Don't Worry, Your Records are Safe - Part IV

At past posts "Don't Worry, Your Electronic Medical Records Are Getting Safer With Every Passing Day", "Another Episode of "But Don't Worry, Your Records are Safe..." and "Still More Electronic Medical Data Chaos, Pandemonium, Bedlam, Tumult and Maelstrom: But Don't Worry, Your Data is Secure", I wrote on the issue of medical record security.

Security from prying eyes, that is.

I didn't include security of data from placement into /dev/null (that is, destruction).

There's this email, received by East coast physicians not long ago from a claims processing company (identities redacted):

Dear Provider,

As you may be aware, we experienced a significant problem with our computer system during a software maintenance function on XX/XX/2010.

In addition to the network issue, we discovered that the redundant back-up systems were not operating as reported.  ["Reported" when, and by whom, one wonders? - ed.]

We had two on-site back-up systems that were monitored daily and which were historically reported as successful.  We have since learned that these internal back-up functions were not operating as reported and the on-site back-ups were not entirely successful. [Meaning, they were not successful, period - ed.]

Also, our software vendor, [major EHR vendor], was providing two additional remote back-ups on servers located in [city, state] and [city, state]. [EHR vendor] has informed us that these remote back-ups were not initiated as represented.  [Meaning, they screwed up - ed.]  Therefore, when our computer network system malfunctioned, there was no readily available back-up data on-site or at the remote redundant back-up servers.

Please be aware that we have replaced hardware components and were able to recreate the data bases and we are billing.  However, we are still unable to access data that was stored on our servers prior to XX/XX/2010.

[EHR vendor] is diligently working to retrieve the data from the hard drives, back-up tapes, and through other means.  Please be assured that all files will be restored, if the files cannot be fully restored electronically, then they will be fully restored manually.

At [our claims processing company], we are truly saddened by the fact that we have disappointed clients and we sincerely apologize for any inconvenience experienced by you, your staff, or your patients.

We have always appreciated your loyalty as a valued client and will continue to keep you informed of the progress.

The levels of information technology and data management incompetence exhibited in this message are stunning. 

The confidence it imparts regarding the safety of our critical medical data from destruction, and its availability when truly needed, is less than stellar.

A major problem is that the health IT industry has no accountability. 

I believe the Food, Drug and Cosmetic Act needs to be amended to become the "Food, Drug, Cosmetic, and Cybernetic" Act.

-- SS

Clinic's medical files vanish

At "Data Malpractice on T-Mobile Sidekick: But Don't Worry, Your Medical Data is Safe", on Oct. 16 I wrote:

One of the promises made about healthcare IT is that your medical data is "safer" in electronic form than in paper form. The Hurricane Katrina example of paper records being destroyed is often used as a poster example of the dangers of paper records.

However, the risk of electronic storage of information, especially the talk of national EMR's stored on the "cloud" (an amorphous term meaning distributed storage "out there" whose physical sites and boundaries are supposedly irrelevant from the user's perspective) has also been under-reported.

Personal customer data had been "lost" from many of T-Mobile USA's Sidekick devices due to a computer malfunction, although the data was apparently recovered eventually, apparently through luck rather than good engineering.

I expressed concern that such mishaps could affect clinical IT. I did not have to wait long for such a case to appear. Less than one week.

Below is a story of a Canadian clinic that lost two years of electronic health records:

Clinic's medical files vanish

By Ryan Cormier, Edmonton Journal

October 21, 2009

During a recent investigation into whether a patient's confidentiality had been breached at the Fairview Medical Clinic, an investigator asked for a log of who had accessed the complainant's file. When the clinic responded that it had automated his records in 2004 but only had files from 2006 on, alarm bells rang.

"That raised a lot of questions," said Leahann McElveen, an investigator with the office of the information and privacy commissioner.

The clinic had permanently lost two years worth of health files that include patient information on visits, prescriptions, lab reports, doctor's notes and other information. The loss happened when the clinic switched from one electronic medical records system to another.

"They were two similar systems intended to do the same thing," McElveen said. "However, they weren't coded the same way behind the scenes. It's not that the records fall into the wrong hands, they just don't exist anymore."

*POOF*.

Deinstallation of one system in favor of another is not uncommon. EHR data may become unavailable due to lack of data portability and the expense of data migration, or in this case apparently due to preventable technical problems.

It is essential for clinical IT users to have robust disaster recovery and business continuity solutions, and take great care when performing actions that can lose large amounts of data very fast. This adds to clinical IT cost, and a concern is that some users might skimp on these capabilities.

This must be discouraged.

(To the reader: do you back up your own PC or Mac reliably?)

-- SS

Data Malpractice on T-Mobile Sidekick: But Don't Worry, Your Medical Data is Safe

One of the promises made about healthcare IT is that your medical data is "safer" in electronic form than in paper form. The Hurricane Katrina example of paper records being destroyed is often used as a poster example of the dangers of paper records.

However, the risk of electronic storage of information, especially the talk of national EMR's stored on the "cloud" (an amorphous term meaning distributed storage "out there" whose physical sites and boundaries are supposedly irrelevant from the user's perspective) has also been under-reported. Excluding frequent reports of data confidentiality breaches, we also have this:

Wall Street Journal, Oct. 15, 2009
Microsoft Recovers Lost Sidekick Data
By ROGER CHENG

Microsoft Corp. said Thursday that it has been able to recover the personal customer data lost from many of T-Mobile USA's Sidekick devices.

The Redmond, Wash., software giant said that most, if not all, customer data was recovered, and that the company would begin restoring data as soon as it has validated it. The company said it will start with personal contacts, and move on to the lost calendar, notes, tasks and pictures as quickly as possible.

The fix comes as Microsoft suffers through a public backlash after mishandling the information found on the Sidekick line of messaging phones, which are popular with teenagers ... Over the weekend, T-Mobile and Microsoft initially warned that the recovery of data would be unlikely, but upgraded their prospects on Tuesday.

They got lucky.

Microsoft blamed a system failure [i.e., an IT system - ed.] for the data loss in the core database and backup system. Microsoft said it had taken steps to strengthen the stability of the Sidekick service and started a more resilient backup process. [More resilient compared to ... what? - ed.]

In IT it's always an apersonal "system failure", not "data malpractice." When medical malpractice occurs, it's the doctor's fault, even if that malpractice occurred secondary to the failure or misdesign of an EMR or other clinical IT by dyscompetent software engineers. When data malpractice occurs, the motto is "We always blame the computer." How about some names of those responsible for this debacle?

... The Sidekick service, run by Microsoft unit Danger [talk about ironic names - ed.], is supposed to be more secure in storing data because it is kept in the "cloud," which involves storing information on the Internet and not one physically vulnerable location, making the temporary loss of data striking.

"Cloud" is a new buzzword du jour to make more appealing a basically bad idea for many fields. Distributing data also distributes risk that some incompetent or careless person or person(s) will cause data corruption or loss (yes, computers are run by people, and either they're in control of their systems, or their systems are in control of them). It also puts organizations storing data on the "internet cloud" at risk of being victims of a network "rainy day" when internet connections might prove unreliable (accidents, sabotage, natural disasters all come to mind).

In healthcare, using the "cloud" for data storage seems to be a bad idea, especially in an era of $99 (retail) terabyte hard drive storage, and corresponding economies in mission critical-grade local mass storage, backup, business continuity and disaster recovery capabilities.

In summary, is electronic medical data more secure when stored electronically than on paper? Only if the underlying CIO's, information stewards, technicians and system administrators are at least as competent and careful as the trained health information management (HIM) personnel in hospital medical records departments and doctors' offices.

Time will tell if that is the case. One mistake, and thousands or millions of records can go *POOF*.

Microsoft and T-Mobile were lucky ... this time.

-- SS

10/26 addendum:

Sometimes, EHR data simply disappears too. At this link is a story of a Canadian clinic that lost two years of electronic health records:

Clinic's medical files vanish

By Ryan Cormier, Edmonton Journal

October 21, 2009

During a recent investigation into whether a patient's confidentiality had been breached at the Fairview Medical Clinic, an investigator asked for a log of who had accessed the complainant's file. When the clinic responded that it had automated his records in 2004 but only had files from 2006 on, alarm bells rang.

"That raised a lot of questions," said Leahann McElveen, an investigator with the office of the information and privacy commissioner.

The clinic had permanently lost two years worth of health files that include patient information on visits, prescriptions, lab reports, doctor's notes and other information. The loss happened when the clinic switched from one electronic medical records system to another.

"They were two similar systems intended to do the same thing," McElveen said. "However, they weren't coded the same way behind the scenes. It's not that the records fall into the wrong hands, they just don't exist anymore."

*POOF* again.

-- SS