Newswise — Electronic health records can potentially save billions of dollars in health care costs and increase patient safety, but have considerable risks to individual privacy in the United States, more so than the European Union, said a new study co-authored by Janine Hiller, professor in the Pamplin College of Business at Virginia Tech.
“EU countries have adopted electronic health records and systems, or EHRs, and legally protected privacy at the same time,” Hiller said. EHRs include a wide range of patient medical information collected in digital format and accessible via computer, most often over a network.
Strengthening the legal and technical safeguards, she said, would significantly minimize the privacy and security risks and address public concerns in the U.S. about EHRs. Her study examines their benefits and drawbacks, the adequacy of U.S. laws to meet the challenges posed by the privacy risks and concerns, and compares the EU’s legal approach to EHRs.
The U.S. legal framework for health care privacy, she said, is “a hodgepodge of constitutional, statutory, and regulatory law at the federal and state levels.” Hiller and her co-authors believe that though federal efforts to protect privacy seem to be a step up from inconsistent state laws, Americans currently still “have no real control over the collection of sensitive medical information if they want to be treated,” in contrast to the choice accorded to EU residents.
Their study, Hiller said, makes it clear that the privacy issue should be central to any discussion of EHR implementation in the U.S. and the technical and policy framework that guides it. Her recent research in Sweden, she said, showed her “that the legal and technical frameworks cannot stand alone; that they should be developed hand in hand in order to design systems that will effectively protect patient privacy.”
Until then, she said, “public confidence and trust in EHRs is unlikely.”
Read the full story, Privacy or savings? in the fall 2011 issue of Pamplin magazine at http://www.magazine.pamplin.vt.edu/fall11/healthprivacy.html
“Privacy and Security in the Implementation of Health Information Technology (Electronic Health Records): U.S. and EU Compared” is in the current (winter 2011) issue of the Journal of Science & Technology Law, at http://www.bu.edu/law/central/jd/organizations/journals/scitech/volume171/documents/Hiller_Web.pdf
Dr. Hiller's website is http://www.finance.pamplin.vt.edu/faculty/jsh/index.html