Critics Urge Lawmakers To Tread Carefully With Health IT Proposals

A lot of systems were designed to drive corporate, not patient care, and the clinical end was smooshed on. Not great.

The other thing is that a lot of nurses have NO computer experience at all. Nada. Zip. Something intuitive to you or me is overwhelming to them.

We have always had 'viruses' in hospitals but what happens when we get on in our computer systems? I have seen a lot of 'hackers' in my time but I surely don't want to think about one inside a server with delicate/critical medical data.

Well it's not like those servers aren't already out there and subject to attack.

Fear of hacking is not a valid reason to stick with the mid-20th century approach that seems to remain the practice in many hospitals and clinics. It is, however, reason to develop national standards for EMR and greatly tighten the restrictions on the use of medical information.

Fear of hacking is a very good reason to walk slowly and carefully into EMR's. Just because we pass some rules and make some laws does not guarantee that your data will be safe or that your files will never be corrupted. [Law breakers, by definition, ignore the laws!] As SuesquatchRN mentioned previously, nurses are [in general - I know there are specific exceptions] not computer geeks. In order for the system to be as simple and as user-friendly as it will need to be for novice users to interface successfully, the code will need to be very lengthy. The risk of hacking increases in tandem with the lines of code. Add the public discussion of how important security is to the public trust of EMR's and you have just dangled a delicous carrot in the face of some mighty rabid rabbits. Ask any 14 year old computer-saavy kid and they will tell you just how much 'fun' it is to find a break in the code of Facebook, PlayStation consoles and their schools' gradebooks; the authors of several computer viruses are widely known and even admired.

I know we have no choice because the law has been written to mandate EMR's -- the deadline will require haste, the haste will make for mistakes, the mistakes will be exploited and we will, at some point, we will be faced with security issues. I am not looking forward to that day and the pain it will bring so some poor, unsuspecting person who loses their privacy to the World Wide Web.

Please also remember that some of the 'problems' with our mid-20th century approach has been the constant and unrelenting mandates of the very same legislators that have insisted that we now institute EMR's.

[BTW - I love your screenname - very creative!]

If someone were to get a hold of my EMR, what could they do with it?

[Welcome to AllNurses ktsue230!]

Well, let's think about it. You are a little stressed out at the end of the day and have a little trouble sleeping. You ask your doctor for a sleep aid. There is an incident' at work and the boss is looking for someone to take the fall and TA-DA - your name comes up as being impaired on the job due to 'drug' use.

Let's look at another example. You and 'Mary' are applying for the same position but 'Mary' is on birth control and you aren't -- she gets the position because the boss doesn't want the job on hold while you are possibly out on materity leave.

Let's look at another example. Joe is a hard working dedicated employee but he has a son that has multiple serious health conditions. The boss finds a way to get rid of Joe because his son's medical costs are making the premiums go up for everyone in the group.

Let's look at another example. John is a hard working dedicated guy that just happens to be HIV+ but shows no signs of AIDS. A disreputable person finds out about his HIV status and threatens to 'out' him at work if he doesn't steal from the company.

Lucy had a one night stand which resulted in an unwanted pregnancy. She has an abortion but doesn't tell her husband. She is vulnerable if someone finds out.
A policeman is diagnosed with diabetes after some early changes are detecked in his eyes. He is vulnerable if someone finds out. A doctor finds out that he carries the gene for Huntingtons disease. He is vulnerable if someone finds out.
A woman finds out that she carries the gene for breast cancer. She is vulnerable is someone finds out.

Let's look at it another way. Your EMR is changed by someone that is trying to cover up a botched operation, a bad drug or incorrect billing. How will you know? How can you 'fix' something that you never see? How can you police what is going on in 'cyberspace' unless you are watching every second of every day? If you don't think it can happen then you should talk to the victims of identity theft or the banks that have been 'robbed' by hackers changing code.

I hate to sound paranoid but this is a mightly big step we are taking and I would just like to see it done more thoughtfully. I am not saying it can not be done safely but I worry about the consequences of mistakes along the way.

I've worked in IT security in a hospital. Firewalls work just fine.

The biggest threat to IT security is us, bringing in viruses from surfing the 'net but, more commonly, not logging off and sharing passwords.

You bring up a very valid point -- the system is only a strong as the weakest link. If you have good people at every point, you have nothing to worry about ... but if you have one disgrutled employee, one person with an agenda or someone looking for an easy buck, you have a weakness in the program. Sure, we have those now and they do some harm but, with computers, they will do far more, faster and globally.

I am happy to see that you are in informatics and that you are talking about firewalls, passwords and web surfing. These are definitely things that the 'average' nurse isn't thinking about but they are extremely important to protect.