To put it bluntly, the government's emphasis on big, traditional, template-driven EMRs as a one-size-fits-all
solution is naive. And there are additional stumbling blocks to establishing a universal system for converting
to EMRs and allowing records to be seamlessly moved around. Some of these are:
Disruption to office operations
Finding easy and secure methods of transporting of
Government interference in the process
I would like to address these issues one by one, suggesting solutions to these dilemmas, and in conclusion
provide a blueprint for moving forward while minimizing the burden of doing so.
Privacy concerns are of paramount importance. As health records are transmitted around the world, every
precaution must be taken to keep them from falling into the wrong hands. It does puzzle me, though, as to why
this has become such an up-front-and-center issue with the advent of electronic records, while it has been
considerably less so with the "paper" system. Electronically, the additional privacy risk is pretty much limited
to the need to protect against hackers. But the paper system can be "hacked" much more easily than the
electronic system, since it would be just a matter of surreptitiously making one's way into an office and
photocopying from the chart. An employee of the doctor's office, a maintenance person, or anyone with access to
the office can make copies of records, or scan the records and e-mail them anywhere.
My point is, if someone wants the records badly enough, that individual can get them. No worldwide EMR network
can be created with 100% security (hackers have even violated the Pentagon). The current method of rendering
records unreadable to unintended recipients is to encrypt the files on the sending end and decrypt them on the
receiving end. With the aid of virtual private networks (VPNs) and file transfer protocols (FTPs), both of which
are commonly used technologies, keeping records safe from forbidden hands is made all the easier.
Financial considerations are obviously going to play a significant role in any medical practice's decision to
move forward with implementing an EMR system. If you believe that all you will need to do is tell the federal
government that you want to purchase an expensive EMR system, and that shortly thereafter a Stimulus check
will be forthcoming in the mail, then I have some swampland here in Florida to sell you. I am already reading
that to qualifY for Stimulus money, you may be required to buy a system that is sanctioned by the CCHIT, which
may not even include some EMRs currently in use, no matter how suitable they might be. If I read the CCHIT price
list correctly, certification will cost the EMR company close to $150,000, guaranteeing that the "big boys" will
have a monopoly on access to the certification process and virtually eliminating entrepreneurs with products
that are simpler, more practical, and less expensive.
Certainly the federal government needs to be confident that basic standards are met when it allocates money for
HIT, but its onerous bureaucracy may defeat the purpose. Solo and small group practices, and perhaps even larger
clinics that don't enjoy wasting time and money wading through bureaucratic red tape, may thus opt out of the
Stimulus/CCHIT program altogether and absorb the out-of-pocket costs of an inexpensive system that meets their
Disruption to office operations really comes back to financial considerations. I am familiar with a 50-doctor
multispecialty clinic that adopted an EMR system and forced providers to completely change their daily routines.
The doctors were told to interact with their computers, use templates, etc. That formerly 50-doctor clinic is
now a 39-doctor clinic, and according to its currently unemployed prior administrator, it is now having serious
financial difficulties. I believe that the desired goal can be accomplished without forcing such changes to the
daily routine of providers and the office's day-to¬day operations.
A method of easy and secure transporting of records from one place to another currently exists. As previously
mentioned, encryption, FTP, and VPN processes are already common practice. And there is already an
industry-standard protocol for two-way communication between facilities, called Health Level 7 (HL7). HL7 is the
good news. The bad news is that HL7 interfaces between two facilities must be uniquely fine tuned, often
involving the need for extended back-and-forth test transmissions, and often negotiations between the two
parties as to the cost of creating the "inputs" and "outputs."
I have witnessed this process many times over the last few years, and the cost from an EMR company to its
clients for establishing those connections has been as much as $25,000 per interface, and in many cases two
interfaces are required, one to send information into the EMR and another to retrieve information from the EMR.