Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

Data Security in the Age of Self-logged Health

Posted on August 29, 2011 I Written By

Priya Ramachandran is a Maryland based freelance writer. In a former life, she wrote software code and managed Sarbanes Oxley related audits for IT departments. She now enjoys writing about healthcare, science and technology.

Over at EMR and EHR I have a post going about the self-logging trend, in which people log their medical and other observations on a regular basis. I’m fascinated by the trend, but as an IT person, I shudder at the data nightmares this movement will leash if it becomes widespread.

Quantified Self, a major web hub for self-trackers, has posts on monitoring devicest hat can measures the vitals of people up to 10 meters away, and microsensor embedded mindfulness pills that transmit data to your phone when ingested.

So if someone steals my smartphone, does it mean that not only can s/he spam-text all my friends, but s/he can access all my health logs and PHRs that only my HIPAA compliant provider’s office and EMR systems were supposed to get their hands on?

Indeed, a news story in Med City News says that physical theft, not hacking, is the major concern for mobile storage devices. It’s far easier to flick an iPhone lying on somebody’s desk than to devote the brain- or computing power needed to hack into an EHR system from a reputable vendor.

Med City News reports that during the period from 2009-2011, there were 116 cases of data breaches involving at least 500 patient records (breaches that exposed fewer than 500 records were not included). Physical loss of devices accounted for a whopping 60% of security breaches.

As the Med City News piece notes:

HIPPA violations aren’t happening in the cloud. Rather, they’re happening in the doctor’s office, hospital IT closets, cars, subways, and homes.

Think about how much more this problem can be compounded if health logging becomes practise du jour?

Bottomline: Self-tracking may yet revolutionize healthcare, but could we as individuals potentially jeopardize our own data security? Possibly. It might be a fad among tech geeks but it needs some thinking through from an EMR/EHR perspective.

Valuable Healthcare Data or TMI? The Quantified Self

Posted on I Written By

Priya Ramachandran is a Maryland based freelance writer. In a former life, she wrote software code and managed Sarbanes Oxley related audits for IT departments. She now enjoys writing about healthcare, science and technology.

Maybe two years ago, I saw this interview on TV with this Silicon Valley yuppie who had a camera attached to a cap on his head (or maybe it was a backpack. I digress.) Every 10 seconds, the camera would kick into action and take a snapshot. This way, the yuppie surmised, he would have a repository of pretty much everything he had ever done, even the parts he didn’t like or want to share.

Fascinating as the interview was, to me the $64,000 question was Why? Why, I wondered, would someone want this much detail about his life?

Turns out, there are a whole lot of people who are into this kind of minutiae logging. And they may very well be changing the way medical records are used and stored. At Quantified Self, people believe that self-logged data holds the key to a better understanding of oneself. And some Quantified Selfers are on a mission to make it easier and cheaper to save one’s personal data.

I can think of a myriad things about my health that I might want to log and analyze – blood pressure, weight, mood swings, food intake and (ew! even) bowel movements. Such data might serve to show me the cause and effect, or at least correlations, between my daily choices and the end result of these choices. Such feedback loops apparently work. Last month’s Wired story on this topic shows how innocuous and ineffective seeming reporting can be used for positive behavior change. (There’s an interesting section on how one inventor helps non-compliant patients take their pills as directed.)

This is still a newish area of experimentation. We still don’t know if, and when, and how this trend will play out in the healthcare field. To me, there are several questions that need to be answered:

  • How is data going to be stored and transmitted to the EMR?
  • Who takes charge of interpreting all this data we will gather? Will my already overworked primary care physician for example want to look through graphs of my self-reported B.P. and weight changes?
  • How will this data interface with EMR systems already in place?
  • How safe is it to maintain a personal health data journal? What are the HIPAA implications?
  • How much is too much?

It will be interesting to see how this form of health-logging will play out.

Style and Substance — EHRs Need Both

Posted on I Written By

Dr. West is an endocrinologist in private practice in Washington, DC. He completed fellowship training in Endocrinology and Metabolism at the Johns Hopkins University School of Medicine. Dr. West opened The Washington Endocrine Clinic, PLLC in 2009. He can be contacted at doctorwestindc@gmail.com.

Greetings to all my readers out there!  For today’s blog post Style and Substance — EHRs Need Both, I invite you to visit me over at EHRoutlook.com. Ann Zeiger was kind enough to invite me to write on a topic that interests me (and hopefully her and her readers) a couple of times a month.  It’s been a good working relationship, and so I hope you’ll take the time to take a look around their site.  I found it to be actually quite packed with good information and perspectives on electronic health records and mobile healthcare technology.  Bon apetite!

Dr. West is an endocrinologist in private practice in Washington, DC.  He completed fellowship training in Endocrinology and Metabolism at the Johns Hopkins University School of Medicine. Dr. West opened The Washington Endocrine Clinic, PLLC, as a solo practice in 2009.  He can be reached at doctorwestindc@gmail.com.