All patients want their caregivers to have ready access to up-to-date and complete medical records during each encounter, irrespective of the time or place.

Yet after the investment of billions of dollars by provider organizations and government on healthcare infrastructure, most caregivers cannot access a complete medical record during patient encounters. This inability to obtain the necessary patient information leads to polypharmacy, duplicate testing, wasted resources and medical errors.

This failure to provide a complete medical record to clinicians stems from several factors: Lack of robust interoperability among electronic medical record systems (EMR).

Absence of technology standards for the sharing of clinical information for use in clinically driven workflow.

Federated model a barrier

Resistance to a centralized model for medical record compilation, leading to the widespread use of a federated storage/access model.

While many patients and privacy advocates believe a federated model provides a higher level of protection against cyberattacks that attempt to steal medical data, this model also presents a significant barrier to accessing a complete medical record at the point of care.

Because a federated model stores patient information at its point of creation, pulling together a complete medical record on an average patient requires access to numerous EMRs, all with different levels of availability, “uptime” and points of failure. In practice, the federated model relies upon a hybridized health information exchange (HIE) that augments the federated model with characteristics similar to a centralized model.

In the centralized model, all providers send patient information from every encounter to a secure centralized repository that maintains the complete record while making it accessible to authorized users. Although information technology security experts suggest that a centralized repository of sensitive data provides a better means to protect the data, patient resistance to centralized storage because of privacy concerns led to the industry embracing a federated approach to medical record storage.

For more than a decade William Yasnoff, MD, advocated the use of a centralized model for storage of medical records in a health record bank. In his model, each patient maintains complete control over the data, directing its use in patient care, disease surveillance, and medical research.

Healthcare cyber threat

Unfortunately, the notion of storing a population’s records in a single database proved unacceptable to patients and clinicians worried about the theft of records from such a monolithic database, rich in demographic, financial and clinical information that could be easily monetized by criminal hackers.

Recently, Yasnoff published an article in the Journal of Biomedical Informatics where he outlines how the cited weaknesses of the centralized model could now be mitigated through the use of widely available cloud computing.

Unlike other versions of the centralized model where all patient information resides in one database, his Personal Grid model stores a single, complete patient record in a single, encrypted database. Therefore, hackers cracking a database obtain only one patient record per “crack.” As the effort to “crack” a database is non-trivial, the attractiveness of the centralized model to cyber criminals decreases dramatically.

Although this type of model was previously technically feasible, the former limitations of computer power and performance prevented the records from being used for population management or medical research. Without effective indexing of information, which a singular database provides, any search effort requires a sequential search through every single patient database. Now, with cloud computing, virtual servers and the “renting” of computer processors, this brute-force search can be managed at acceptable search times and cost.

As the Office of the National Coordinator pivots to focusing on interoperability, quality reporting and analytics as part of its Meaningful Use Stage 3 initiatives, perhaps it is time to revisit the centralized model with Personal Grid for storage and access to a medical record.

As many HIEs have already moved closer to a more centralized model because of practical concerns, the availability of relatively inexpensive and immensely powerful computing may offer all clinicians easy access to complete medical records while effectively protecting the valuable and sensitive personal information inherent in those records.

Excerpts from “Why the Personal Grid May Be the Best Way to Share Records” published in Health Data Management