With all the upcoming changes at the office, several patients have asked about data security. And with good reason. It seems like every week we hear about some new data breech at Home Depot or Anthem. We want you to know we take these concerns very seriously. And patient privacy was high on our agenda as we selected new software for the office.
First, as a clarification, like most medical practices our demographic and billing records have been computerized for decades. It has long been practically impossible to interact with most insurances in any other way. Next month we are only changing the software. To be sure, it is better software. It will allow more options for patients who prefer appointment reminders by email, for instance, and it will help us keep better track of today’s more complex family structures. In the future, we may be able to have families print out necessary school forms from home, without even coming to the office. But in many ways nothing essential is changing for us in this area and, I expect we will still continue to do most of our office communication the ways we always have: with phone and snail mail. If that’s what you like, that’s what you’ll get.
Second, we are taking this opportunity (this very weekend, in fact) to upgrade our network speeds and firewall protections. This will provide better service and privacy protection to our patients. True, any system can be hacked and we are not the NSA, but we are doing the best we can and going well above the industry standards.
Lastly, the really big change in our lives will be the electronic chart, instantly eliminating whatever scant protection was offered by my illegible handwriting. Please understand that we were especially concerned here when it came to questions of privacy and security. We selected a vendor with state of the art protections, data encryption, and the most sophisticated privacy controls we could find. Moreover, there are also some additional protections that come with an electronic chart which people may find surprising. With a paper chart, authorized persons either have access to the whole chart or they don’t. Now, we will be able to provide selected access only to those sections which are required. A state inspector looking at vaccine records (and, yes, that happens) will only have access to vaccine records, rather than the whole file. Additionally, we will have a continuous record of every instance when a chart is accessed and by whom. And the electrician who just might have seen a lab result on my desk while fixing a light will have no access at all.
It seems true that we live in a digital world now, for better and for worse. I understand that many patients are uncomfortable with insurance companies having detailed personal information. But, perhaps to the surprise of some, much of that information is already in digital format and sharing it has been a basic condition of medical insurance for quite some time. When we ask them to pay a bill, they want to know why and how we justify it. People who carry medical insurance have already agreed to share that information. (It was in that contract you signed.) The additional data provided by an electronic chart is largely aggregated. What percentage of our children are up-to-date in their vaccinations, for example? What percentage received age appropriate screening tests? They already have the individual data that a particular patient had a particular test or procedure or diagnosis.
Perhaps this is cold comfort in a winter that seems to be dragging on a bit, but I thought it was worth clearing up some confusion about what was changing in our office and what was not. We understand that our patients trust us with very personal and often sensitive information. We want our families to know that we take that trust very seriously and that, with these changes, we are doing the very best we can to protect the privacy of that information.