EMR and Computer Security: Another cautionary experience

We’re all going full-tilt toward the Electronic Medical Record, and it stands to be pretty useful both to patients and to providers. However, they’re still just very specialized software running on networks, and networks need constant vigilance against intruders, including the bored, curious and malicious.

via Slashdot, here’s the story of a Seattle-area Hospital that had several critical systems shut down by a hacker who installed adware in an unsecured system. They state no-one was harmed (good) and the culprits are going to have to face the music (double-plus good), but as we become more and more interconnected we’re also more and more vulnerable.

I went to a dog-and-pony show for the EMR that our corporation is going to be rolling out soon, and it’s intriguing, but I’d need to do about 50 practice cases to feel comfortable with it before using it ‘live’. The biggest concern I have with any of these systems is that the flow of information is always assumed to be very linear (triage / basic registration info, then nursing assessment, then the doc interaction, the diagnostic tests and therapeutic interventions are ordered, etc.), which isn’t life in the ED. Sometimes all that needs to happen at the same time, and it takes a lot of mental flexibility and teamwork to make that happen. I’m leery a program can be made anywhere nearly as flexible as people.

Also, patients, get used to looking at the top of your doctors’ head (if you’re lucky) or their back, as ‘feeding the computer’ is going to be the norm. Progress, you know.