Join the 200th Anniversary Celebration
Advanced Search

Correspondence

Computer-Based Patient Records

N Engl J Med 1996; 334:1139-1140April 25, 1996

Article

To the Editor:

Dr. Woodward's discussion of the effects of computer-based patient records on medical confidentiality (Nov. 23 issue)1 emphasized the dangers of criminal behavior and the potential misuse of health data. However, when a patient's medical information is not stored in a computer, important information from his or her chart may be lost, unreadable, or unavailable to physicians at the moment it is most needed. The patient also loses the benefits of computer programs such as software to monitor drug–drug interactions, computer-generated alerts and reminders, and on-line consultation, all of which are being found increasingly to improve care.2-4 Furthermore, in many situations the computer can actually increase confidentiality by restricting access5 to patients' records and recording the names of those who look at confidential information.6 It is generally impossible to know who has looked at a patient's paper chart.

The alarming nature of violations of privacy by criminals must not draw our attention away from the greatest risk to patients: the risk of poor care. We must use the computer wisely and responsibly to improve the quality of care and protect patients' privacy.

Jonathan S. Wald, M.D., M.P.H.
David Rind, M.D.
Center for Clinical Computing, Boston, MA 02115

6 References

  1. 1

    Woodward B. The computer-based patient record and confidentiality. N Engl J Med 1995;333:1419-1422
    Full Text | Web of Science | Medline

  2. 2

    Bates DW, Cullen DJ, Laird N, et al. Incidence of adverse drug events and potential adverse drug events: implications for prevention. JAMA 1995;274:29-34
    CrossRef | Web of Science | Medline

  3. 3

    McDonald CJ, Hui SL, Smith DM, et al. Reminders to physicians from an introspective computer medical record: a two-year randomized trial. Ann Intern Med 1984;100:130-138
    Web of Science | Medline

  4. 4

    Safran C, Rind DM, Davis RB, et al. Guidelines for management of HIV infection with computer-based patient's record. Lancet 1995;346:341-346
    CrossRef | Web of Science | Medline

  5. 5

    Bleich HL, Beckley RF, Horowitz GL, et al. Clinical computing in a teaching hospital. N Engl J Med 1985;312:756-764
    Full Text | Web of Science | Medline

  6. 6

    Safran C, Rind D, Citroen M, Bakker AR, Slack WV, Bleich HL. Protection of confidentiality in the computer-based patient record. MD Comput 1995;12:187-192
    Medline

To the Editor:

. . . The greatest threat to patients' privacy and confidentiality stems not from the nature of the medium employed (paper vs. computer) but from the long-standing tradition of the medical record as an “open book.” This state of affairs can be reversed by exploiting the ability of the computer to fine-tune access to clinical data on a topic-by-topic basis. If systems are designed to be secure, the benefits of computerized patient records in terms of care for patients and physicians' productivity should outweigh the risks to privacy and confidentiality.

Raymond J. Zastrow, M.D.
Covenant Healthcare System, Milwaukee, WI 53214

To the Editor:

Physicians in hospital practice have known for years that medical records are semipublic documents; the computer-based record only makes unauthorized access easier. Patients possess another record, however — the virtual medical record — that is far more secure against prying eyes. Like a “virtual” image in a computer simulation, the virtual medical record has no objective reality. It exists only in the collective memory and conversation of the health care team.

Physicians who practice under repressive regimes are intimately familiar with the virtual medical record. In such countries, diagnoses and aspects of the medical history that might attract official reprisals (such as drug and alcohol abuse, homosexuality, abortion, and psychiatric disorders) seldom appear in the written medical record except in heavily disguised form. A similar pattern of deception may be spreading in the United States as patients increasingly fear reprisals from their insurers, their employers, and even their bankers should they contract a disease such as AIDS or cancer that requires prolonged and expensive care.

Patients and physicians may be tempted to withhold sensitive information from the computer-based medical record, fearing its large and potentially unfriendly readership. Increasingly, they may perceive the virtual medical record as their only guarantee of privacy. Should this come to pass, we may expect the computer-based medical record to become more and more bland, defensive, and misleading, while it communicates and teaches less and less. It will almost certainly grow in length, swollen with fatuous clutter such as “interdisciplinary assessments.” It goes without saying that such a course of events would be a grievous blow to patient care and medical education.

Michael Phillips, M.D.
St. Vincent's Medical Center of Richmond, Staten Island, NY 10310

Author/Editor Response

Dr. Woodward replies:

To the Editor: The use of computers can speed access to information about patients and can supplement a physician's memory and knowledge base, thereby improving patient care. Unfortunately, these benefits are at present generally accompanied by policies regarding access that are convenient for providers but that erode the confidentiality of patients' records. It is not only the treating clinicians who are gaining easy access to patients' records but also nontreating clinicians and a wide range of other personnel. In short, despite the efforts of some researchers and information specialists to develop finely tuned procedures for restricting access, these are not being adopted, nor are patients' desires in this regard being taken into account.

Criminal activity is only one aspect of the threat to patients' privacy. Most of the activity that erodes privacy is permitted or even mandated by law. We see an example of the latter in a Maryland law that requires that over 30 elements of data be reported to a state medical data base after every medical encounter. These elements include the complete birth date of the patient and his or her ZIP Code, diagnostic codes, and the physician identification number, making it easy to create longitudinal records on individual patients. An example of permitted activity is the entry, without the patient's consent, of information on a patient into computer data bases that can be accessed by hundreds or thousands of health care workers, even though most of them have never had responsibility for the patient's care. In this case, providers argue that what is not clearly prohibited by the law is permitted.

The protection of a patient's privacy is an integral aspect of the pursuit of that patient's well-being. Dr. Phillips is correct that the virtual medical record will be employed to this end if other alternatives are not available.

Beverly Woodward, Ph.D.
Brandeis University, Waltham, MA 02254

My Account
My Alerts
My Saved Items
My CME Exams
Article Category
Research
Reviews
Clinical Cases
Perspective
Commentary
Other
Browse all articles
Multimedia
Videos in Clinical Medicine
Images in Clinical Medicine
Interactive Medical Cases
Weekly Audio Summaries
Browse all multimedia
This Week
Last Week
Browse full index
Selected Specialties
Cardiology
Endocrinology
Gastroenterology
Genetics
Hematology/Oncology
Infectious Disease
Nephrology
Neurology/Neurosurgery
Obstetrics/Gynecology
Pediatrics
Primary Care/Hospitalist
Pulmonary/Critical Care
Surgery
Browse all Specialties & Topics
Featured Topics
Clinical Practice Center
Health Policy and Reform
Author Center
Submit a Manuscript or Letter
Track a Manuscript
Help