The Dangers of Improper Security of Electronic Health Records

There are only a few individuals who know the most intricate details of your body and mind. The majority of these are health care professionals, only a few of whom you may have an ongoing relationship with. Continuity of care is provided and ensured through your medical records. However, paper records are open to being lost, damaged, or destroyed. Moving records between different public health sites increases the risk of these possibilities.

Increasingly the answer has been to create electronic health records, and incentives have been offered to those who make the switch. These can be stored either within the data banks of an individual site, or remotely to allow for greater ease of access. This ease of access may help health professionals provide better and more joined up care. But, it also raises a range of security, safety, and legal concerns for both patients and health professionals.

Who Is Looking at Your Information  

One of the major concerns for patients is to know who has access to their data. Integral to this concern is the fear that the records could be accessed illegally and without the patients consent. This is an understandable concern given that there have been 380 incidents of data breaches affecting at least 500 people since 2009. More concerning is that the number of people affected seems to be increasing; there were approximately 2.4million in 2009, and more than double this (5.4million) in 2010. Breaches in security that lead to unauthorized access to medical data undermine confidentiality and put the relationship between the health professional and the patient at risk. When records are accessed without permission, they become open to other types of illegal activity.

Illegal Trading in Patient Details and Medical Information

Once the security has been breached, and medical records have been accessed, what is happening with that information? There are several reasons why individuals and companies would want this valuable information. Once stolen it could be sold to drug companies wanting to gain an advantage over competitors. It could be used by employers for a range of purposes, including as part of their employee checks (without the employees knowledge or permission). Concerns have been raised that it could even be sold to insurance companies and have a dire effect on premiums for everything from home insurance to life policies.

Creating False Evidence

As has already been suggested it is not just the welfare for the patient that is put at risk. The ability to access patient data could also have a devastating effect on health care professionals. The main concerns from a legal perspective would relate to health care fraud and malpractice suits. If patient's medical information can be accessed it can also potentially be changed. In this case, a patient can then use this new information against an individual or a team of professionals. It is also possible that this information could be used to file fraudulent claims for health benefits. Even in cases where the data was not changed, prior knowledge of the information contained within the files could unfairly affect the outcome of malpractice cases.

Increase in medical errors 

When you have a consultation with a medical professional the key facts and outcomes are recorded. If this is done by hand, the individual doing the recording has to look at what they are writing. When the recording is done on a computer (or is verbally recorded and later transcribed), the person typing is not necessarily looking as intently at the screen. In a busy public health setting, there is a constant risk that these typed notes will not be reread. A simple typing mistake leaves a diagnosis of MS as ME, changes a blood type, or orders the wrong type of tests. The legal repercussions of this are extensive. 


Electronic health records allow for patient's medical records to be passed swiftly between medical professionals. They also make the records easier to read, without issues of understanding an individuals' handwriting, thus helping to provide a more consistent public health service. However, they still pose a range of problems, the most significant relating to security. If the records are not adequately protected they are open to being illegally accessed, fraudulently used, or stolen. This has dire implications for both health professionals and patients. 


Write a comment

Please login to comment

Remember Me

Become a Member

FREE online community for women in the legal profession.



Subscribe to receive regular updates, news, and events from Ms. JD.

Connect with us

Follow or subscribe