Skip to site navigation Skip to main content Skip to footer content Skip to Site Search page Skip to People Search page

Alerts and Updates

Electronic Health Records: The Time for Implementation Is Now

January 29, 2009

Electronic Health Records: The Time for Implementation Is Now

January 29, 2009

Read below

President Obama has allocated money from his recently proposed economic stimulus package to investment in healthcare IT, but will it be enough for the United States to implement an integrated, nationwide health information network? With efforts to date, this allocation and the overall support of the Obama administration may serve as the momentum that is needed to make significant progress.

Existing Healthcare System

The United States currently has an expensive and unwieldy paper driven health system. Not only does the processing of paper claims cost more than processing electronic claims, the fact that medical records are stored on paper is also likely to make it more difficult to coordinate care between hospitals, measure quality and reduce medical errors. Studies have found that the use of technology for keeping medical records can both reduce costs for health systems and improve care. A study by the RAND Corporation is cited for taking the position that, if most hospitals and doctors' offices adopted electronic health records, up to $81 billion per year of savings would be realized each year, $77 billion from improved efficiency, such as reduced hospital stays and the avoidance of redundant care (i.e., duplicative and unnecessary testing), and $4 billion from reduced medication errors and side effects.1 As recently as January 26, 2009, the Commonwealth Fund reported that in 41 Texas hospitals, a 10-percent increase in the automation of notes and records produced a 15-percent decrease in the chance of a hospital death.2

Initiatives to Date

During his January 20, 2004, State of the Union Address, President Bush pledged that every patient will have an electronic patient record in 10 years, and, on April 27, 2004, he signed an executive order 13335 (EO) announcing his commitment to the promotion of health information technology to lower costs, reduce medical errors, improve the quality of care and provide better information for patients and physicians. In particular, he called for widespread adoption of electronic health records and for health information to follow patients through their care in a seamless and secure manner. Further, the EO directed the Secretary of the U.S. Department of Health and Human Services (HHS) to establish within the Office of the Secretary the position of National Health Information Technology Coordinator.

On September 13, 2005, HHS Secretary Mike Leavitt selected 16 commissioners to serve on the American Health Information Community (AHIC). The AHIC is a federally chartered commission charged with advising the Secretary on how to make health information digital and interoperable, with its work intended to help the country achieve President Bush's goal of having most Americans using interoperable electronic health records within 10 years.

While this initiative started off strong at the outset of the Bush administration, it has fallen off in recent years.


Among other barriers to the implementation of this initiative, two of the biggest have been privacy and security concerns, and cost.

1. Privacy and Security Concerns

To date, the fear of unauthorized access to, and security for, records and privacy concerns have likely prevented the adoption of technology. Some of these concerns include breach by an outsider, laptop or mobile device theft or loss, theft from a wireless network, unauthorized employee access and breach of confidentiality as a result of human error.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to establish rules for access, authentication, storage and auditing and transmittal of electronic medical records. While HIPAA has made standards for electronic records more stringent than standards for paper records, concerns still exist regarding the effectiveness of the implementation of these standards and how to balance the need for the seamless provision of healthcare with adequate privacy and security protections. In January 2007, at the request of Congress, the federal General Accounting Office ("GAO") reported on HHS' privacy efforts and determined that more could be done to ensure the privacy of information exchanged within a national healthcare information network. HHS, through the Office of the National Coordinator, addressed the GAO's concerns by initiating several projects, such as the creation of a commission to define certification criteria for electronic medical records. Despite these efforts, the GAO found that more needs to be done "to establish the high degree of public confidence and trust needed to help ensure the success of a nationwide health information network."3

In addition, HIPAA implementation standards have likely been hampered by the unresolved debate over whether to use an individual's Social Security number, or some other number, as a global personal identifier. Also, general security practices remain an ongoing issue. The Centers for Medicare and Medicaid Services (CMS) have recently commenced onsite reviews of hospitals' compliance with security rules mandated by HIPAA.

2. Cost

Another major barrier has been the sheer cost that is placed upon individual health systems and physicians in order to implement technology in their businesses. Not only is there likely to be a need for hardware to be implemented throughout the organization, there are also software costs and ongoing maintenance fees that must be paid. While large health organizations and providers may have an incentive to provide a state-of-the-art facility, including access to electronic health records, individual physician offices may have less incentive.

Obama's Technology Plan and the House Bill

In his technology plan, President Barack Obama asserts that he will invest billions of dollars to move the U.S. healthcare system to broad adoption of standards-based electronic health information systems, including electronic health records.4 At the time of this writing, his current $819 billion economic stimulus package, which passed in the House and was being sent to the Senate, calls for the investment of nearly $20 billion in healthcare IT over the next decade, the largest investment by the federal government to date. In the past, Obama has cited the Veterans Health Administration, the nation's largest integrated health system, as a model in the use of technology to modernize and improve healthcare delivery and says that he plans to accomplish his goal by phasing in requirements for full implementation of health IT and committing the necessary federal resources to make it happen.5 There is likely to be continued debate over the cost and timing of healthcare IT implementation. The Congressional Budget Office recently reported that while increased healthcare IT usage will reduce national healthcare spending, it may also increase Medicare spending because "improved adherence to treatment protocols could increase the amount of care provided."6

At the same time, Obama says that he will strengthen privacy protections for the digital age and harness the power of technology to hold government and business accountable for violations of personal privacy.7 In particular, he says that he will work to provide robust protection against misuses of particularly sensitive kinds of information, such as e-health records and location data that do not fit comfortably within sector-specific privacy laws.8 In addition to the House bill itself, these goals are likely to be achieved through HHS' continued efforts in the healthcare IT area, state initiatives, and other legislation if the public determines that current protections are not sufficiently broad. According to David J. Brailer, the first national coordinator of health information technology under President Bush, one fault of the House bill may be that, as a result of the increased emphasis on privacy protection, it inhibits the flow of information.9

Among other things, the House bill currently makes available $2 billion (or $5 billion in the Senate version) to states in grants and loans to help put electronic health record systems in place, and starting in October 2010, gives providers increased payments from Medicare and Medicaid for using electronic health record systems.10


Although electronic health records have been a topic of discussion for years, several factors have been moving it to the forefront, including the rising cost of healthcare and its effect on the nation's competitiveness, the health needs of aging baby boomers, the increase in technology efficiency, the perceived value from long-term reduction in cost and improvement in care, and leadership to date from both the Bush Administration and private industry.11 However, it is likely to require the commitment of the Obama administration and lawmakers in Washington to write adequate privacy and security laws balancing the need of providers to share information in order to provide care with the need of patients to have meaningful enforcement provisions so that privacy is protected. Also, it will require not just government investment, but meaningful incentives for providers, such as the currently proposed increased payments from Medicare and Medicaid and new tax breaks for investment, in order to offset the costs (including costs for upgrades in hardware and software) for providers to become part of an integrated, nationwide health information network.

To view President Obama's technology plan, please visit

For Further Information

If you have any questions regarding this Alert or would like more information, please contact John M. Neclerio, Lisa W. Clark, any member of the Healthcare Information Technology Practice Group or the attorney in the firm with whom you are regularly in contact.


  2. "Clinical Information Technologies and Inpatient Outcomes: A Multiple Hospital Study," Archives of Internal Medicine.
  3. GAO-08-1138 Health IT and Privacy, September 2008.
  5. Id.
  6. CBO Letter to House Ways and Means and Energy and Commerce Committees, January 21, 2009.
  7. Id.
  8. Id.
  9. Id.
  11. In addition to initiatives by other companies, at the end of 2006, five major corporations, including Intel, Wal-Mart, AT&T and Pitney Bowes announced they would finance development of Dossia, a web-based personal health record available to their 2.5 million employees, dependents and retirees. Controlled by employees, Dossia would cull information from their doctors, hospitals and pharmacies to create a comprehensive health history that would be portable and private.

Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.