Coburn: Computerized patient records will bring on hackers

A powerful Republican senator with a medical degree is warning that the nation's transition to electronic patient records will lure cyber intruders and should be reconsidered.

The federal government is spending nearly $20 billion in economic stimulus funds to move doctors from paper to digital records for storing health information. With privacy and money at stake, a Senate Judiciary Committee panel met Wednesday afternoon to review the current rubric for protecting health information in a wired society. Backers of electronic health records say the technology has the potential to improve treatment, lower costs and advance research. Critics of recent implementations, including Sen. Tom Coburn, R-Okla., ranking Republican on the Senate Judiciary Privacy, Technology and the Law Subcommittee, say e-patient records are ripe for hacking.

At Wednesday's hearing, Coburn, a practicing obstetrician, referenced the exploits of Chinese cyber attackers to illustrate the vulnerability of digital versus paper information. "There are always going to be people who will go around" computer security to obtain sensitive information, he said. "Just ask our Defense Department with China right now. Ask our private companies with China right now -- the hacking that's going on. The very sophisticated people, they've got to get into my office to get it, when it's on a piece of paper."

Coburn then cautioned, "Maybe we ought to rethink some of what we're doing, both in terms of privacy but also in terms of cost."

All but one of the several pending Senate bills that would mandate data breach notifications exclude health information. Committee member Sen. Richard Blumenthal, D-Conn., sponsor of the lone exception, S.1535, elicited support for his medical provision from Obama administration officials at the hearing.

"We would be most pleased to work with the senator on that bill," said Leon Rodriguez, director of the Office for Civil Rights at the Health and Human Services Department.

Loretta Lynch, U.S. attorney for the Eastern District of New York, added that the Justice Department "would also look forward to working with the senator on those issues."

Lynch said that manipulating health information can physically, financially and emotionally harm patients. She testified that "false treatment information memorialized in a patient's records can fatally distort the diagnosis of a future medical affliction," and health plans might deny necessary services to patients based on "earlier-billed phantom surgery."

Recently, the Southern District of New York and four other district courts unsealed indictments charging 73 people with health care fraud that involved more than $163 million in falsified billing, partly through medical identity theft, Lynch said. The scammers allegedly stole the identities of doctors and thousands of Medicare beneficiaries to submit requests for reimbursements.

In another case in June, a defendant was sentenced for accessing sensitive medical records on several Arizona state government employees to write the governor a letter of complaint about state personnel with psychiatric records, Lynch said. The victims were involved in an administrative hearing in which the defendant was a party, she added.