Electronic medical records and patient privacy.

Networks of health care providers and payers increasingly rely upon electronic databases to coordinate and analyze medical information. Benefits of linking databases include saving lives and reducing costs. However, access to and use of medical records raise serious privacy concerns. Potential misuse of records may harm patients and undermine the quality of health care. In the clinical setting, stringent security procedures must be instituted, including limited access to electronic records, audit trails, and security audits. Patient consent should be obtained before personal information is disclosed. Current law does not provide the strong, consistent guidelines needed. Adequate privacy protection requires a comprehensive federal law.