Patient access to medical records key to stemming inaccuracies

WASHINGTON--Unlike what happens in Vegas, what happens in a patient's medical record--especially inaccuracies--can stay with them forever, Dhruv Khullar, a resident physician at Massachusetts General Hospital, said during a Tuesday session at Health Datapalooza 2016 in the District of Columbia.

The panelists, ranging from a government official to university members, gathered to discuss their experiences and views of patient data safety and data sharing.

Khullar said it's growing more difficult to trust what is in the electronic health records of patients. "When I speak with patients, I find that their electronic medical record is littered with inaccuracies," he said.

There are certain aspects of an EHR that can lead to more inaccuracies than paper records, he added. Those can include the ability to copy and paste, as well as auto-population features.

Physicians can help stem the flow of mistakes in a couple ways, according to Khullar. They need only to capture the most important information--the data that gives a sense of who the patient is and what their health goals are, and they must encourage patients to read their medical records, he said.

Khullar also noted the need for EHR systems with which people want to engage. Many doctors dread using them, he said, and want an experience that is more intuitive. Patients, according to Dhruv, want records that are as easy to use as a social medical platform, like Yelp or Instagram.

Jocelyn Samuels, director of the Health and Human Services Department's Office for Civil Rights, said the explosion of data in healthcare is "transformative" for the industry, and noted that OCR understands patient trust is a cornerstone to data sharing.

She spoke to OCR's efforts in this vein, saying the office has a robust enforcement arm and will hold healthcare entities responsible when they violate standards of privacy and security rules.

In response to Dhruv's comments, Samuels said that patients have every right to correct errors in their medical records, "and that's why recently we have spent so much time prompting and educating people that they have the right to request access to their records."

In addition, she said, patients should not wait to be offered such access, they should "demand access."

For his part, Daniel Barth-Jones, an assistant professor of clinical epidemiology at the Mailman School of Public Health, said that de-identification concerns are top of mind when it comes to patient data privacy.

There are two misconceptions about such data, he said. One is that it doesn't work; the other is that it works perfectly and permanently.

"The reality is, HIPAA compliance for de-identification provides some pretty important privacy protections," Barth-Jones said. However, perfect de-identification is not possible, and there's no guarantee information will remain de-identified, he added.

"We face a trade-off," he said. "We can't get it both ways in terms of having perfect information and perfect protection. But we can find balance points that both provide very small risks and keep the statistical accuracy of the data."

He added that there needs to be comprehensive legislation that prohibits re-identification of protected patient health information.