Electronic Health Records (EHRs) are digitised versions of patient health data, both historical and current. They include personal demographic information, data on vaccinations, prescribed medications, treatment histories and progress – alongside laboratory and radiology information, diagnostic photographs (e.g from minimally-invasive devices such as endoscopes), allergies or specific problems encountered in treatment, as well as a record of visits and appointments, and in certain cases, payments. Some EHR initiatives also allow for inclusion of a will.
EHRs are a spin-off from the more-familiar Electronic Medical Record (EMR), which are created at local sites by healthcare facilities. Typically, EHRs would combine data from several EMRs. One European Union definition for an EHR is a “comprehensive medical record or similar documentation of the past and present physical and mental state of health of an individual in electronic form and providing for ready availability of these data for medical treatment and other closely related purposes.”
For hospitals and healthcare professionals, EHRs offer some obvious, immediate advantages, in terms of enhance workflow management and efficiency as well as real-time access and sharing of medical data, across clinics and hospitals and across borders.
EHRs avoid duplicated or triplicated tests as patients move across different specialty practices within one hospital. Secondly, when coupled with electronic prescription order entry, EHRs prevent the possibility of erroneous medication, dosing errors or harmful combinations, known as adverse drug events (ADEs). In the US, studies have shown over 770,000 people are injured or die every year in hospitals as a result of ADEs. In addition, patients experiencing ADEs were hospitalized on average for 8-12 days longer than other patients at an extra cost of $16,000 to $24,000.
EHRs can also anonymously accumulate and analyse healthcare data across entire countries to make healthcare delivery more efficient.
The debate on costs and benefits of EHRs is still open. Many potential users indeed cite cost as the principal perceived barrier to wider adoption of EHRs.
One of the most important challenges for the EHR involves standards and interoperability. In Europe, this is closely linked to growing mobility (not a few patients fall ill, or have heightened health concerns during overseas vacations). Such a situation necessitates the ability of EHRs to be understood by clinicians in different languages and settings. However, language is not the only issue. Different countries also have significant variations in the way medical conditions are treated. The 2004 e-Health Plan of the EU set 2010 as a target for the development of interoperable healthcare systems across Europe.
Other challenges include that of incorporating legacy (paper or EMR) records and allowing for transitions to be seamless. A related technical barrier is simultaneous, multi-site updating of data and information, which is a challenge facing all distributed IT systems.
One of the major challenges facing EHRs, however, is that of data security. EHRs contain some of the most sensitive personal data on any given individual. It therefore requires the greatest level of inbuilt protection against abuse. And yet, realising the full potential of an EHR depends on a wide range of medical personnel accessing the data as, when and where it is needed. Such concerns have been amplified by cases of data theft in the US and Britain.
In November 2007, a poll by Britain’s Guardian newspaper found that almost 60% of British general practitioners were unwilling to upload patient data to a national database, because of fears that data could be stolen “by hackers and blackmailers”. The Medical Research Council in the UK states that such an opinion is shared by the general public.
Indeed, barely days later, on November 20, media reports blasted Britain’s Revenue and Customs department for the loss of computer disks containing confidential details of 15 million child benefit recipients, including names, addresses, dates of birth and bank accounts. Making matters worse was the fact that this was not the first time the organisation had lost sensitive information.
EU Draws Attention to
The EU Commission, too, has called for caution. On February 15, 2007, its Directorate General for Justice, Freedom and Security issued a Working Document on EHRs, which warned that such systems had the potential “not only to process more personal data (e.g. in new contexts, or through aggregation) but also to make a patient’s data more readily available to a wider circle of recipients than before.” The Working Document added: “In compiling existing medical information about an individual from different sources with the result of allowing for easier and more widespread access to this sensitive information, EHR systems introduce a new risk scenario, changing the whole scale of possible misuse of medical information about individuals.”
The document, however, also offers concrete guidance for healthcare operators and practitioners to attain conformity with EU rules.