Category Archives: Electronic Medical Record

Healthcare Data Security and Privacy

Guest post by Rachel Marren


One of the top headlines of the last week is the Anthem security breach, which, according to USA Today, might be the biggest healthcare breach of all time, with up to 80 million individuals affected. Although no medical or credit card information was stolen, personal data such as names, social security numbers, and birthdates have been compromised.[1] As reported by The New York Times, this information could be used for identity theft or to target government or corporate leaders.[2]

The Health Insurance Portability and Accountability Act (HIPAA) requires public disclosures of healthcare information breaches involving more than 500 individuals,[3] which can be viewed on a page of the US Health & Human Services Office for Civil Rights[4] often referred to as, “The Wall of Shame.”  However, many industry experts argue that this and other measures required by HIPAA and the HITECH Act are not enough to protect patient privacy.

One big topic of contention is encryption, which is recommended but not required by HIPAA. Anthem did not encrypt Social Security numbers or birthdates, and claims that encryption would not have prevented the breach. However, outsiders have suggested that encryptions that limit the amount of data that administrators can access could help control major breaches.[5] With calls for increased encryption and the ubiquity of articles with titles such as, “10 Ways to Strengthen Healthcare Security”[7] and “Health Information at Risk:  Successful Strategies for Healthcare Security and Privacy”[8], it is clear that there are measures that can be taken that currently are not.

This breach has raised serious concerns among consumers, industry members, and public officials. Although medical information was not accessed in this specific incident, patients are seeing that information about their health is not as secure as they would like. This is extremely relevant today, with the electronification of medical records and healthcare apps on the rise. Now patients not only have to feel comfortable disclosing personal information to their doctors, but also must feel confident in the security systems guarding their doctors’ electronic records. If physicians and patients are to trust new technologies, it is crucial that information security in the healthcare sector undergoes major improvements.









[8] health care_security_privacy.pdf

The Importance of Usability: Putting the Patient First

In addition to developing apps that allow patients to track their lifestyle habits—exercise, diet, sleep patterns, etc—mHealth is also promising in its potential to engage patients in their general health information. Specifically, in the information that is stored in hospital health records. A play on EHRs, Mana Health has developed “a patient portal solution that has been designed for today’s consumer.”

Mana Health is a New York startup that won the opportunity to design the patient portal for the New York eHealth Collaborative, a non-profit organization that works to improve health care for New Yorkers through the development and establishment of electronic health records. Mana Health recently designed an interface that facilitates the sharing of patient data around the state, not only between hospitals, but also from hospital-to-patient. The endeavor is unique because it is not contained in a single healthcare system, but rather will pull information from across the state and consolidate it in a user-friendly “patient portal” platform.

One of the best features of the program, at least in my opinion, is how user-friendly the interface appears to be. While existing electronic medical records (such as Epic) are filled with numbers and abbreviations, Mana Health’s platform is truly geared towards the patient and offers streamlined graphics that illustrate the patient’s relevant health information.

Screen Shot 2014-04-26 at 11.08.24 PMScreen Shot 2014-04-26 at 11.08.35 PM

Mana Health’s platform transforms the complex electronic health record into a personal health record that allows patients easy access to their information: “unlike the clunky PHRs of days past, they said they wanted something that a typical consumer would feel comfortable using.” Their concern for user-centered designs is something that all mHealth developers should strive to emulate. The liberal use of color-coded graphics is a simple way to increase the scope of users, especially to those who may have low health literacy and will serve to benefit from the image-based layout.

As mHealth advances, there are many issues that will continue to spring up. I have addressed several of these in past blog posts—addressing low health literacy, accessing hard-to-reach populations, funding mHealth endeavors—and the creation of user-friendly platforms is yet another point of serious consideration. mHealth is a direct product of creativity and innovation, and these driving forces should not stop at the development of the idea, but carry over into the details of its execution.

EMR vs. EHR: What does it really mean?

One of the topics that we have discussed on varying occasions throughout the semester is electronic health records (EHR) and how they interact with and effect patient care. In my own groups work with our problem owner in the CV ICU, interaction with the EHR has been a large part of developing a solution. As I have continued to work with and research the present systems, I have noticed, both in the classroom and in the hospital environment, an inconsistency in terminology used to refer to the records. From what I observed, the terms electronic medical record (EMR) and electronic health record (EHR) are often used interchangeably. Curious, I looked to see if there was an actual difference between these two records and how they are involved in medicine.

Screen Shot 2014-04-22 at 11.36.27 AM

Google Trend Data Tabulating Searches for “EMR”and “EHR”

Though these terms are often used synonymously, there are marked differences between EHRs and EMRs and how they are used within the medical field. My research led me to discern that the term EMR refers to essentially a digital version of the paper charts that they replaced. These digitalized systems contain a patients medial and treatment history specific to a doctors practice and posses the ability to allow caretakers to track data over time, identify which patients are due for screenings or appointments, and monitor quality of care within the practice. The largest difficulty when using EMR is transfer of information out of a physicians practice, and in that sense does not improve significantly from a paper record.

So how do EHRs differ from what I have just described? The key difference between an EMR and EHR is the focus of use. As described by a variety of sources, an EHRs functional aim is to address the total health of the patient, going beyond the original health organization to encompass information from other health providers including laboratories, specialists, and most importantly the patients themselves. The ability to share information in a secureway throughout all aspects of patient care creates the possibility for interactive communication and the meaningful use of EHRs as a tool to improve patient care.

Overall, what I found is that while the terms EMR and EHR only differ by one word, that small change makes a world of difference. The engagement and commination opportunities that the EHR provides, makes a case for the use of these systems exclusively. A push for providers to engage patients through their access to the EHR system has occurred in recent years, but is this engagement really effectual and beneficial to patient care? With an estimated 77 million Americans that possess either basic or below basic health literacy, are EHR systems providing accessible and useable information to patients to improve their care or are many patients just getting lost in the process?


To answer that question the Agency for Healthcare Research and Quality have examined health education materials delivered by EHRs and have determined that many do not often account for the poor health literacy possessed by a large amount of the population. So what can we do to make EHR systems more useable for patients and improve care outcomes?

A number of leaders of Health IT have begun address this disparity by suggesting a list of preliminary standards and key tools designed to be incorporated into the existing and new EHR systems. A number of simple changes to improve direct communication with patients include providing patients with the ability to identify their preferred language. Other functions including the ability of EHRs to filter quality measures by patient characteristics such as language, socioeconomic status, and education level, could work to reveal and address disparities in care, including those involving health literacy. In addition to providing better resources for patients, having EHRs include information such as disability status, sexual orientation, or gender identity can provide caregiver a greater context regarding a patient’s health recommendations and outcomes. While these changes serve as the initial push in addressing functional and health literacy changes to EHRs, there are still ways to improve the educational value of the interactive system.

What other innovations could be incorporated into EHR systems in improve health literacy?

Medical Data Fingerprints

Cancer and cancer treatment leaves a trail of digital data. I’ve been thinking about this digital trail today, and the different forms it took for me during my diagnosis and chemotherapy.



Patient Report on myMDAnderson

This is my personal MD Anderson portal. Though I never bothered to check on my documents very often, they are are available online, like pictures in a scrapbook. Looking back on them now, I’m intrigued by sheer the volume of the data MD Anderson collects on me. There are patient reports for every meeting and consultation, notes on every interaction.

During my first echocardiogram, the technician applied gel on my chest and asked an innocent question: “so, you’re an Ecology and Evolutionary Biology major?” I was instantly taken aback. I had never seen the man in my life or mentioned my major. But everything I told my oncologist had been stored for future reference, even the information I considered mundane. I often think about this interaction when we talk about how doctor-patient interactions should improve. The question about my major was unsettling to me rather than indicative of warmth and caring. It implied a greater, almost sinister, system of knowledge that I had not considered before then. Though the question was intended to be intimate, it “revealed the trick” and made the interaction seem alien and forced.



Cellphone picture taken while prepping for a CT scan.

I sent many messages, both in text and photograph form,  in the earlier stages of diagnosis. They weren’t really to alert my friends and family to my progress, and they weren’t really to stave off anticipation and fear with regards to treatment, at least not consciously. I just had an obsessive desire to share the new events and experiences that were occasionally humorous, as in the case of the apple-flavored barium swallow, or the nurse who assured me that the radioactive glucose used during PET scans was “just a bit of sugar water, like they give to hummingbirds.” It turned out  that image texts were the most immediate and easy way for me to convey information, and what I usually used. The trail of texts did die off towards the end of my treatment, however. I was tired. I felt I had less to say. This is in line with what I’ve heard from many current and former patients: when you’re feeling sick, you don’t want to interact with technology and others.

Google Searches

This one is less obvious, but still there and very important. I was constantly researching my diagnosis, symptoms, side effects of chemo and biotherapy. These will influence my future search results in ways I may not necessarily anticipate now.

Many communication problems in medicine require tailoring the solution to the individual patients. Some may want warm and caring doctors, others want their physicians clinical and direct. Some may engage eagerly with apps, while others have trouble mustering the motivation to get out of bed. These sorts of digital trails provide several unique perspectives: the medical and physiological angle, the relationship angle, the personal and introspective angle. How can we harness and combine these perspectives to create better solutions? And how can we respect privacy and patient concerns while we do so?

“Healthbook” App for iOS 8

According to rumors, the newest version of the Apple OS system, iOS 8, will include an Apple-designed app called “Healthbook” that will be a “preinstalled app that can track data points including a user’s blood pressure, hydration, heart rate and potentially other statistics like glucose levels. It could also remind users to take medications at certain times during the day.” According to the description and concept art, Healthbook intends to be an all-in-one resource for all kinds of self-tracking, including dietary monitoring, fitness, filling prescription. It is not clear whether it intends to self-diagnose any diseases.

Concept images for the “Healthbook” iOS App, courtesy of MacRumors

iOS 8 is expected to be announced at Apple’s annual World Wide Developers Conference in June 2014. This means that Healthbook could become available as early as this fall. It is also predicted that the Healthbook App will also be integrated with the upcoming iWatch.

What will having a preinstalled application on such an widely accessible device like the iPhone mean for the healthcare movement, especially self-trackers? Although the app stores contains hundreds of thousands of health-related applications, will having an official Apple-designed healthcare mobile application increase a user’s proclivity to become an e-patient, self-tracker, or  be more aware of their health?  How will Healthbook take into consideration the major issues regarding self-tracking applications such as privacy and user control?

And what about Apple’s design strategy? What features or GUI aspects will differentiate it from other self-tracking applications in the App Store and on Android? Reports claim it will use a similar card-based design strategy similar to Passbook, another Apple-developed application that keeps all your forms of payment, such as credit cards, in one place and was meant to serve as a virtual wallet of sorts. Will having all your health data in one place be seen as efficient and beneficial, or dangerous in regards to privacy?

My guess? Healthbook will receive a lot of early hype and attention, especially as the release of iOS 8 draws closer, and upon official release many curious users and e-patients galore will use the application in its early stages. However, unless Healthbook provides some sort of dynamic, engaging experience beyond being a basic self-tracker application, users who are were not originally intrinsically motivated to monitor their health will become bored by it and eventually stop using it. As we have learned, most self-trackers are not those who are in need of medical attention, but those who already have an interest in maintaining their health, and unless Apple brings something new to the table with Healthbook, the average user will see Healthbook not as a life-saving tool, but a new toy or game, and will quickly become bored once it loses its novelty.

Here’s two suggestions for how Apple can distinguish Healthbook from its competitors and engage the interests of users who have not had previous interest in self-tracking their health lifestyles:

  • For the dietary/calorie tracker, add fun facts to inform and put their diet into perspective. For example, if after a run a user burns 200 calories, Healthbook can joke “You just burned off a bag of chips”. 
  • Have a goal-setting feature that includes specific suggestions on how to achieve that goal. For example, if a user wanted to lose 10 pounds, Healthbook could not only suggest how many miles they should run a week, but also suggest dietary restrictions and specific workout routines the user can engage in to create a total body regime that will help reach the user’s goal.

Whether these features or something even better (as Apple’s forte is coming up with what the user needs before they even need it) will be included in the Healthbook application remains to be seen. I am personally very glad Apple is trying to create an accessible and beneficial device that could provide better awareness of personal health. Apple has reinvented the personal computer, music, cellphone, and tablet industries, and I hope it can achieve the same success in revolutionizing the mobile healthcare space.


Get every new post delivered to your Inbox

Join other followers: