Indianapolis boasts the Regenstrief Medical Record System and the Indiana Network for Patient Care, the nation’s only citywide health information exchange. The system contains data on about 9.6 million patients. The system provides emergency department physicians rapid access to a patient’s information at any one of the 25 participating hospitals.

Electronic Medical Records (EMRs) play a large role in improving health care and reducing costs. Both candidates in the upcoming presidential election are stressing the importance of EMR systems. Indianapolis’s system will act as an example, and hopefully motivate physicians to adopt EMRs once they see the benefits.

EMRs allow doctors and staff instant access to medical records. They do not have to waste time trying to find a misplaced paper chart, or spend precious minutes trying to decipher poor handwriting. These efficiencies help decrease errors and improve the quality of care. EMRs also can help you generate additional revenue by decreasing costs, reducing data entry errors, and helping you code at higher levels through improved documentation.

EMRs encourage preventative care. Many systems include alerts or other reminders that notify physicians when a patient is due for a checkup, test, or other procedure. Such practices can drastically reduce health care costs by vaccinating for preventable diseases, or diagnosing cancer in the early stages.

While the benefits of EMRs are clear, it is important to choose the right product. You want an EMR that provides all the functionally you need now, but can also be easily changed and adapted for future requirements, whether they result from changes in your practice, regulatory requirements, or the need to interface a citywide or regional health information exchange.

There are lots of stories about electronic medical records being compromised, and either stolen, or mistakenly made available on the internet. Paper records, however are not immune from unauthorized disclosure. The paper records of 28 patients from Central Florida Regional Hospital ended up in the hands of a Salt Lake City elementary school teacher earlier this year.

The hospital shipped three boxes containing medical records to a company in Las Vegas for a Medicare audit. Two of the boxes arrived safely, but one went missing somewhere along the route. When an auditor noticed the missing box, they contacted the hospital, who in turn contacted UPS two weeks later. Somehow, the package wasn’t able to be delivered, and was sold to a surplus store in Salt Lake City, Utah, for about $20. It was eventually bought by an elementary school teacher who wanted scrap paper for her students. She noticed and reported the error before distributing the records to students.

Unfortunately, the hospital did not immediately notify the patients that their records were lost. Several of the patients are now deceased, making them prime targets for identity theft. The records contained detailed medical histories, as well as phone numbers, addresses, social security numbers and insurance information.

Even though electronic medical records might get most of the bad press when it comes to security, they can actually be much safer than paper records. File transfers are almost always encrypted, making it nearly impossible to intercept and read the records. On the other hand, there is no security for paper files. Anyone can simply open a package and read printed information. In addition to being more secure, electronic records are also much cheaper to process. There is no need to spend time photocopying records and shipping them, which can be expensive due to their weight. Finally, electronic medical records can arrive at their destination much faster than ground shipping.

EMRs are widely seen as a positive change in the healthcare industry. Despite this fact, physicians and hospitals are very reluctant to move into the information age. An article on the Harvard School of Public Health website acknowledges the vast benefits EMRs can provide to the US healthcare system, but points out three main barriers to adoption: culture, costs, and confusion.

EMRs have the ability to “stem skyrocketing health care costs,” which amounted to $2.3 trillion in 2007. In addition to saving money, EMRs can make our healthcare “safer, more efficient, and more cost effective,” according to the article. Research shows several ways EMRs can help your bottom line. First, EMRs can lower your operating expenses by streamlining workflows and letting you operate with fewer staff members, should that be necessary. Second, EMRs can help you eliminate the expense of managing paper. Third, most EMRs offer improved documentation, which lets you legitimately code higher levels for your encounters. Finally, EMRs can help you eliminate billing errors, which can cost you time and money to fix.

Despite all of these benefits, the article reports that “as few as 4% of physicians today use EHRs.” Hospitals similarly lag in EMR implementation. The article cites three reasons why physicians are so slow to adopt EMRs: culture, costs, and confusion.

Culture is tough to change. Physicians usually prefer writing on paper. Many physicians are not computer savvy, and are uncomfortable using them in front of patients. Furthermore, news of security breaches related to electronic patient information has made many physicians wary of privacy concerns and HIPAA violations. Physicians fail to realize that computer systems are usually well protected, and that anyone can walk up to a paper chart and read protected information, including their janitor.

Costs are perhaps the biggest obstacle, especially for small practices. In addition to the purchase price, revenue temporarily decreases while physicians come up to speed on the new system. The biggest mistake physicians make is focusing on the system’s cost, instead of how much additional revenue it can generate. Good systems usually pay for themselves within one or two years.

Confusion stems from hundreds of vendors and systems on the market. Many physicians have a difficult time figuring out which EMR is best for them. While any system will require some changes and training, customized systems that work according to the physician’s specifications can offer the highest returns and lowest training costs.

A recent information security study by Cisco confirmed the age-old adage “loose lips sink ships.” The study surveyed over 2000 people including IT professionals and employees across ten different countries. Cisco found that insiders are still the biggest security threat to your practice, whether by accident, negligence, or on purpose. The study also warned that during times of economic hardship, employees are more likely to steal from their company to help provide for their family.

The study points out several common problems. Employees will often change settings on their computer to access restricted websites. This results in a loss of productivity and potential problems from malicious software. You should also verify employees don’t have access to data they don’t need, such as billing information, or your financial reports.

Sharing confidential information with outsiders is also a common problem. Be sure your staff knows not to talk about any patients they see during the day. This could cause problems for the patient and may result in lawsuits and HIPAA violations.

Sharing company devices, such as laptops, with friends or family members is also a huge problem. Even though employees trust their friends or family not to steal data, it is still possible for them unknowingly download a virus from MySpace or other sites, which could lead to data loss or theft.

Another key problem is employees leaving their computers logged in and unlocked when they are away from their desk for an extended period of time. While it may take a few extra seconds to unlock a computer, it is necessary to prevent unauthorized access. No one wants the janitor to surf around on their computer after hours.

Storing important data on USB thumb drives can also cause problems. Such drives are easily lost or stolen. If your practice needs to store information on USB drives, consider using a free encryption program, like TrueCrypt to encrypt your data.

There are two ways you can protect your data from the insider threat. First, be sure to have a clear information security policy that defines what is appropriate as far as data access, computer usage, and other important matters. Second, be sure to spend time educating your employees about their responsibilities regarding security. Knowing is half the battle, but monitoring and verifying your employees are doing the right thing is also very important.