make WWAY your homepage  Become a fan on facebook  Follow us on twitter  Receive RSS Newsfeeds  MEMBERS: Register | Login

You don't have a clue

Unlike the other places that you've probably given out information that can be used for identity theft, I believe they likely have the security of this well controlled.

It's the 21st century, and "big brother" is definitely watching. This, fortunately, is one of those things that is more likely to help you than hurt you.

Based on what was said in the original story, as well as what the NHRMC commenter said, the data is encrypted on the server / datastore. This means even if someone has physical access to the computer server, they cannot retrieve the information. This contrast this with prior reports of US / State government employees losing computers / disks / hard drives with information (unencrypted) useful for identity theft. Also, how many places have you given your name, DOB, address and social security number to? Doctors offices, car dealers, pawn shops, banks, employers, tax preparers? Alot of these put your data in some sort of database with really no security controls. This is just for where your data is stored.

One of the other big things mentioned by the NHRMC commenter is access controls and audit trails. Access controls are "who is permitted to access what data". That might involve user names, passwords, client certificates, as well as possibly hardware devices assigned to individual users where even if someone non-authorized were to have a user's username and password, access is impossible without the additional authentication. Audit trails are a big one. They are able to go back in time and determine who - what individual - accessed a given patient's data, and when. That might translate to "why" -such as, "was a specific individual providing care for person x". If not, why was access made. That's generally a global thing - meaning even at another facility, access is logged, and reportable. Illegal access can be a criminal offense. You can be sure anyone accessing it for legitimate reasons is real careful about what they do with anything they print. BTW: The insurance companies already have access to anything that they will be storing in an EMR system anyway.

Your preferred method of "Some things are better kept on paper" is nowhere near as secure as this system. What is there to stop someone in the right place for passing along or copying info for a price?

Granted, you are talking about health related information here in addition to things useful for identity theft. For me personally, there's nothing in my health record that I could really care about anyone finding out. I'm alot more concerned about the part of my heath record that is usable for identity theft.

If you have ever given blood, there's a ton of info available in their database, and it's completely electronic. If you were to ever be deferred for one of the many tests that they do on your blood after you give, that will be in that database.

You personal information is out there for authorized personnel in a multitude of ways. An example occurs every time you're riding down the road and cop decides to run your plate. Much of that private info that you are worried about keeping on paper shows up on that laptop about a 3 seconds after the cop puts your tag number in. Granted, he won't know that you had your tonsils out, but he will know a bunch of data. There's an audit trail for that too, and it does prevent misuse.

Reply

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

More information about formatting options

To prevent automated spam submissions leave this field empty.
CAPTCHA
Please re-enter the code shown in the image below.