When it comes to electronic healthcare records (EHR) there is always a lot of debate about the security of the IT systems used to house these records. After all, it’s hard to hack into an office where all the relevant records in papers locked up in file cabinets. That doesn’t mean those records, however, are secure by any means. With the going rate for a medical record on the black market being about $50, you can imagine the temptation some insiders might experience when it comes to selling those records.
In contrast, electronic healthcare records are usually wrapped up in several layers of security. In a webinar that can be found here, Brian Zeno, vice president of technology services for Platform Solutions, a provider of IT services, goes into detail about what’s involved exactly in make sure that electronic records are secure.
As it turns out security is one of the big issues that healthcare organizations need to address in order to qualify for funding of an EHR project under the terms of the Health Information Technology for Economic and Clinical Health Act (HITECH) that set aside $19.2 billion to fund these projects as part of the American Recovery and Reinvestment Act (ARRA).
Under the meaningful use provision of those acts, Zeno says that in addition to core IT security technology issues healthcare organization need to address a raft of policy and control issues. Ultimately, that should make EHR more secure that paper-based records simply because the policies and processes surrounding what personnel gets to access them will be more robust. In addition, Zeno argues that a lot of those EHR systems are going to wind up being deployed in more secure third-party data centers, versus on-premise servers stored in closet somewhere.
As healthcare organizations begin to confront the implications of meaningful use many of them are really taking a good hard look at the state of their overall security for the first time, and for the most part they are not really liking what they’re seeing.