Electronic medical records: a threat to privacy? Abstract: Electronic medical databases and the ability to store medical records within them have made our lives easier in many ways and riskier in others. The main risk they represent is the security of our personal data if stored on an insecure medium. What happens if someone gets their hands on your information and uses it in ways you don't approve of? Can you stop them? To keep your information safe and maintain trust in this valuable technology, the issue of access must be addressed. Guidelines are needed to establish who has access and how they can get it. This is necessary for information security, to preserve privacy and to maintain existing benefits. Imagine a seriously ill person in a hospital bed. Tubes and wires connect it to whirring machines like medical cables; they lie almost lifeless, except for the barely perceptible vitality pumped into them by the system of machines we call life support. Take a moment to think about the role that computers play in this scenario. Now imagine the scene and the patient's condition without a computer. It's easy. There's nothing: no slow breathing, no whirring machines, no IVs, no beeping heart rate monitors. Not only would the person likely be dead, but everything from the reclining bed to the nurse call button to the life support system relies on computers. Computers have completely proliferated the world of medicine. They are used to monitor vital signs, to operate on artificial hearts and to compile and store medical histories. Although not directly related to our well-being, this latter use is of the utmost importance. Today, the use of medical databases and computers... at the heart of the document... Berkeley National Laboratory ethical, legal and social issues in the science project2. White House Publication, Wednesday, December 20, 2000 at www. cdt.org/privacy/medical/001220whitehouse.shtml; published by the Center for Technology and Democracy3. www.ama-assn.org/sci-pubs/msjama/articles/vol_285/no_13/jms0404014.htm#ref3; Journal of the American Medical Association.4.www.techtv.com/cybercrime/privacy/story/0,23008,3320805,00.html; a website with positive facts confirmed by other sources5. Sara Baase, A gift of fire. Published by Prentice Hall, 1997. p 616.www.aclu.org/action/medregs/readstories.html; medical privacy anecdotes from newspapers collected by the ACLU7. Personal communication: F. Makedon, class discussion, September 20018.www.netreach.net/~wmanning/otadig.htm; part of a large website dedicated to medical privacy issues