[Brybry]

But most physicians don't work for hospitals. They work at small practices with 10 physicians or fewer (according to the AMA).

There was a completely open market, made of the majority of physicians, regardless of existing provider contracts with hospitals.

I know I talked to a few physicians (and other healthcare professionals) in the mid-2000s who lamented the paperwork they had to do every day and the lack of available computer automation.

[entee]

The issue with small practices and even slightly larger physician's groups is that an EMR is often just a cost, with very little benefit.

If you're a hospital with lab facilities, imaging facilities, surgical facilities etc. it's hugely useful to have medical records flow internally (quasi-)seamlessly. The EMR does that well, and the large cost of typing things into the EMR (it's slow, painful, annoying, never met a doc who preferred it to the old clipboard and notes system) is totally worth it.

For a small practice, that intercommunication problem isn't anywhere near as large, but the cost of typing things in painfully is the same. So small practices hate it.

And before you say, "but it's useful to share medical records between offices/specialists/hospitals when they move around", it turns out that a lot of these systems don't play very well with one another. Even between two healthcare systems that share the same software provider (in this case Epic, one of the big two, the other one is Cerner), I've heard people finding it easier to print it out, fax it over, and scan it back in. Yes there are people who want to solve that problem, (see YC's own https://www.patientbank.us), but it's a tough area because who pays for the service? How expensive is it to build software that interacts with all the 10 zillion different flavors of Epic? How do you harmonize the peculiarities in how people actually record the data in those systems? It's really really hard.

[Herodotus38]

So I am a physician with a large hospital system that uses Epic. I think your comments about poor communication (btw Epic systems) are outdated. For the last two years when I admit a patient I can easily access all Epic records not only in other hospitals in my state, but in the country through their system labeled "CareEverywhere". It is a game changer and is really the main reason why I rank Epic above other EMRs I've used.

[ensignavenger]

How do they prevent abuse? How does a patient know who is accessing their records?

[Herodotus38]

It is primarily through deterrence. Anyone allowed to use an EMR must go through training about HIPAA rules. A waiver is sometimes required that Epic asks you to print out and sign and put in the patient's chart (although they obviously can't prove you did this, it would be an issue if there was a problem later and it turns out you didn't do this, i.e. You would be liable for whatever penalties/prosecution). Furthermore, all usage is recorded and occasionally audited in my system. I'm not 100% sure the auditing is a requirement and true everywhere (definitely with any hospital or large clinic it will be).

[Herodotus38]

Also, in reply to who is accessing your records you don't know. I suppose you could ask for records of who had accessed it by a certain date, but once your records are in there they will likely be accessed by your insurance company for billing purposes.

You can add an additional layer of warning in Epic. I see this most often with psych records or pts who want an extra layer, such as if they work in the same hospital. All this entails though is an extra prompt warning requiring you to put in a reason why you are accessing the records, and put in your usr/pwd again and warns you it is being recorded, etc...

[ensignavenger]

Thanks- ideally the auditing would be done regularly, and require a reason to be entered for any access the first time a new provider accesses your information. Even better each patient would have a USB stick with a One Time Token generator that would 1) hold basic emergency information on the USB drive) 2) Generate One Time Keys to grant access to new providers. Of course, in an emergency situation where a provider has an ID but can't find your USB key, they could enter an over-ride with a reason- which would be strictly audited. Also, patients should have a list of who has accessed their information and why- and even be able to sign up for alerts anytime someone new accesses it.

[Herodotus38]

So I think your ideas are good, but you have to realize the multiple competing priorities in healthcare. When you say ideally, you mean from a privacy standpoint. In my opinion "best health outcome of the patient" should be the highest ideal.

Say I am working a night where I may be paged on 100 patients who I am meeting for the first time. Just opening their records on The EMR eats a significant amount of time. Time which I need to take care of people. Adding an additional click would mean even less time and poorer outcomes.

You also have to realize that nobody is going to carry a USB. I have worked in diabetes clinics where most pts don't remember to bring in their glucometer, which is the entire point of the clinic. You have to realize that the patient population also includes the average American (and half by definition are below average intelligence.)

I mean, I could go on for hours and make my own personal list of the issues with American Healthcare and I wouldn't list pt privacy in the first 100....

Not trying to be dismissive but I'm just trying to give you computer technical folk an idea of why EMR is such a hard field and how many factors you have to consider which is really difficult if you aren't 'in' the system. Even I who knows more about programming than 99% of docs feel completely ignorant when I talk to healthcare IT folks about HL7, etc...

[fredsmith42]

That is great for other accesing records from other hospitals that use Epic, but what happens if you want to access the records of a patient who also visits a VA or Cerner hospital? You are still in the dark.

[Herodotus38]

Absolutely, I still have to fax and it's ridiculous how low the bar is. I was just replying to the op that just the fact that Epic can talk to itself at other hospitals (for the record the VA can do this too, but it is slow) makes it relatively great.

[entee]

Good to hear it's gotten better!

[Herodotus38]

What I see happening is that eventually there will be so much merging of our healthcare systems in the next 10 years that there will eventually be a point where there are only several "players" in any area meaning that the problem of intercommunication becomes much simpler (i.e. Epic, Cerner, and Medtronic).

[keltor]

Unfortunately with the consolidation into medical "groups" that has been going on among doctors and with the hospitals offering "deals" along side those vendors they use for the doctors to adopt them, a lot of doctor's groups have adopted whatever system they are most integrated with's EHR.

There's a ton of slimy dealings going on sadly.

[Spooky23]

That's changing. Big hospital systems are swallowing up small practices. Old school medical practices are dinosaurs.

[nradov]

The small medical practices are rapidly disappearing. Providers are consolidating in order to have more negotiating power with payers (insurance companies), and the payers and in turn consolidating to have more negotiating power against providers, and so on.