Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Docs Warm Up to EHRs, Patients Want Paper

While docs are gradually getting onboard with electronic health records, most patients worry about the security of their personal health info in cyberspace. What's behind the chasm?

There's a bit of a gap between patients and doctors when it comes to electronic health records (EHRs). A new survey indicates that, by a slight margin, the majority of doctors think EHRs are safer than paper records. But more than half of all patients prefer paper. A closer look at the data can help explain the difference of opinion.

The recent omnibus survey by EHR vendor Practice Fusion was conducted by GfK Roper OmniTel. More than 1,000 patients were phone surveyed between Oct. 21 and 23, as were 1,220 medical professionals who were polled online with the same questions on Oct. 28.

Of the physicians surveyed, 54% said they thought EHRs were safer. Only 18% selected paper as the more secure option. The remainder didn't answer or didn't know.

As for the patients surveyed, 47% said paper records are safer, with 39% saying digital records are more secure. The rest were unsure.

[Critics charge that Meaningful Use incentives only reward longtime users of health IT rather than encourage new EHR adoption. Are EHR Incentives A Waste Of Money?]

It's interesting to note that while a majority of doctors think digital records are more secure--and a majority of patients think paper is better--neither side provided a landslide victory for either paper or EHRs. In fact, both sides seem fairly mixed in their support of both.

With enough education and enlightenment about the benefits of EHRs, or too many high-profile cases of security and privacy breaches of digitized medical information, either side could probably be swayed more strongly in favor of EHRs or paper.

I think the sampling of patients provide some valuable insights into how the public thinks. Unlike doctors, who have been bombarded over the last two years with information from the government, trade associations, and others about the benefits of EHRs--not to mention the billions of dollars in HITECH Act financial incentives to "meaningfully use" health IT--consumers haven't been the focus of a heavy pro-EHR public relations blitz.

So, I think consumers are likely more "pure" in their responses. The answers from patients seem to reflect: 1) they're probably not all that aware of the push for U.S. healthcare providers to give up paper; 2) they haven't given too much thought about why digital records could be better than paper; and 3) they're probably a bit spooked about the possibility of having their own digital medical records hacked, lost, or snooped.

Of the patients surveyed, those between ages 25 and 34 were most inclined to think EHRs are secure. That was the only age group of patients for which a majority--51.4%--said EHRs are safe.

Interestingly, on the age spectrum, younger patients, ages 18 to 24, as well as older patient groups, those ages 50 and older, were the folks that were most inclined to say paper records are safer. It was people in the midrange--ages 25 to 49--who had the strongest support for EHRs.

The survey also drilled down a bit on patients' other perceptions about EHRs versus paper.

Of those patients who think paper records are safer than EHRs, 72.2% agree or somewhat agree that paper records are less distracting to doctors than EHRs.

Of that same group of patients favoring paper, 87.2% said they think paper is more private and allows more control over who sees the records. Also of that same group, 86% said they think paper is more secure because it's less likely to be hacked or lost. Finally, nearly 65% of those paper-loving patients just prefer the tradition of paper over digital records and see no reason to change systems.

When the survey dug deeper into the group of patients who thought EHRs are safer than paper, 91% said digital records are more portable between doctors; 95% think EHRs are more accessible when you need your records; and 93% thought EHRs are more accurate than paper records. Of that EHR-favoring group, 76% also thought digital records are better protected from theft or loss than paper.

The survey suggests that most consumers aren't that familiar with or interested yet in EHRs or the benefits they can provide versus paper. That could be because most patients get their care from any of the tens of thousands of doctors in the United States still using paper charts.

Even when consumers have access to and manage their own health records electronically, many are either unaware or not motivated enough to use that capability. Evidence? Look what happened to Google Health. The personal health record platform of perhaps the best-known name on the Internet is being shut down by the end of the year, in large part because it wasn't popular among consumers.

But I don't think the demise of Google Health means patients are uninterested in using personal health records (PHRs). With its fall, "we can definitively say that patients are uninterested in creating, populating, and maintaining their own PHR. But PHRs can be successful when they are created, populated, and maintained by doctors and medical professionals," said Matthew Douglass, Practice Fusion VP of engineering in an email interview with InformationWeek Healthcare.

Some think that it's not that consumers aren't interested in PHRs, but rather it's still too hard to set them up and use them until more doctors make the switch to EHRs.

"The wave of the future in the PHR space will be at the intersection of medical professional-entered data and patient participation, but the seed of data must begin with electronic medical records for this to be successful, " said Douglass. As for the public perception that EHRs are more vulnerable than paper to loss and mishandling, that's a myth that also needs to be shattered, said Douglass.

"The irony of general population concern about HIPAA breaches is that many of these breaches are not even electronic in nature," he said. "Paper records get accessed fairly regularly without proper authorization, with no audit trail in place to track who saw which patients' information," he said.

"There's not much preventing someone from walking into a doctor's office and walking away with an entire stack of patients' charts."

Fears about digitized health records aside, I think the patients' feelings about paper medical records seem to reflect two larger themes, one about U.S. culture and the other about human nature: Americans like tradition and people don't like change.

Marianne Kolbasuk McGee is a senior writer for InformationWeek.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Lisa Henderson
Lisa Henderson,
User Rank: Apprentice
11/4/2011 | 7:53:07 PM
re: Docs Warm Up to EHRs, Patients Want Paper
The comment about security breaches from the VP at PracticeFusion-- "There's not much preventing someone from walking into a doctor's office and walking away with an entire stack of patients' charts"--is not helping the argument. I would fully doubt that a person would be able to get past the receptionist, the nurses, and the doctor (in the office I go to anyway) and walk out with enough patient charts without making a scene to make the whole effort not worth it. Even if someone broke in and took the records, then what? It is digital security and addressing the other fears that are the issue. People read stories about banks and stores credit records getting hacked into. Addressing real security and educating people that will help.

Lisa Henderson, InformationWeek Healthcare, contributing editor

Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it mak...
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform a...
PUBLISHED: 2021-04-15
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
PUBLISHED: 2021-04-15
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has be...
PUBLISHED: 2021-04-15
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to ...