The growing rate of medical identity theft has many questioning the decision to transfer patient records and personal information to a national electronic database system. Medical identity theft is the fastest-growing type of identity theft, significantly jeopardizing a patient's finances and health. While the healthcare system has safeguards in place and many officials believe the new initiative will make patient care more efficient, the risk of a data breach will be greatly increased if administrators do not set tighter standards, according to Discovery News.
Nearly $20 billion in economic stimulus funds were allocated to the healthcare system to develop a national electronic medical records database in 2009, the website reports. The initiative aims to set up a medical e-record for every American by the year 2014. However, many policy experts are unable to reassure Americans that the database system will be completely secure.
"We realize that (privacy breaches) are going to happen, but that doesn't mean (electronic medical records) aren't worthwhile," George Washington University public policy and health information technology expert Melissa Goldstein told Discovery News.
In an effort to deter the improper use of medical information, state and federal lawmakers are establishing laws and legislation that will penalize individuals that hack into patient records. Lawmakers are also trying to navigate around the discrepancies between state-patient privacy laws and the Health Insurance Portability and Accountability Act, which outlines federal privacy laws, Discovery News reports.
Another tricky component lies in ensuring that those viewing patient data are authorized to do so.
"In this space the privacy concerns are the trickier, harder problem (as opposed to data security) because we have a need for finding ways of (acquiring) patient consent, but at the same time ensuring that doesn't get abused by having the data shared too broadly," University of Illinois computer science professor Carl Gunter told Discovery News.
Currently, there is no standard authorization plan in place.
While the new electronic database program offers a number of benefits, the recent Blue Cross Blue Shield data breach highlights the growing need for stronger security standards. Health records typically include information such as a patient's Social Security and billing information in additional to their medical history. This would not only allow a hacker to ruin a patient financially, but also obtain medical services under their name. Tampering with a patient's medical record could potentially lead to life-threatening mistakes in an emergency situation.