Here at EMC we spend a lot of time discussing data security—and nowhere is the subject more thorny than the medical field. Patient records need to protected, but also instantly accessible to authorized medical teams. The best-designed systems do more than store documents efficiently. They empower staff and inspire patient confidence, often in unexpected ways.
In preparing for EHI Live 2014 (November 4-5 in Birmingham, UK, exhibit booth D31), I discussed these challenges and opportunities with our friends at Fortrus, a UK-based EMR development company that partners with EMC in the medical field. The Fortrus team are veterans of the very difficult rollout of the U.K.’s nationwide medical records systems.
“You can never be lazy about protection and safeguards,” says Project Manager Fraser Stewart. “You need to treat patient safety like cash, because it’s every bit as valuable. Organizations that fail to understand this risk public distrust.” Fraser cites this as one of many factors that doomed the UK’s original NHS IT system.
“The key,” says Adam, “is to provide tools enabling every facility to choose its own levels of access, while avoiding overbearing security.” Part of the burden rests on the provider of the EMR solution, building on time-tested protocols inherent in the best data repositories “like audit trails that track every click.”
But customers must also do their share.
“IT departments must maintain constant vigilance,” adds Adam. “The best teams will perform regular penetration testing, keeping a step ahead of hackers.”
When medical staff feel confident that their technology keeps out the “bad guys,” they’re much more at ease about sharing information with the “good guys.” And that, says Adam, enhances patient care.
“Once you can see a patient’s total record trail, from all his visits to many hospitals, you learn additional crucial details that help you figure out more things, leading to better diagnoses.”
“Many doctors don’t collaborate nearly enough,” adds David. A powerful solution that rapidly and efficiently displays patient records from multiple facilities encourages clinicians to reach out to each other, down the hall, across town, even across the country, to share, to brainstorm.
“When everything was on paper,” says Fraser, “it was difficult to access records from other hospitals. Too many doctors could not be bothered to dig deeper. Now it’s much easier not only to collaborate, but to examine patient data in new ways, which can yield previously unavailable answers.”
What is the biggest challenge you see around keeping patient records private and compliant, but still accessible?