Privacy Concerns With Electronic Medical Records

explanatory Essay
1923 words
1923 words

Prior to the Information Age, medical records were all stored in folders in secure filing cabinets at doctor’s offices, hospitals, or health departments. The information within the folders was confidential, and shared solely amongst the patient and physician. Today these files are fragmented across multiple treatment sites due to the branching out of specialty centers such as urgent care centers, magnetic resonance imaging, outpatient surgical centers, and other diagnostic centers. Today’s ability to store medical records electronically has made it possible to easily send these files from one location to another. However, the same technology which can unify the fragmented pieces of a patient’s medical record has the ability to also create a path for privacy and security breaches. This paper will examine how electronic medical records are used, how they are secured, how security is enforced, and what the consequences of security breaches are.

It is important for the purpose of clarity to distinguish the difference between electronic medical records (EMR) and electronic health records (EHR). Electronic medical records are an electronic composition of an individual’s medical history including such components as procedures, past diseases, diagnosis, medications, doctor’s names, and allergies. An electronic health record is an electronic means of documenting a patient’s procedures, diagnosis, billing information, etc. at each care facility (Badzek & Gross, 1999). A movement that was first initiated under the Bush administration, accepted by the Clinton administration, and now embraced by President Obama is the creation of the individual electronic medical record. In 2009 President Obama included $36 billion in the stimulus package to...

... middle of paper ...


Dixon, P. MEDICAL IDENTITY THEFT: The Information Crime that Can Kill You, March 3, 2006. World Privacy Forum. Retrieved from on April 24, 2012.

Foreman, Judy (26 June 2006). "At Risk of Exposure”. Los Angeles Times. Retrieved April 23 , 2012.

Gellman, R. Fact Sheet 8a: HIPAA Basics: Medical Privacy in the Electronic Age. Privacy Clearing House. March, 2012. Retrieved April 19, 2012 from

Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. § 1320d-9 (2010).

Moore, J. Electronic Medical Records Stimulus Package. Dec. 2009, Retrieved from on April 19, 2012.

In this essay, the author

  • Explains that prior to the information age, medical records were stored in secure filing cabinets at doctor's offices, hospitals, or health departments. today, these files are fragmented across multiple treatment sites due to branching out of specialty centers.
  • Explains the difference between electronic medical records and electronic health records. both are subject to the same type of security breach.
  • Explains that more than 260 million data breaches have occurred in the united states, including those of health related records.
  • States that hippa was signed into law in 1996 to mandate the security of health related information. the portability component of the law establishes the right for an individual to obtain health insurance despite having pre-existing illnesses.
  • Explains that the privacy rule applies to health insurance plans, health care clearing houses, and providers who transmit health information electronically.
  • Explains that medical identity theft is becoming a large problem in the united states and can have dire consequences not only on someone’s bank account but on their health as well.
  • Explains that the person using the stolen identity begins receiving treatment under the victim's name and adds medical history to their medical record.
  • Explains that a breach of medical records occurred at emory university hospital in atlanta on april 18, 2012 — back up disks of 315,000 patients were missing, along with 228,000 social security numbers.
  • Explains that hippa mandates that entities providing health care or handling heath care plans develop and implement policies and procedures consistent with the privacy rule.
  • Explains that if an entity covered by hippa is found to not be compliant with any portion of the privacy rule, the department of health and human services may impose civil penalties of $100 per failure.
  • Opines that electronic medical records provide for less storage space, faster consulting between physicians, easier billing and faster reimbursement of insurance companies, efficient treatment of patients, and an easier way for person's to view and track their medical record.
  • Cites breach report 2010, redspin inc., and badzek, l. and gross, g. confidentiality and privacy: at the forefront for nurses.
  • Explains that 315,000 patients' information disappears from emory healthcare. wsbtv.
  • Cites dixon, p. medical identity theft: the information crime that can kill you. world privacy forum.
  • Cites foreman, judy, and moore, j. electronic medical records stimulus package.
Get Access