b Houston Veterans Affairs Health Services Research and Development Center of Excellence and The Center of Inquiry to Improve Outpatient Safety Through Effective Electronic Communication, Michael E. DeBakey Veterans Affairs Medical Center and Section of Health Services Research, Department of Medicine, Baylor College of Medicine, Houston, Texas
Find articles by Hardeep Singha University of Texas Memorial Hermann Center for Healthcare Quality and Safety, School of Biomedical Informatics, University of Texas Health Sciences Center, Houston, Texas; and
b Houston Veterans Affairs Health Services Research and Development Center of Excellence and The Center of Inquiry to Improve Outpatient Safety Through Effective Electronic Communication, Michael E. DeBakey Veterans Affairs Medical Center and Section of Health Services Research, Department of Medicine, Baylor College of Medicine, Houston, Texas
Corresponding author.Address correspondence to Dean F. Sittig PhD, University of Texas Memorial Hermann Center for Healthcare Quality and Safety, University of Texas School of Biomedical Informatics at Houston, 6410 Fannin St, UTPB 1100.43, Houston, TX 77030. E-mail: ude.cmt.htu@gittis.f.naed
Accepted 2010 Dec 22. Copyright © 2011 by the American Academy of PediatricsElectronic health records (EHRs) facilitate several innovations capable of reforming health care. Despite their promise, many currently unanswered legal, ethical, and financial questions threaten the widespread adoption and use of EHRs. Key legal dilemmas that must be addressed in the near-term pertain to the extent of clinicians' responsibilities for reviewing the entire computer-accessible clinical synopsis from multiple clinicians and institutions, the liabilities posed by overriding clinical decision support warnings and alerts, and mechanisms for clinicians to publically report potential EHR safety issues. Ethical dilemmas that need additional discussion relate to opt-out provisions that exclude patients from electronic record storage, sale of deidentified patient data by EHR vendors, adolescent control of access to their data, and use of electronic data repositories to redesign the nation's health care delivery and payment mechanisms on the basis of statistical analyses. Finally, one overwhelming financial question is who should pay for EHR implementation because most users and current owners of these systems will not receive the majority of benefits. The authors recommend that key stakeholders begin discussing these issues in a national forum. These actions can help identify and prioritize solutions to the key legal, ethical, and financial dilemmas discussed, so that widespread, safe, effective, interoperable EHRs can help transform health care.
Keywords: electronic health records, ethics, medical, confidentialityElectronic health records facilitate several innovations capable of reforming health care. Despite their promise, many currently unanswered legal, ethical, and financial questions threaten the widespread adoption and use of electronic health records.
Pivotal legal, ethical, and financial issues need to be addressed if higher quality, lower-cost health care through widespread electronic health record use is to be achieved. A series of conversations, involving patients, lawyers, ethicists, economists, policy-makers, informaticians and clinicians must begin now.
Most stakeholders in the health care reform debate endorse adoption of state-of-the-art electronic health record systems (EHRs) with advanced clinical decision support (CDS). EHRs facilitate the management of individual patient data and the development of large repositories for analysis of system-level data. Both innovations are necessary for successful health care reform. Despite tremendous progress in clinical informatics over the past 50 years, 1 widespread EHR use leads to many new challenges (ie, some affect all clinicians and some are specific to those clinicians caring for children and adolescents 2 ) that need to be addressed. We call for heightened attention and action on certain legal, ethical, and financial dilemmas that have not yet garnered significant attention. These issues, if neglected, can challenge additional EHR adoption and future health care reform.
The legal system, which relies on precedent and lags behind adoption of new technologies including EHRs, offers little guidance to navigate the transition from paper-based to electronic records. 3 For instance, with the renewed push to develop local, state, and national health information exchanges (HIEs), 4,–6 providers will finally have rapid computer access to more than a single organization's paper-based chart. Although these initiatives address longstanding issues related to missing clinical information, 7 there is no statute or precedent to address the extent to which clinicians are responsible for reviewing information in a community-wide integrated EHR that contains data from many sources. 8 Many providers currently find it impossible to review the complete record within a reasonable timeframe. In addition, the integrated EHR introduces several additional liabilities. 9 First, in contrast to paper-based records, in which incomplete or illegible information is not unusual, 10 EHRs can store virtually unlimited amounts of perfectly legible and instantly accessible records that include nearly every aspect of care regardless of where or when it took place, all of which is “discoverable.” 11,12 Patients in large, integrated, “early EHR-adopter” institutions (eg, Kaiser Permanente Northwest 13 and the US Department of Veterans Affairs health system 14 ) have already amassed individual archives of clinical notes, laboratory results, radiographic images, and provider-to-provider correspondence spanning many years. This virtual “mountain” of data can lead to information overload, a new liability 15 that can lead providers to overlook key findings despite reliable access to documentation. 16,17 For instance, clinicians who miss a critical detail that affects treatment decisions while reviewing the EHR could in fact be liable for negligence because “the fact in question was likely just a few clicks away.” 18 Moreover, even if clinicians named in the lawsuit are not directly affected, the institution they work in could be considered liable under the concept of “respondeat superior.” *
Second, EHRs may increase clinicians' legal responsibility and accountability. 19 Sophisticated computer-based auditing procedures, 20 as opposed to paper-based record sign-out logs, can identify individuals who review, or fail to review, key information in the EHR. 21 Take the scenario in which an abnormal finding is documented in the EHR and subsequently reviewed by multiple clinicians but never addressed. Although in paper records it is not always easy to tell who accessed that information, an EHR audit log easily reveals evidence of this lapse. Similarly, alerts for abnormal test results might be reviewed but not acted on, on the basis of the assumption that another clinician was responsible. 22 Although some of these issues have not yet gained traction in the court system, these issues will become more pressing as the nation's health information network comes online and large volumes of patient data become accessible to increasing numbers of clinicians. 23
Third, documentation-related issues introduce new liabilities. Many EHRs contain progress note documentation templates, which allow recent test results to be automatically imported. The liabilities providers incur when they inadvertently import clinical findings not within their clinical purview and sign the note electronically 24 are not clear. Similarly, sequentially written notes that are copied and pasted may contain an extraordinary volume of information and look strikingly similar, displaying repeated information that is no longer correct. 25 Documentation created using templates, copy-paste or “macros” that allow clinicians to type a short phrase preceded by a standard nonalphanumeric character (eg, a period [.], which expands into a much longer, predefined text string) 26 might raise issues related to what is considered “billable” by insurance companies. Although some EHR systems highlight copy-and-pasted sections and text created using macros, and some disallow them altogether, tackling these issues will bring forth challenges.
Fourth, what liabilities do providers face if they do not follow CDS recommendations? 18 This issue is especially pertinent to clinicians who face overwhelming numbers of CDS medication-interaction alerts, which may appear even when risks are negligible (eg, when prescribing oral statins with topical ketoconazole shampoo 27 ). Recent concerns about alert fatigue and high override rates are justified and need to be addressed. 28 In the current environment, however, the legal pressure to maximize Food and Drug Administration-required CDS recommendations outweighs concerns about “alert fatigue” and information overload that arise from suboptimal CDS design. Thus, clinicians who want “nuisance” medication interactions removed from their CDS system face an uphill battle. Currently, legal implications of removing CDS alerts (eg, by CDS content vendors, EHR vendors, or health care organizations) are ambiguous, as are the implications of provider nonadherence to these alerts. 29
Finally, problems regarding usability, quality, and reliability of currently available EHRs 30,–32 bring about complex legal ramifications. For instance, the “hold harmless” clause in many EHR contracts restricts the ability of clinicians to report EHR-related problems. 33 To improve current EHR's capabilities and reliability, clinicians must be able, at a minimum, to report safety issues without fear of recrimination. Recently, the Food and Drug Administration, as part of its National Strategy for Monitoring Medical Product Safety, 34 has called on 350 organizations to begin reporting all EHR-related safety hazards (www.medsun.net). 35 Potential solutions proposed include more stringent oversight of several aspects of EHRs, including features and functions, usability, clinical decision support, and serious large-scale system outages, to name just a few. 36,37
Enhanced portability and accessibility of EHR data raises ethical questions regarding ownership of protected health information (PHI) 38,39 and clinicians' responsibility to prevent and inform patients of the potential for privacy breaches. A small but vocal minority of patients are concerned with the increased risk of unauthorized PHI disclosures via EHRs. These concerns may be valid. For instance, several EHR vendors (eg, Cerner, 40 GE, 41 and Allscripts [formerly Eclipsys 42 ]) have sold deidentified copies of their patient databases to pharmaceutical companies, medical devicemakers, and health services researchers. Deidentified data sets can often be reidentified using publically available external data sources. 43 In reaction to these and related concerns, several patient privacy advocacy groups have called for a right to “opt-out” of having one's PHI stored in EHRs, 44 which will cause new ethical and financial dilemmas. Compliance with opt-out provisions will likely require additional clinic time and resources to maintain separate paper-based records, and clinicians may be less inclined to care for these patients. Clinicians might not be able to collect “meaningful use” Medicare payments 45 on these patients. Perhaps the central ethical question is whether for-profit secondary uses of data are appropriate and justifiable, and if so, what privacy safeguards should be employed. 46
Computer-based personal health information breaches also raise complex ethical and legal issues regarding the appropriateness of current methods to address them. For instance, currently institutions use audit logs as evidence to justify firing personnel who deliberately access EHRs without authorization. 47 Although privacy breaches certainly occurred with paper-based records, they were limited in scope and almost impossible to detect. 48 What recourse is appropriate for clear, albeit often unavoidable, violations of EHR use guidelines, for instance, an employee is pulled away from their workstation for an emergency while logged in, and a bystander surreptitiously accesses multiple patient records?
The implementation of EHRs 49 and state HIEs 50 will inevitably generate data to redesign and rationalize the nation's health care delivery and payment mechanisms, 51 leading to additional ethical dilemmas. This data-driven approach is likely years away, but many related issues need to be addressed, such as who will oversee the data aggregation, verification and validation, and analysis; who will have data access; who will make the final data interpretations; and assuming that everyone agrees they are correct, who will adjudicate the ethical disagreements that inevitably surface when data are used to inform new health care policies. Nonpartisan, multi-disciplinary, expert review-panels composed of clinicians, statisticians, informaticians, ethicists, and patient advocates, for example, could be convened and charged with providing such oversight.
Finally, many ethical dilemmas surrounding privacy and control of electronic information are unresolved. 52 For example, with increased availability of personal health records, clinicians must be careful to maintain the rights of adolescents in light of their parents' proxy access to their data. 53,54 Although adolescents are allowed to protect information from their parents and consent to treatments for certain sensitive conditions in which a need for parental involvement may inhibit care, consent to other therapies still requires parental involvement. 52 Other than having a separate confidential EHR, it is not clear how personal health records will restrict parental access to this sensitive information. 54 As adolescents reach adulthood or are emancipated, other issues to consider are who will decide whether and when organizations should transfer control of the electronic records created when the patient was a child.
As the number of organizations participating in HIEs increase, problems associated with reliably and uniquely identifying individual patients, a requirement to maintain patient privacy and data integrity, will increase. This issue poses a substantial barrier to EHR and HIE adoption and use because current deterministic, probabilistic, and biometric patient matching algorithms fail to correctly match patient records 5% to 10% of the time. 55 To improve the accuracy of matching patient data from disparate sources, the development of a nationwide, health care-related, unique patient identifier (UPI) was proposed. However, in 1998, Federal regulations and public outcry about infringement on right to privacy thwarted development of the UPI mandated in the 1996 Health Insurance Portability and Accountability Act known as HIPAA. 56,–58 A renewed, healthy, national debate that involves key stakeholders needs to address the legal, ethical, and scientific advantages and disadvantages of an UPI and explore alternative solutions.
A key unresolved financial issue is who should pay for the implementation and use of EHRs and HIEs. Under most current provider reimbursement models, an estimated 89% of the monetary benefits from EHR use goes to health care payers rather than to those who currently finance EHR implementations. 59 In addition, EHR use can potentially decrease individual provider productivity by 10%. 60 Physicians are understandably concerned about the cost and resources required for implementing and maintaining EHRs, estimated at approximately $40 000 to $50 000. 61 Although the recent federal stimulus package helps reimburse clinicians for some of these costs, questions about private health insurers' role in funding EHR and HIE implementation remain because private insurers are among their major beneficiaries. 62 Conversely, the recent passage of the Patient Protection and Affordable Care Act with its Accountable Care Organizations 63 and the emphasis on the patient-centered medical home model 64 offers promise for the increased financial support of EHR and HIE implementation.
Another dilemma of particular importance to pediatricians arises from longer record retention requirements (ie, records for minors and obstetrics patients must be maintained through age 21 of the child or 7 years from the last date of service, whichever is longer 65 ). Although paper-based charts can simply be kept in a dry, locked room, in a rapidly evolving digital era, safe, secure, and verifiable access to records created from technologies (ie, hardware/software) more than a decade old, is a much more difficult and expensive proposition. 66 It is unclear how pediatricians will maintain these electronic records long-term, and who will pay for storage and maintenance after they retire.
Lastly, reducing costs in health care is overdue, but many are concerned about the downstream effects of reducing health care expenditures through EHRs and HIEs. For example, previous test-result availability in local HIEs was estimated to result in an annual $10 million loss for all hospitals in the Portland, Oregon, metropolitan area. 67 Although there is no current evidence to determine if or how cost shifting will occur, these issues are also likely to cause dilemmas that would need to be addressed.
In summary, pivotal legal, ethical, and financial issues need to be addressed if higher quality, lower-cost health care through widespread EHR use is to be achieved. A series of conversations, that culminate in a national forum involving patients, lawyers, ethicists, economists, policymakers, informaticians and clinicians, all of whom have high-stakes in these issues, must begin now. The goal of these conversations should be to identify and prioritize solutions to the key legal, ethical, and financial issues addressed in this commentary.
Dr Sittig is supported in part by National Library of Medicine grant R01-LM006942; Dr Singh is supported by a National Institutes of Health K23 career development award (K23CA125585), the Veterans Affairs National Center for Patient Safety, Agency for Healthcare Research and Quality, and in part by the Houston Veterans Affairs Health Services Research and Development Center of Excellence (HFP90-020); and Drs Sittig and Singh are supported by a SHARP (Strategic Health IT Advanced Research Projects) contract from the Office of the National Coordinator for Health Information Technology (ONC #10510592).
We thank Marla H. Daves, MD, and Geeta R. Singhal, MD, for their review of early drafts of this manuscript, and Annie Bradford, PhD, for assistance with medical editing.
The views in this article are those of the authors and do not necessarily represent the views of the Department of Veterans Affairs or any of the other funding agencies.
FINANCIAL DISCLOSURE: The authors have indicated they have no financial relationships relevant to this article to disclose.
Funded by the National Institutes of Health (NIH).
* “Let the superior answer” is a legal doctrine that makes an employer or principle liable for the wrong of an employee or agent if it was committed within the scope of employment or agency. See http://bankruptcy.lawyers.com/glossary/respondeat-superior.html.
EHR electronic health record system CDS clinical decision support HIE health information exchange PHI protected health information UPI unique patient identifier
1. Collen MF. History of Medical Informatics in the United States: 1950—1990 . Washington, DC: American Medical Informatics Association; 1995 [Google Scholar]
2. Spooner SA; Council on Clinical Information Technology, American Academy of Pediatrics Special requirements of electronic health record systems in pediatrics . Pediatrics . 2007; 119 ( 3 ):631–637 [PubMed] [Google Scholar]
3. Perritt HH. Law and the Information Superhighway . 2nd ed. Somerset, NJ: Aspen Publishers; 2009 [Google Scholar]
4. Lorenzi NM. Strategies for creating successful local health information infrastructure initiatives. Reference Number 03EASPE00772. December 2003 . Available at: http://aspe.hhs.gov/sp/NHII/LHII-Lorenzi-12.16.03.pdf Accessed March 2, 2011
5. Detmer DE. Building the national health information infrastructure for personal health, health care services, public health, and research . BMC Med Inform Decis Mak . 2003; 3 :1. [PMC free article] [PubMed] [Google Scholar]
6. Blumenthal D, Glaser JP. Information technology comes to medicine . N Engl J Med . 2007; 356 ( 24 ):2527–2534 [PubMed] [Google Scholar]
7. Smith PC, Araya-Guerra R, Bublitz C, Parnes B, Dickinson LM, Van Vorst R, Westfall JM, Pace WD. Missing clinical information during primary care visits . JAMA . 2005; 293 ( 5 ):565–571 [PubMed] [Google Scholar]
8. Foundation of Research and Education of AHIMA Update: maintaining a legally sound health record: paper and electronic . J AHIMA . 2005; 76 ( 10 ):64A–64L [PubMed] [Google Scholar]
9. Singh H, Thomas EJ, Sittig DF, Wilson L, Espadas D, Khan MM, Petersen LA. Notification of abnormal lab test results in an electronic medical record: do any safety concerns remain ? Am J Med . 2010; 123 ( 3 ):238–244 [PMC free article] [PubMed] [Google Scholar]
10. Devine EB, Wilson-Norton JL, Lawless NM, Hansen RN, Hazlet TK, Kelly K, Hollingworth W, Blough DK, Sullivan SD. Characterization of prescribing errors in an internal medicine clinic . Am J Health Syst Pharm . 2007; 64 ( 10 ):1062–1070 [PubMed] [Google Scholar]
11. Federal Rules of Civil Procedure Rule 34: producing documents, electronically stored information, and tangible things, or entering onto land, for inspection and other purposes . Available at: www.law.cornell.edu/rules/frcp/Rule34.htm Accessed March 7, 2011
12. Miller AR, Tucker CE. Electronic discovery and electronic medical records: does the threat of litigation affect firm decisions to adopt technology ? Washington, DC: Federal Trade Commission; April 2009. Available at: www.ftc.gov/be/seminardocs/090430amiller.pdf Accessed March 7, 2011 [Google Scholar]
13. Chin HL, Krall M. Implementation of a comprehensive computer-based patient record system in Kaiser Permanente's Northwest Region . MD Comput . 1997; 14 ( 1 ):41–45 [PubMed] [Google Scholar]
14. Brown SH, Lincoln MJ, Groen PJ, Kolodner RM. VistA: US Department of Veterans Affairs national-scale HIS . Int J Med Inform . 2003; 69 ( 2–3 ):135–156 [PubMed] [Google Scholar]
15. Oman CE. A review of medical malpractice decisions from the Second Circuit: 1995 . Quinnipiac Law Rev . 1996; 15 :555 [Google Scholar]
16. Singh H, Daci K, Petersen LA, Collins C, Petersen NJ, Shethia A, El-Serag HB. Missed opportunities to initiate endoscopic evaluation for colorectal cancer diagnosis . Am J Gastroenterol . 2009; 104 ( 10 ):2543–2554 [PMC free article] [PubMed] [Google Scholar]
17. Singh H, Hirani K, Kadiyala H, Rudomiotov O, Davis T, Khan MM, Wahls TL. Characteristics and predictors of missed opportunities in lung cancer diagnosis: an electronic health record-based study . J Clin Oncol . 2010; 28 ( 20 ):3307–3315 [PMC free article] [PubMed] [Google Scholar]
18. Hoffman S, Podgurski A. E-Health hazards: provider liability and electronic health record systems . Berkeley Technology Law Journal . 2009. fall; 24 ( 4 ):1523–1581 Available at: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1463671## Accessed March 7, 2011 [Google Scholar]
19. Mangalmurti SS, Murtagh L, Mello MM. Medical malpractice liability in the age of electronic health records . N Engl J Med . 2010; 363 ( 21 ):2060–2067 [PubMed] [Google Scholar]
20. Vigoda MM, Lubarsky DA. Failure to recognize loss of incoming data in an anesthesia record-keeping system may have increased medical liability . Anesth Analg . 2006; 102 ( 6 ):1798–1802 [PubMed] [Google Scholar]
21. McLean TR, Burton L, Haller CC, McLean PB. Electronic medical record metadata: uses and liability . Am Coll Surg . 2008; 206 ( 3 ):405–411 [PubMed] [Google Scholar]
22. Singh H, Thomas EJ, Mani S, Sittig D, Arora H, Espadas D, Khan MM, Petersen LA. Timely follow-up of abnormal diagnostic imaging test results in an outpatient setting: are electronic medical records achieving their potential ? Arch Intern Med . 2009; 169 ( 17 ):1578–1586 [PMC free article] [PubMed] [Google Scholar]
23. Korin JB, Quattrone MS. Electronic health records raise new risks of malpractice liability . New Jersey Law Journal . June 19, 2007. CLXXXVIII(11—INDEX 893). Available at: www.law.com/jsp/lawtechnologynews/PubArticleFriendlyLTN.jsp?id=900005483988 Accessed March 2, 2011
24. Youngstrom N. Audits of electronic health records cloning reveal documentation problems that put compliance at risk . Reprinted from Report on Medicare Compliance , October 4, 2010 [Google Scholar]
25. Hirschtick RE. Copy-and-paste . JAMA . 2006; 295 ( 20 ):2335–2336 [PubMed] [Google Scholar]26. Dvorak CD, Brummel AC, inventors. Medical transcription system with text expansion . US patent 5,781,891 July 14, 1998
27. Seidling HM, Storch CH, Bertsche T, Senger C, Kaltschmidt J, Walter-Sack I, Haefeli WE. Successful strategy to improve the specificity of electronic statin-drug interaction alerts . Eur J Clin Pharmacol . 2009; 65 ( 11 ):1149–1157 [PubMed] [Google Scholar]
28. Kuperman GJ, Bobb A, Payne TH, et al. Medication-related clinical decision support in computerized provider order entry systems: a review . J Am Med Inform Assoc . 2007; 14 ( 1 ):29–40 [PMC free article] [PubMed] [Google Scholar]
29. Rollins G. The prompt, the alert, and the legal record: documenting clinical decision support systems . J AHIMA . 2005; 76 ( 2 ):24–28 [PubMed] [Google Scholar]
30. Koppel R, Metlay JP, Cohen A, Abaluck B, Localio AR, Kimmel SE, Strom BL. Role of computerized physician order entry systems in facilitating medication errors . JAMA . 2005; 293 ( 10 ):1197–1203 [PubMed] [Google Scholar]
31. Nebeker JR, Hoffman JM, Weir CR, Bennett CL, Hurdle JF. High rates of adverse drug events in a highly computerized hospital . Arch Intern Med . 2005; 165 ( 10 ):1111–1116 [PubMed] [Google Scholar]
32. Johnson CW. Politics and patient safety don't mix: understanding the failure of large-scale software procurement for health care systems . Fourth IET Systems Safety Conference Casely P, Johnson CW. eds. Savoy Place, London; 2009 [Google Scholar]
33. Koppel R, Kreda D. Health care information technology vendors' “hold harmless” clause: implications for patients and clinicians . JAMA . 2009; 301 ( 12 ):1276–1278 [PubMed] [Google Scholar]
34. Von Eschenbach AC. The sentinel initiative: national strategy for monitoring medical product safety . May 2008. Available at: www.fda.gov/downloads/Safety/FDAsSentinelInitiative/UCM124701.pdf Accessed March 2, 2011
35. Flack M. Letter to MEDSUN members regarding reporting of health care information technology problems to MEDSUN Web site . February 2010. Available at: www.scribd.com/doc/28215553/FDA-s-Letter-to-Hospitals-on-Health-Information-Technology Accessed March 2, 2011
36. Hoffman S, Podgurski A. Finding a cure: the case for regulation and oversight of electronic health record systems . Harvard Journal of Law and Technology . 2008; 22 ( 1 ):103–165 [Google Scholar]
37. Sittig DF, Classen DC. Safe electronic health record use requires a comprehensive monitoring and evaluation framework . JAMA . 2010; 303 ( 5 ):450–451 [PMC free article] [PubMed] [Google Scholar]
38. Christiansen JR. Why health care information isn't property: and why that is to everyone's benefit . Health Law Digest . American Health Lawyers Association: Washington, DC; February 1999 [Google Scholar]
39. Rodwin MA. The case for public ownership of patient data . JAMA . 2009; 302 ( 1 ):86–88 [PubMed] [Google Scholar]
40. Cerner Life Sciences Unlock evidence in the EHR: Cerner Life Sciences offers unrevealed discovery capabilities . 2007. Available at: www.cerner.com/public/filedownload.asp?LibraryID=36854 Accessed March 7, 2011
41. Kozek A. GE Health care expands pioneering US physician consortium . February 14, 2005. Available at: http://www.gehealthcare.com/company/pressroom/releases/pr_release_10221.html Accessed March 2, 2011
42. Business Editor Eclipsys forms SunClinical data institute to manage, analyze patient data . Business Wire . Available at: www.allbusiness.com/technology/software-services-applications-information/5880797-1.html Accessed March 2, 2011
43. Sweeney L. K-anonymity: a model for protecting privacy . IJUFKS . 2002; 10 ( 5 ):557–570 [Google Scholar]
44. Day M. Patients can opt out of controversial national records system . BMJ . 2007; 334 ( 7583 ):12. [PMC free article] [PubMed] [Google Scholar]
45. Blumenthal D. Stimulating the adoption of health information technology . N Engl J Med . 2009; 360 ( 15 ):1477–1479 [PubMed] [Google Scholar]
46. Gostin LO, Nass S. Reforming the HIPAA privacy rule: safeguarding privacy and promoting research . JAMA . 2009; 301 ( 13 ):1373–1375 [PubMed] [Google Scholar]
47. Moran C. Hospital district fires 16 over privacy violation . Houston Chronicle . November 25, 2009. Available at: www.chron.com/disp/story.mpl/hotstories/6738856.html Accessed March 2, 2011
48. California Department of Public Health California Department of Public Health issues $187 500 administrative penalty to Kaiser Permanente Bellflower Hospital in Los Angeles County . Number 09-67 July 16, 2009. Available at: www.cdph.ca.gov/Pages/NR2009-67.aspx Accessed March 2, 2011
50. American Recovery and Reinvestment Act of 2009 State grants to promote health information technology planning and implementation projects . Available at: http://www.grants.gov/search/search.do?mode=VIEW&oppId=49166 Accessed March 2, 2011
51. The Rationing Commission: meet the unelected body that will dictate future medical decisions . Wall Street Journal . November 15, 2009. Available at: http://online.wsj.com/article/SB10001424052748703792304574504020025055040.html Accessed March 2, 2011
52. Rosenbaum S, Abramson S, MacTaggart P. Health information law in the context of minors . Pediatrics . 2009; 123 ( suppl 2 ):S116–S121 [PubMed] [Google Scholar]
53. Berlan ED, Bravender T. Confidentiality, consent, and caring for the adolescent patient . Curr Opin Pediatr . 2009; 21 ( 4 ):450–456 [PubMed] [Google Scholar]
54. Council on Clinical Information Technology Policy statement: using personal health records to improve the quality of health care for children . Pediatrics . 2009; 124 ( 1 ):403–409 [PubMed] [Google Scholar]
55. Grannis SJ, Banger AK, Harris DH. Privacy and security solutions for interoperable health information exchange: perspectives on patient matching: approaches, findings, and challenges. Prepared for the Office of the National Coordinator for Health Information Technology and the Agency for Healthcare Research and Quality under contract 290-05-0015 . Available at: http://healthit.hhs.gov/portal/server.pt/document/949222/grannis-patient-matching-white-paper-final_pdf Accessed March 2, 2011
56. Stolberg SG. Health identifier for all Americans runs into hurdles: privacy debate heats up . New York Times . July 20, 1998:1, 11 [PubMed] [Google Scholar]
57. Rubin AJ. Gore to propose more privacy safeguards for public . Los Angeles Times . July 31, 1998: 1 , 4 Available at: http://articles.latimes.com/1998/jul/31/news/mn-8936 Accessed March 2, 2011 [Google Scholar]
58. Health Insurance Portability and Accountability Act of 1996, Pub L No. 104-191 (1996) . Available at: http://aspe.hhs.gov/admnsimp/pl104191.htm Accessed March 2, 2011
59. Johnston D, Pan E, Walker J, Bates DW, Middleton B. The value of computerized provider order entry in ambulatory settings . Center for Information Technology Leadership. 2003. Available at: www.partners.org/cird/pdfs/CITL_ACPOE_Full.pdf Accessed March 2, 2011
60. Poissant L, Pereira J, Tamblyn R, Kawasumi Y. The impact of electronic health records on time efficiency of physicians and nurses: a systematic review . J Am Med Inform Assoc . 2005; 12 ( 5 ):505–516 [PMC free article] [PubMed] [Google Scholar]
61. Pogue D. Computerized health records . New York Times . October 15, 2009. Available at: www.nytimes.com/2009/10/15/technology/personaltech/15pogue-email.html Accessed March 2, 2011
62. Goedert J. Payers make moves toward MU incentives . Health Data Management Breaking News . August 5, 2010. Available at: www.healthdatamanagement.com/news/meaningful-use-incentives-pay-for-performance-40819-1.html Accessed March 2, 2011
63. Patient Protection and Affordable Care Act, HR 3590 (2010) [Accessed March 2, 2011]. Available at: www.gpo.gov/fdsys/pkg/PLAW-111publ148/pdf/PLAW-111publ148.pdf.
64. Bates DW, Bitton A. The future of health information technology in the patient-centered medical home . Health Aff (Millwood) . 2010; 29 ( 4 ):614–621 [PubMed] [Google Scholar]
65. American Academy of Pediatrics Practice Management Online, Medical Record Retention . 2007. Available at: http://practice.aap.org/content.aspx?aid=2015 Accessed March 2, 2011
66. Lekkas D, Gritzalis D. Long-term verifiability of the electronic health care records' authenticity . Int J Med Inform . 2007; 76 ( 5–6 ):442–448 [PubMed] [Google Scholar]