Yesterday the Senate unanimously voted to designate the week of June 14, 2010 as National Health Information Technology Week. During this coming week Congress will endeavor to acknowledge the many benefits that Health IT (HIT) can bring to patients, healthcare providers and our medical system.  As part of National Health Information Technology Week the Secure ID Coalition calls on Health & Human Services, Office of the National Coordinator for Health IT (ONC) to require identity authentication in order to access electronic medical records, and personal health information.

Health IT has the potential to bring huge benefits to the American healthcare system through an increase in the quality and continuity of care and a reduction in healthcare cost.  Health IT allows comprehensive management of medical information and promises secure exchange between health care consumers and providers.  Broad use of HIT has the potential to improve health care quality, prevent medical errors, increase the efficiency of care provision and reduce unnecessary health care costs, increase administrative efficiencies, decrease paperwork, expand access to affordable care, and improve the overall health of the U.S. population.

While we recognize the benefits of Health IT, deployments must also require the proper identification of patients and health providers both online and offline.  Linking the patient to the correct electronic medical records is critical to eliminating medical errors, the prevention of fraud and reducing the cost of care.  Knowing who is authorized to access records and personal medical information is the cornerstone of a secure HIT system.  The consequences of failing to adequately put in place identity verification as a privacy and security safeguard are costly, dangerous and even potentially deadly.

A recent study by the Ponemon Institute found approximately 5.8% of American adults or 1.5 million people were victims of Medical Identity theft in 2009. The average cost per victim is just over $29,000.  Additionally, 11% of victims reported receiving a misdiagnosis and 13% of victims reported receiving improper treatment as a result of the theft. This is a significant problem that will only continue to grow unless we take the necessary steps to identify who patients are.

Health IT deployments must ensure both information security and patient privacy. Strong, multi-factor authentication is required to verify only the authorized individuals have access to sensitive personal medical information. Privacy and security of medical records cannot be an afterthought; identity authentication needs to be built into the system at the beginning.  If we don’t recognize the need to secure our HIT systems and verify who has access to records, we will cancel out the benefits this technology will bring to our health care system and to our lives.

Next week, when we celebrate Health Information Technology, let’s also remember that best medicine for the healthcare system is knowing who patients are and linking them to their own electronic medical records.

To read more about the privacy and security of Health IT, please click here.