delivery systems that combine hospital, clinic, and outpatient services in a single corporate entity share patient information between units to ensure continuity of care and reduce administrative overhead. Health maintenance organizations, which enrolled over 50 million members in 1995, demand information to analyze the outcomes and costs of different treatment plans.3
A central part of all these initiatives is the creation of electronic medical records (EMRs), which serve as the central clinical repository of information pertaining to patient care. In addition to streamlining administrative processes, EMRs hold great potential for improving care. Combined with analysis tools and decision aids, EMRs enable real-time review of diagnoses and care plans to ensure that established standards of care are being met. Properly implemented, this capability can reduce the variability in care and raise the quality of clinical decision making. The perceived benefits of EMRs among care providers have motivated growing investment in EMR systems-a trend that is expected to continue in the future.
Within individual organizations, electronic information systems and EMRs are potentially vulnerable to misuse from both authorized users and unauthorized outsiders who inappropriately access patient information for their personal or economic gain. Authorized users may take advantage of their legitimate authority to access information that they have no valid need to see (often regarding a friend, relative, or celebrity), or they may divulge patient information to others. Outside attackers may break into computerized information systems to steal, destroy, or tamper with data or to render the systems dysfunctional, preventing legitimate users such as doctors and nurses from accessing information critical to care. Health care organizations have experience in protecting against insider abuse because of their efforts to protect paper-based systems (though there is little data with which to determine the effectiveness of these protections). Provider organizations are considerably less experienced in protecting against outside attackers. As health care organizations expand the scale and scope of their computer networks, their vulnerability to outside attacks is bound to increase.
Little is known about the extent of privacy and security violations in health care organizations. During its site visits, the committee learned of only isolated instances of misuse of electronic health information, but no
Pharmaceutical Research and Manufacturers Association. 1996. Industry Profile. Pharmaceutical Research and Manufacturers Association, Washington, D.C., Figure 5-3; available on-line at http://www.phrma.org. Also, Health Insurance Association of America. 1996. Source Book of Health Insurance Data. Health Insurance Association of America, Washington, D.C., Table 2.5a.