Benefits of Online Medical Records Outweigh the Risks

A couple of years ago I arrived at my hotel in Berlin after a 12 hour flight and noticed that I had forgotten to pack medication I was taking at the time. Of course, I had no idea the actual name of the medication, let alone the exact dosage. And when I discovered it was missing, it was the middle of the night in California, so I couldn't call my clinic or pharmacy.

But it wasn't a problem. I logged on to the Palo Alto Medical Foundation's My Health Online website, found the prescription information and -- with the hotel's assistance -- arranged an immediate phone consultation with a local doctor, who prescribed replacement pills. The only reason I needed to speak to a doctor was because the German pharmacy wouldn't fill a foreign prescription. Had I been in the United States, I could have skipped the phone call and used the site to request that the prescription be sent to a local pharmacy.

That service, which is now also available via a smartphone app, has made me a smarter health care consumer. Thanks to the site and app I can now access all of my medical records, including most test results, notes from physician visits, preventive services and more. I can also use the service to request appointments and exchange messages with clinic doctors. It even lets you graph vital signs and numeric test results to see how you're doing over time.

Palo Alto Medical, which is part of the Sutter Health Network, is one of many clinics, including Kaiser Permanente, that gives patients online access to their own records. It's part of a growing national trend to provide electronic medical records, which has been endorsed by both the Bush and Obama administrations and is rapidly becoming a reality throughout the country. It's also, of course, tied into billing and insurance and Medicare reimbursement systems that can be used to streamline the process.

But according to a letter sent out by the heads of the Justice Department and the Department of Health and Human Services, "some providers are using this technology to game the system," and inflate their bills.

There are also privacy concerns. In a 2010 Wall Street Journal op-ed, psychiatrist Deborah Peel, founder of Patient Privacy Rights, complained that "lab test results are disclosed to insurance companies before we even know the results." She added that data is being released to "insurers, drug companies, employers and others willing to pay for the information to use in making decisions about you, your job or your treatments, or for research." Her group is calling for tighter controls and recognition that "that patients own their health data."

I share the group's privacy concerns, especially when it comes to insurance companies' ability to deny coverage or claims based on pre-existing conditions that are now part of our permanent records. The Affordable Care Act bans pre-existing condition exclusions starting in 2014, assuming Congressional opponents don't succeed in overturning this provision of "Obama Care."

I also share concerns about the security of medical records. This summer, the Department of Health and Human Services' website posted a spreadsheet with medical record data breaches that affected 500 or more patients. There were 499 instances affecting more than 21 million people.

While abuse is a risk, failing to implement a portable and easily accessible medical records database system poses an even greater risk. As much as I like the medical records system I use, I'm bothered that there is no easy way for my other health care providers to access that data or incorporate their data about me into the same database.

If I see a doctor or have tests conducted outside of this closed system, there's no way to integrate the data. If I want to share it with a doctor outside the system, I have to print it out or capture the screen and send it via email. If someone were to show up unconscious at an emergency room, chances are the doctors will have no way to access that person's records, which could lead to the possibility of missing important diagnostic information and the risk of a dangerous drug interaction.

Just as it's now easy to visit an ATM from just about any bank in almost any country and access funds stored at your local bank, it ought to be possible for any medical provider -- with your permission -- to access your medical records from anywhere. There need to be safeguards, but there also needs to be a way that patients can issue advanced directives allowing first responders and emergency personnel to access records with strong safeguards in place to make sure they can't be abused.

This post first appeared in the San Jose Mercury News.