Would a CHIN or IDS help or hinder security?

Belonging to a computerized network for the exchange of data may not necessarily help you to ensure security of your patient, financial, and administrative records, a recent survey suggests.

The results of the second annual computer-based patient records survey of 1,773 hospitals across the United States were released in November 1995 by Gordon & Glickson, an information and technology law firm in Chicago.

By July 1998, three out of five hospitals are likely to be participants in an information delivery system (IDS) or community health information network (CHIN), the survey suggests. CHINs and IDSs facilitate the exchange of clinical, financial, and administrative data among network members such as hospitals, physicians, clinics, insurance companies, and pharmacies.

Already, one in five of the hospitals surveyed is a member of an IDS or CHIN, and more than half of those who are not say they intend to join within three years.

Following are some of the key findings:

* Overall, security practices have improved for computerized patient records, including safeguards to protect against viruses and computer hackers.

* Hospitals already belonging to a health information network implement tighter computer security, although they appear to be more lax about access to patient records from computers with floppy-disk drives.

* Most hospitals that are planning to join an IDS or CHIN have not yet determined which patient identification method would be most effective to protect patient privacy.

* Most hospitals do not adequately communicate internal software findings to employees.

[Editor's note: For printed copies of the survey results, contact Diana J.P. McKenzie, Gordon & Glickson. Telephone: (312) 321-7671.] *