Patients trust physicians most to protect personal data

Some see electronic medical records as a threat to their privacy, a new survey finds.

By Pamela Lewis Dolan — Posted March 15, 2011

Print  |   Email  |   Respond  |   Reprints  |   Like Facebook  |   Share Twitter  |   Tweet Linkedin

Patients trust their doctors over other parties, such as insurers, the government and employers, to protect their health information. But some believe electronic medical records may make their data less secure, according to a survey.

In late January, CDW Healthcare surveyed 1,000 American adults who had visited a physician or hospital in the past 18 months. Sixty-eight percent said their physician office was responsible for protecting their personal health information, and 67% trusted their doctor's office the most to maintain that information. Employers were least trusted, at 7%.

In addition to health information, the majority of survey respondents (79%) said they believed their doctors' offices were responsible for protecting their financial information, personal identifying information (91%) and family information (94%).When asked what impact EMRs would have on privacy protections, 40% said they would have a somewhat negative effect and 9% said they would have a significantly negative impact. Only 27% said EMRs would have a somewhat or significantly positive effect.

Even though physicians are the most trusted, "they have to be aware that right now your patients have a big, big concern about going to the electronic medical record, and I think part of the onus is on the physician to ease those feelings for their patients," said Bob Rossi, vice president of CDW Healthcare.

CDW has found that many physicians are not equipped to provide the data security their patients expect. The group surveyed 200 physician practices in 2010 and found that 30% did not have basic anti-virus software protection and 34% did not use firewalls.

As many practices begin to adopt EMRs, surveys like this should serve as a warning to physicians that security needs to be a part of the adoption process, Rossi said. And it's something that needs to be continually updated and monitored.

Not protecting patient data could cost practices a lot more than their patients' trust. Under the HITECH Act of 2009, fines for violating HIPAA laws range widely, from $100 to $1.5 million per violation. In addition to federal fines, a 2009 study by the Ponemon Institute placed the average cost of security breaches at $204 per medical record -- $144 in indirect costs, such as lost business, and $60 in direct costs, such as setting up credit monitoring for victims.

The CDW report made recommendations to help physicians protect themselves. Among the recommendations was to take steps to meet reasonable security standards, such as installing firewalls and anti-virus software.

Encryption is another security step that health care organizations often miss. Under HIPAA, if data are stolen but are encrypted, the organization is exempt from fines and from notifying the Dept. of Health and Human Services that a breach occurred.

The CDW report suggests that health care organizations conduct a security risk assessment at least once a year.

Back to top



Read story

Confronting bias against obese patients

Medical educators are starting to raise awareness about how weight-related stigma can impair patient-physician communication and the treatment of obesity. Read story

Read story


American Medical News is ceasing publication after 55 years of serving physicians by keeping them informed of their rapidly changing profession. Read story

Read story

Policing medical practice employees after work

Doctors can try to regulate staff actions outside the office, but they must watch what they try to stamp out and how they do it. Read story

Read story

Diabetes prevention: Set on a course for lifestyle change

The YMCA's evidence-based program is helping prediabetic patients eat right, get active and lose weight. Read story

Read story

Medicaid's muddled preventive care picture

The health system reform law promises no-cost coverage of a lengthy list of screenings and other prevention services, but some beneficiaries still might miss out. Read story

Read story

How to get tax breaks for your medical practice

Federal, state and local governments offer doctors incentives because practices are recognized as economic engines. But physicians must know how and where to find them. Read story

Read story

Advance pay ACOs: A down payment on Medicare's future

Accountable care organizations that pay doctors up-front bring practice improvements, but it's unclear yet if program actuaries will see a return on investment. Read story

Read story

Physician liability: Your team, your legal risk

When health care team members drop the ball, it's often doctors who end up in court. How can physicians improve such care and avoid risks? Read story

  • Stay informed
  • Twitter
  • Facebook
  • RSS
  • LinkedIn