Yet Another Benefit Of HIT
Today’s Everett Herald features a story that demonstrates yet another value of health information technology, and one seldom touted in mainstream outlets: the ability to track inappropriate use and access of medical records.
The story highlights the termination of 13 employees at The Everett Clinic (TEC) for having accessed patient medical records inappropriately.
The breaches of patient privacy were flagged by a new electronic monitoring system just installed in December. Employees were told of the new monitoring system, and reminded of the clinic’s privacy policies, Zepeda said.
TEC spokesperson April Zepeda, quoted here, is a stand-out among health care communications professionals. So, as Director of Communications at TEC, you know it’s true that employees were reminded of the multi-specialty group’s privacy policies over and over again. Those employees heard the policy, as they probably had repeatedly before, but went ahead with their activity in any case.
Here are three things though that go unsaid, and which are known in healthcare IT circles but largely ignored for various reasons, but which are well worth noting here.
1. This is not the first time patient records were accessed at TEC. The software installed in December to track this activity didn’t unleash poor behavior. It caught it – and it has probably been going on a very long time at TEC.
2. It’s been going on a long time everywhere. The truth is paper medical records are inherently insecure. For all of the concerns around privacy and HIT, the paper-based model of medical record keeping is both unable to limit bad behavior (ie: snooping in files) and unable to track such behavior affirmatively – yet another reason the old model is outdated.
3. No one else announces these breaches – not that it doesn’t happen. So big kudos to TEC for self-reporting this activity to the community. Nice work, Ms. Zepeda and team.