network Security & Privacy) insurance for client and EMR vendor
As you begin to work with clients on EMR adoption save this blog and dust it off-it will help!