The debate over the legitimacy of Obamacare—the colloquial name for the Patient Protection and Affordable Care Act—seems to be subsiding, until at least the 2016 elections are over. Two U.S. Supreme Court decisions upholding it, along with Congressional repeal efforts stymied so far by the Senate’s filibuster power and the President’s veto pen, suggest that greater attention now will be focused on implementation. Some of its provisions, such as coverage for pre-existing medical conditions and for children through age 26, have broad bipartisan support. The goal of expanded coverage to millions of Americans formerly in the ranks of the uninsured also seems to be moving in the right direction: toward greater inclusion.
But the other essential part of the Obamacare equation—bending the curve of health care costs—remains a matter of serious concern. One key element of that policy goal was the widespread adoption of electronic health care records by hospitals, clinics and other practice settings. With appropriate financial incentives for these institutions to convert their paper records to digital formats, the enhanced administrative efficiencies would reduce the cost of health care service delivery. The efficient transformation of medical records also would benefit patients, particularly in speeding up diagnoses and treatments.
However, the adoption of e-health records nationwide has been slower than anticipated. A recent study by the accounting and advisory firm KPMG provides valuable data regarding why health care institutions are taking a wait-and-see approach. A key reason seems to be that the information technology (IT) infrastructure of these organizations is vulnerable to cyberattacks. Such intrusions have potentially profound effects on e-health records; a breach can lead to a degradation of medical care and a loss of confidence by patients.
“A breach can lead to a degradation of medical care and a loss of confidence by patients.”
Compared with previous annual KPMG surveys, the latest results indicate that the number of attacks on health care IT systems has increased, with 13 percent of respondents saying they are targeted by external hack attempts about once a day. Another 12 percent said they see about two or more attacks per week. “More concerning,” the report said, “16 percent of health care organizations said they cannot detect in real-time if their systems are compromised.”
The areas of greatest concern within health care organizations were external attackers (65 percent), sharing data with third parties (48 percent), employee breaches (35 percent), wireless computing (35 percent) and inadequate firewalls (27 percent).
The financial costs of responding to these attacks also can be catastrophic. “The vulnerability of patient data at the nation’s health plans and approximately 5,000 hospitals is on the rise, and health care executives are struggling to safeguard patient records,” Michael Ebert, who runs KPMG’s Health care & Life Sciences Cyber Practice, said in a statement. “Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed.”
Unless and until these organizations are able to decrease the number and severity of real-time cyber threats, there is not likely to be a dramatic shift from paper to digital health records. Financial incentives alone will not be sufficient to bring about this needed change. The data in the KPMG survey suggest that the underlying crisis of confidence is real; it must be addressed if this critical aspect of Obamacare is to be realized.
Put simply, without digital health care record conversion, the essential variable of cost controls will be difficult, if not impossible, to achieve. The debate over the efficacy of Obamacare thus seems destined to continue well after its Presidential namesake has left the White House.