Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Government Medicine Politics

EHR Privacy Debate Heats Up 182

CurtMonash writes "The New York Times reports on President-Elect Obama's continued commitment to electronic health records (EHRs), which on the whole are a great idea. The article cites a number of legislative initiatives to deal with the privacy risks of EHRs. That's where things start to go astray. The proposals seem to focus on simply controlling the flow of information, but from a defense-in-depth standpoint, that's not enough. Medical care is full of information waivers, much like EULAs, only with your health at stake. What's more, any information control regime has to have exceptions for medical emergencies — but where legitimate emergencies are routine, socially-engineered fake emergencies can blast security to smithereens. So medical information privacy will never be adequate unless there are strong usage-control rules as well, in areas such as discrimination, marketing, or tabloid-press publication. I've provided some ideas as to how and why that could work well."
This discussion has been archived. No new comments can be posted.

EHR Privacy Debate Heats Up

Comments Filter:
  • by Anonymous Coward on Monday January 19, 2009 @08:31AM (#26515009)

    I saw this [case.edu] the other day. Basically, a pair of professors, one in law and another in computer science (specializing in software testing) are trying to bring the problems with EHR to a wider audience.

    They call for testing and certification of EHR systems (Though thankfully not through the FDA).

    It'll be interesting whether anyone listens to them.

    • by winwar ( 114053 )

      "Basically, a pair of professors, one in law and another in computer science (specializing in software testing) are trying to bring the problems with EHR to a wider audience."

      And the problems essentially reduce to: do you want easy access or security. The best type of EHR is one that doesn't exist. I can't think of a good system that outweighs the negative. Although I would accept an opt-in system.

  • by ionix5891 ( 1228718 ) on Monday January 19, 2009 @08:33AM (#26515013)

    $emails = $DB->get('SELECT email FROM records WHERE records.dysfunction LIKE "%erectile%"');

    foreach( $emails as $email ){

          mail($email, 'hello i hear you are in need of herbal via....');
    }

    • LOL.

      Exactly one of the things I suggested be made illegal.

      • Re: (Score:3, Funny)

        by swillden ( 191260 )

        LOL.

        Exactly one of the things I suggested be made illegal.

        Spam is already illegal, so that problem is taken care of.

        • Might not be spam. ALL marketing based on medical information should be illegal, with only the narrowest of carve-outs for your actual healthcare providers.

          • Re: (Score:3, Interesting)

            by swillden ( 191260 )

            Might not be spam. ALL marketing based on medical information should be illegal, with only the narrowest of carve-outs for your actual healthcare providers.

            Which will work just fine with respect to traditional marketing channels, but will be as effective against much Internet-based advertising as CAN-SPAM is against spam.

            I have no objection to legal protections, but laws are insufficient. Actually, I do have one objection: laws often provide a false sense of security, and occasionally even work against the interests of the people they're supposed to protect.

            What we need to assure the privacy of medical information is technological means to place the contr

        • Spam being illegal certainly has curbed its proliferation - NOT !

          • That's my point.
          • Spam being illegal certainly has curbed its proliferation - NOT !

            All kidding aside, I think you're wrong about that.

            http://edge.networkworld.com/community/node/36965 [networkworld.com]

            • You're basing your argument on some random prediction that spam will stop being a problem during the next year, in spite of previous similar predictions which have been spectacularly wrong?

              Spam is semi-controlled at the moment through purely technical means -- filtering. Unfortunately, filtering has made e-mail unreliable and reduced its value.

  • by Thanshin ( 1188877 ) on Monday January 19, 2009 @08:50AM (#26515079)

    One of the problems with EHR is that it potentially follows you your entire life.

    If information about your economic status, familiar situation, physical location, customs, etc. Usually becomes unreliable after some time. A leak on those informations slowly loses effect.

    Medical information, however, is permanent in many cases. A single leak of a person's data can have fresh information for, literally, a lifetime.

    • I wish I had mod points. I feel the same way about my fingerprints and DNA.
    • >>>A single leak of a person's data can have fresh information for, literally, a lifetime.

      Go watch GATTACA for an example. Yeah sure they had laws to forbid discrimination against employees who had bad medical records, but since when do corporations follow the law? It is easy to make-up other excuses:

      "This guy has a high history of heart problems according to his government file, so let's not hire him."
      "We need a better excuse then that."
      "Um... he doesn't know how to program Cobol."
      "Yeah that wil

  • by modmans2ndcoming ( 929661 ) on Monday January 19, 2009 @08:54AM (#26515109)

    banking has a network for wire transfers that is not accessible from the internet. Make electronic medical records transferable and accessible only from within a closed off network. Then information can not be stolen from an outside attacker and you are left with the same risk you had before, insiders stealing data.

    • except that... banks have an incentive not to get hacked, their money is at stake. hospital do not have an incentive to prevent information leaks.
    • by DMoylan ( 65079 )

      not sure that would really work. was in hospital 5 weeks last year over 3 occassions.

      most of the pcs containing records were generic compaqs that we sell at work. i was left on many an occassion in cubicles with these machines with a curtain giving a fair chunk of privacy to any attempt i should want to attempt. and the medical staff are not i.t. people thinking of security or fast typists so i was able to see a few of the passwords been typed in. out of curiosity more than any other reason this was interes

      • it is more about remote attacks. Even with a paper record, someone can get in and take it. most of the time, paper charts are at the end of a bed, or outside a door, or on the front desk, etc.

  • by tygerstripes ( 832644 ) on Monday January 19, 2009 @09:03AM (#26515157)

    This has been in place in many other countries for years, including the UK where - for all the bureaucracy and wastage of the NPfIT [wikipedia.org] initiative - it's been largely successful.

    The system isn't perfect, and human error is the main source of problems and breaches (as ever), but the benefits have so vastly outweighed the risks that I'm surprised this is even being debated.

    Most importantly, all the problems envisaged by critics have already been anticipated, encountered and (largely) overcome in other countries. Take a look outside your borders and learn a few things. Find out what works and what doesn't, and use the mistakes of others to build a better system. Just don't start panicking over nothing. This is not a pioneering initiative, in global terms.

    • I hear a lot of UK citizens complain about Parliament's healthcare. One guy said, "We're treated as just another cog in the machine, and if the bill costs too much the politicians have decided to send us home without care so they can save money. This happened to me several times."

      • Fair comment, but that's because our health-care system is knackered and has been run into the ground by the government for years. Nothing to do with the information systems, everything to do with under-funding and heavy-handed, bureaucratic micro-management, usually based on political knee-jerk responses to the latest media orgy.

        Any UK resident who's had dealings with the NHS (National Health Service) will tell you the same: no problems with records, information management or any of that. It's just the pr

        • >>>our health-care system is knackered and has been run into the ground by the government for years.

          Wouldn't it be nice if you had CHOICE? i.e. If the Parliament-run hospital sucks, you could switch to a different hospital, like Apple or Linux or even (shudder) Microsoft Hospital? Choice is better than a monopoly. If the monopoly sucks (it does), you're stuck with it.

          • Re: (Score:3, Insightful)

            There is a private health-care industry in the UK - and it's growing all the time, out of sheer necessity. It's just prohibitively expensive for the proles, especially given that we already pay for the NHS, which is chartered to provide for every person's health-care needs.

            "From the cradle to the grave" used to be an unofficial slogan, back in its more socialist hey-day. Now it's more of a grim prediction...

            • That sounds a lot like the U.S. School System. We have private schools, but since the school tax is ~$3000 a year, people simply lack the money to choose the private option.

              I'd like to see a system were, if parents send their kids to private school, they would be exempt from paying school tax for that year. It would give people the extra money they need to "escape" the government school.

            • I am by no means rich and have been privately insured all my working life in the UK.

              When I need to be treated quickly I go for private insurance, for long term treatment I rely on the NHS.

        • The amount Labour has thrown to the NHS is almost obscene.

          There is a lot of mismanagement to be sure (if it is worst than a bank would be open to debate, at least most people get relatively decent health service) but to say the NHS is underfunded is not a serious point, as can be quickly checked.

    • Re: (Score:3, Insightful)

      by gad_zuki! ( 70830 )

      The difference being that Americans have been fed so much corporate propaganda about healthcare and political propaganda about expansion of government services, that they just dismiss successful programs overseas as impossible or astroturf right-wing talking points about "how they dont really work." You'll see this in replies to your post in 3...2...1...

    • by N1AK ( 864906 )

      including the UK where - for all the bureaucracy and wastage of the NPfIT initiative - it's been largely successful.

      I don't work with and haven't used any of the NPfIT systems, however I have read a lot of coverage regarding this including recent material in IT and Medical news sources. I certainly haven't gotten the impression the system is remotely successful. I'm not saying it isn't, but I'm yet to see anything that doesn't make it sound like a gigantic project failure, that has completely lost site of

    • between the U.S. and the rest of the world is the rest of the world gives up their rights readily and freely without a fight. You claim to welcome us to the 21st century simply because it's based on technology, and I say, enjoy the your life in 16th century based on the rights your government protects for its citizens.

    • Most importantly, all the problems envisaged by critics have already been anticipated, encountered and (largely) overcome in other countries. Take a look outside your borders and learn a few things. Find out what works and what doesn't, and use the mistakes of others to build a better system. Just don't start panicking over nothing.

      the importance of doing things right the first time in the US is paramount.

      Unlike other nations, special interests will quickly man the barricades and block any and all attempts to remove "beneficial" loopholes from laws.

      See: Medical insurance rate hike work-around for policy cancelleation, DMCA section 1201, Internet neutrality, and much much more.

  • DRM based OSes (Score:3, Interesting)

    by jbolden ( 176878 ) on Monday January 19, 2009 @09:03AM (#26515163) Homepage

    Essentially what you need is DRM. The data is only available on a limited number of machines and then strictly limited in what you can do with it, with strong audit trails. Not using general purpose computers but rather devices might help.

    But in the end I don't think this is likely to work, the incentives for hacking are too strong and the distribution has to be too wide. EHRs mean that there will be substantially less medical privacy in exchange for better medical care and lower costs (70b-300b / year). That doesn't seem like a bad trade.

    • the incentives for hacking are too strong and the distribution has to be too wide.

      Hence the need for strong laws to add to the DISincentives for hacking.

      • by jbolden ( 176878 )

        I don't see that as likely working. The main problem is the only crimes the US law enforcement seem to really care about are speeding and murder.

        A produces a legit machine which can access records
        B produces a machine that spoof being a machine of type A but also copies the records off via email.
        C owns a medical office
        D get a job in C's office as a receptionist. and replaces A's machines with B's machines over a period of a week. D then quits and gets a job at another office....

        E lives outside the US and

        • And those records will illicitly be used -- how? Spam? We all get plenty of medical spam anyway. Non-spam? Legitimate businesses can be seriously penalized. Discrimination? Too much of a "paper" trail for discrimination to use that vector.

          • by jbolden ( 176878 )

            Oh I see. You mean make it illegal to receive the records not create them. That means you have to hit extracts from, derived works from the records regardless of source. I have some serious questions about the constitutionality of laws like that. Remember you have to be able to prove beyond a reasonable doubt a law was broken.

            Try and write one up that gets around all the ways the data can me modified and then sold.

            • Oh I see. You mean make it illegal to receive the records not create them. That means you have to hit extracts from, derived works from the records regardless of source. I have some serious questions about the constitutionality of laws like that. Remember you have to be able to prove beyond a reasonable doubt a law was broken.

              Try and write one up that gets around all the ways the data can me modified and then sold.

              Now you're on the right track!

              I'm sure I haven't thought of everything that's necessary. But I'm game for as many rings of defense as it takes. You mustn't transfer the info illicitly. You mustn't sell it. You musn't buy it. You musn't use it for the purposes people would want to buy it for. And you surely mustn't do hacking to get it.

              • by jbolden ( 176878 )

                OK I can see that working. With a dozen rings of defense you get rid of most of the incentives to puncture 5 of them since the majority are still left. The conspiracy just takes too many people.

      • Hence the need for strong laws to add to the DISincentives for hacking.

        There's only so strong you can make the laws. You can make the penalty death and forfeiture of all property to the state, but if the incentives FOR it are strong enough, and the chance of getting away with it perceived to be good enough, it'll happen anyway.

        • Hence the need for strong laws to add to the DISincentives for hacking.

          There's only so strong you can make the laws. You can make the penalty death and forfeiture of all property to the state, but if the incentives FOR it are strong enough, and the chance of getting away with it perceived to be good enough, it'll happen anyway.

          No argument. But my point is that the incentives FOR using people's medical records against them aren't really that high, especially if the what the records show is merely elevated probabilities of some unfortunate outcome(s).

    • Develop a new network port completely different from cat5. (this network will be separate from the internet just like bank transactions are today)

      Make regulations requiring any computer with this new network port not be allowed to carry cat5 or wireless, and that the computers be kept in a feraday caged room with no cat5 plugs or wireless.

      Limit electronic storage of medical records to those computers, with transfer to paper required for every other use.

      Then institute hefty criminal and civil penalties for a

  • Great idea? (Score:2, Informative)

    by Mr. Slippery ( 47854 )

    Funny this should come up, considering what I just read last night in the RISKS Digest [ncl.ac.uk]:

    Software glitch causes incorrect medication dosages
    Jeremy Epstein jeremy.j.epstein@gmail.nospamnospamnospam.com
    Fri, 16 Jan 2009 11:51:46 -0500

    ``Patients at VA health centers were given incorrect doses of drugs, had needed treatments delayed and may have been exposed to other medical errors due to the glitches that showed faulty displays of their electronic health records, according to internal documents obtained by The

  • by jotaeleemeese ( 303437 ) on Monday January 19, 2009 @11:33AM (#26516853) Homepage Journal

    Whose information is that?

    The patient's.

    Who should control it?

    The patient.

    Any other solution should not be allowed to prevail.

    An intelligent card, easy to back up at home and protected by well thought of security mechanisms is all what is needed.

    There is no need for massive centralized databases, you just send the encrypted information to the person that needs to see it in an "as needed basis", perhaps by swapping your card in terminals connected to a private network that allows the sharing of this data.

     

    • Re: (Score:3, Interesting)

      by joocemann ( 1273720 )

      I completely agree. I do not understand, whatsoever, how it is burdensome for a patient to bring their medical records to their doctor. The doctor and/or hospital keep those records privately; access and review/add to them when necessary--- and if the patient needs to see another doctor, they can get a copy and carry them on over to the new doctor.

      This is how it already works; this is NOT a big deal.

    • There is no need for massive centralized databases, you just send the encrypted information to the person that needs to see it in an "as needed basis", perhaps by swapping your card in terminals connected to a private network that allows the sharing of this data.

      Wait what?

In the long run, every program becomes rococco, and then rubble. -- Alan Perlis

Working...