Dying for Data

A comprehensive system of electronic medical records promises to save lives and cut health care costs—but how do you build one?

14 min read
Cheryl and Tom Conrad
Patient Beware: Cheryl Conrad (right) makes sure she always keeps a copy of husband Tom’s medical records on hand, after he experienced an excruciating delay in getting treated at a local hospital.
Photo: Joshua Lutz

Cheryl Conrad seethed with frustration. It was now 8 hours since she had found her husband, Tom, passed out on the floor. Now, in the hospital, he was slipping into a coma. Tom suffers from a rare genetic condition that causes deadly ammonia to build up in his bloodstream.

Cheryl knew just what was wrong and what her husband needed: a massive dose of lactulose, a drug that would reduce the ammonia in Tom’s blood. But the emergency room doctors wouldn’t listen. Only months earlier Tom had been treated there for a similar episode, but nobody could locate the medical records detailing his condition. Instead, the ER staff insisted on contacting the specialist who had been treating Tom’s illness. But the doctor couldn’t be reached.

It took another 2 hours before they got through to Tom’s doctor, who immediately prescribed lactulose. After two days of treatment, Tom was released from intensive care. Galvanized by the experience, Cheryl resolved to keep a paper copy of Tom’s medical records with her at all times [see photo, "Patient Beware"].

Though the patients, maladies, and medications vary, this wrenching scenario plays itself out in one form or another every day in countless hospitals around the globe. And it is completely unnecessary. Decades after virtually every significant enterprise in the developed world turned to computers to keep records, computers still remain astonishingly underutilized in medicine, their use suppressed by financial, sociological, and political issues—and the sheer complexity of the automation challenge.

With your medical records in paper form and scattered across the offices of various practitioners, the people treating you when you need those records most—when you’re lying on a gurney in the emergency room, say—may have no idea what to do. Sometimes they do the wrong thing: in the United States alone, an estimated 98 000 deaths occur annually from medical mistakes, and 1.5 million people suffer from adverse drug interactions, incorrect doses, and other medication errors. Many of these deaths and injuries could be avoided if the full medical records of patients were available to their treating physicians.

After a history of false starts, a comprehensive system of electronic health records linking hospitals, general practitioners, specialists, insurance offices, and others could debut in the United States within a decade. Other countries, including Australia, Canada, Denmark, Finland, Germany, and the United Kingdom, have also announced national programs to automate medical records [see table, "Major Players”]. Of these, Finland is likely to be first, with a planned launch by the end of next year. Meanwhile, the UK has been struggling to roll out its digital health record system for more than four years, with little to show for its efforts.

The U.S. endeavor is primarily a private-sector effort that has the support of and some funding from the federal government. It will replace paper-based files with a digital record containing your complete medical history, which your health care provider will be able to access almost instantaneously wherever you seek treatment. The National Health Information Network, as it’s called, will consist not of one centralized system but of a large number of independently managed regional networks, somewhat comparable to the Internet itself.

The potential advantages are enormous: having a cradle-to-grave view of a patient will allow doctors to focus on preventive care, rather than just treating diseases. For employers, insurance companies, and the government, electronic medical records promise to help reduce skyrocketing health care costs, which now come to US $1.9 trillion, or about 16 percent of gross domestic product.

In the long term, such a system would also make it easier to do epidemiological studies, to discover which treatments and medications work and which do not. And it would offer the means to conduct surveillance for pandemics and biological terrorist attacks. For all these reasons, President George W. Bush called for the creation of a nationwide system in his 2004 State of the Union address, setting an ambitious goal of creating electronic health records for most Americans by the year 2014.

To date, though, no country has ever built a fully operational electronic health record system, and the hurdles to doing so are huge. One recent study placed the projected cost for a U.S. system at $276 billion—more than three times what’s been spent on creating a missile defense system over the past 20 years.

The many technical, social, and political issues are also formidable. How will the hundreds of thousands of electronic medical record systems interconnect, and how will they exchange data? How will the privacy and security of hundreds of millions of personal files be maintained? Who will pay? And the biggest question of all: Will it work? Given the far-reaching impact such a system would have on the well-being of every citizen, it will be a profound failure if it does not. Unfortunately, signs already suggest that the U.S. effort will be more complicated, more expensive, and much lengthier than is now officially projected. To understand why, let’s look at recent history and some smaller-scale efforts to digitize medical records—the successes as well as the missteps.

Since the 1960s, universities, hospitals, health care providers, and medical software developers have tried to computerize patient medical records. Most of these efforts ended badly. Information technology was still too immature and the costs too prohibitive to make real progress.

Even today, there are few health care IT systems that work as efficiently and as effectively as intended. One happy exception is at the Mayo Clinic, in Rochester, Minn. Nearly a hundred years ago, the clinic was the birthplace of the paper-based medical record, which at the time revolutionized medicine. Back then, Henry Plummer, a partner at the clinic, recognized that having doctors record information in ledgers, organized by date rather than patient, made it almost impossible to appreciate a patient’s full medical history.

So he developed a “patient dossier” system, in which each doctor would enter all aspects of a patient’s visit in a single, comprehensive file that was forever linked to the patient through a unique registration number. The file was stored in a central repository, and if the patient returned, even years later, the file could be retrieved.

In 1993, the Rochester clinic embarked on fully automating Plummer’s ideas. The effort included a $16 million upgrade to its fiber-optic network and the installation of 16 000 client-server workstations, a central database, and software from GE Healthcare, as well as code written in-house. The clinic’s electronic medical record system became fully operational in 2004, giving Mayo one of the most comprehensive completely paperless medical record systems of any hospital in the United States. According to David Mohr, chair of the clinic’s information management and technology committee, the Rochester site now relies on the system to support its 1.5 million outpatient visits and 60 000 hospital admissions every year [see photos, "Mayo’s Way”].

Each new patient at Mayo is assigned an initial electronic medical record that is created using a unique registration number (just as in Plummer’s day). Once you arrive for treatment, your record is called up from the central database, and during and after the visit, your doctor enters notes and other information into that record. Test results are automatically added to your record, and prescriptions are automatically sent to the clinic’s pharmacy, which checks for drug interactions and allergies. The electronic record is also used to schedule additional visits, generate your bill, and handle other administrative tasks.

Mayo won’t say exactly how much it spent, but I estimate that the Rochester facility’s system cost around $80 million over 10 years. What does the clinic get in return? Cost savings of about $35 million to $40 million annually, primarily from the elimination of administrative overhead such as record-keeping staff, and other benefits including improved quality of care.

It has certainly not been an easy path, however. Just figuring out how to integrate the many types of information that could be included in a patient’s record—doctor’s notes, test results, billing data—not to mention the dozens of sources of information, was an enormous challenge. And it was vital to get everyone—all 17 000 clinicians at Rochester who would have to use the system—to give up their old routines and adopt new ways.

Mohr says the clinic looks forward to the eventual establishment of the National Health Information Network and to the day when its record system will be able to connect to other doctor’s offices and hospitals around the country. But to date it hasn’t tried to do so. In fact, it hasn’t even made the record systems at Mayo’s three facilities—in Rochester; Jacksonville, Fla.; and Scottsdale, Ariz.—interoperable, although doctors can view patient records at another location onscreen. Until standards for digitizing and interconnecting patient records have been set, Mohr says, it makes no sense to invest in software and hardware that may quickly become obsolete.

To be sure, Mayo’s system isn’t the only successful effort to automate health care records. The U.S. Department of Veterans Affairs has run a well-regarded medical record system since the mid-1990s. And perhaps the largest to date is the U.S. Department of Defense’s system, which by the end of this year will support 9.2 million active-duty and retired U.S. military personnel and their dependents around the world [see the sidebar, "A Vision of the Future?" which accompanies this article online].

If a nationwide system of interoperable medical records is to be realized, it will mean getting every hospital, every nursing home, every pharmacy, and every one of the hundreds of thousands of physicians who belong to solo or small group practices to participate. But only a quarter of the 5000 or so community hospitals in the United States even have an electronic medical record system in place, and hardly any of them are accessible outside their host institutions. (By comparison, Finland, Norway, and Sweden all claim that 90 percent or more of their hospitals have converted to digital records, but like systems everywhere else, they can’t communicate with each other.) In an era of under-equipped emergency rooms and nursing shortages, convincing a cash-strapped hospital to invest millions in computers, software, networks, and consultant fees can be a tough sell.

Small practices also face daunting odds. Consider the experiences of Richard Baron, an internal medicine specialist in Philadelphia. A strong believer in automating health care, he introduced an electronic medical record system into his four-­doctor practice, only to endure months of chaos and frustration.

The new system seemed straightforward: they purchased commercial software from GE, as well as tablet PCs and equipment for a wireless local area network. After the system was installed, though, it took nearly half a year for the staff to get up to speed.

Among other things, the doctors had to learn how to interact naturally with their patients even while they were entering data into their PCs; as they climbed the learning curve, it inevitably led to delays in seeing patients. As Baron explains it: “We were forced to change our work flows during implementation—even simple things like how we handled prescription refills or managed our time with patients, which was to us like redesigning an airplane in flight.”

Some patients were so unhappy, they left to find new doctors. “During the initial implementation, you feel like you are failing all the time,” Baron says. “It is hard work.”

For all their headaches, Baron and his partners paid dearly. The software came with an initial price tag of $80 000 plus a $20 000 annual licensing fee. The hardware cost $40 000; technical support still runs them about $24 000 a year.


These costs are fairly typical. According to a 2005 study in the journal Health Affairs, small practices pay on average around $44 000 per physician for their electronic medical record systems, with maintenance costs averaging $8500 per physician each year. Given that the average five-doctor practice in the United States makes a pretax profit of around $125 000, installing such a system can pose a significant financial burden. Little wonder, then, that only about a tenth of the 112 000 primary care physician offices in the United States have converted to electronic records.

Eventually, Baron and his partners did come to appreciate the new approach. They can now set up alerts to notify them when a given patient needs routine tests or exams. They also make ample use of e-mail to communicate with patients. But Baron admits he seriously underestimated how difficult and expensive the move away from paper would be. “There is not a good business case for [electronic medical record] systems for physician offices like mine,” he says. “The costs are real, but the benefits are less so.”

Doctors like Baron who choose to invest in an electronic medical record system face the real probability that they will be, for the foreseeable future, a lonely island of automation, possessing an electronic network that cannot communicate with any other. That’s a shame, because the main benefit of electronic medical records lies in making them universally accessible, as is envisioned for the nationwide systems being discussed in the United States and elsewhere.

At the moment, nobody can say exactly what the U.S. system will look like. But everyone agrees that as a first step, developers need an accepted set of data standards that will allow electronic records to be easily and securely exchanged among disparate systems—including systems like Mayo’s and Baron’s, which themselves are hybrids assembled from software and components supplied by different vendors.

“We’ve been talking about medical standards harmonization and cooperation for 20 years,” notes William Hammond, professor emeritus of community and family medicine at Duke University, in Durham, N.C. “Yet no one has defined all the standards needed to support a national health information network, and no one has identified what’s missing.” Since 1987, Hammond has been involved in developing one such set of standards, known as the Health Level 7 data interchange standards. Among other things, HL7 defines how data are captured and formatted so that medical devices and record systems can share that information.

Just agreeing on medical terminology is a big issue, according to Michael Rozen, vice chairman of the IEEE-USA Medical Technology Policy Committee. “When you say ‘gross profit,’ everyone in finance knows what that means,” Rozen says. “In medicine, there are 126 ways to say ‘high blood pressure.’ ”

The Healthcare Information Technology Standards Panel, which is setting technical standards for the U.S. nationwide record system, recently identified an initial set of 90 medical and technology standards, out of an original list of about 600. These standards specify such things as how physicians will electronically exchange lab reports, enter those reports into a patient’s electronic record, and request past lab results.

At press time, the panel was set to release specifications spelling out how each of the 90 standards will synchronize with the others to achieve an interoperable health care system. But standards-setting is almost always politically fraught, and so “synchronizing” the standards will undoubtedly involve intense negotiations and delicate compromises. If you consider that more than 190 organizations representing consumers, health care providers, government agencies, and standards development organizations are all participating in the panel, it’s easy to see why a consensus on medical standards has eluded developers so far.

Setting IT standards is, of course, just one piece of the puzzle. You also have to design software and databases so that they conform to those standards. And each piece of software has to be robust and secure enough that doctors and other health workers will actually use it, and patients will actually trust it.

The United Kingdom offers a vivid illustration of how complicated and costly this process can be. More than four years ago, the UK government announced an ambitious undertaking to create an electronic health record system for the country’s 60 million residents. The effort, called the National Programme for IT, includes an integrated record service and a nationally accessible data repository, facilities for electronically booking appointments and transmitting prescriptions, and an IT infrastructure to support all these installations.

The program quickly floundered. Initially, the government estimated it would take three years and $4.3 billion to implement. By early 2004, the program had ballooned into an $11.5 billion, 10-year endeavor. Since then, several parts of the program have slipped further, and total projected costs are now hovering around $23.5 billion.

Many UK physicians have struggled to use what has been developed so far. One hospital in Oxford reported patients’ digital records disappearing from its database. A recent study found that the security systems were so poorly constructed that medical staff routinely bypassed them when accessing National Health Service computer systems; the study documented 70 000 cases in a single month of people at one medical trust gaining inappropriate access. Some doctors have refused to enter any patient data into the system, for fear of making errors or compromising their patients’ privacy. In some surveys, support for the project among doctors has fallen by almost half over the past two years.

The ongoing problems spurred 23 leading UK computer scientists to write an open letter last April to Parliament’s Health Select Committee, recommending an independent assessment of the system’s technical viability. In their letter, they asked basic, straightforward questions, such as: “Does [the system] have a comprehensive, robust technical architecture? Project plan? Detailed design? Have these documents been reviewed by experts of a calibre appropriate to the scope of the [system]?”

The fact that such questions are being raised four years into the project is not reassuring. “We hope our concerns are unfounded,” says Martyn Thomas, a visiting professor in software engineering at Oxford University who sent the letter for the group. “But if [the project] does not succeed or is only partially successful because these issues haven’t been adequately addressed, it could cause untold future damage for the beneficial use of IT in health care.”

The United States’ National Health Information Network , or NHIN, will differ from the UK’s project in a number of ways. Rather than having a single, closed network with a central database overseen by one government agency, the U.S. system will be decentralized, operating more like a peer-to-peer network, with records distributed across the system. Think Napster on steroids. Just as the ingenious program created by Shawn Fanning in the late 1990s allowed music lovers the world over to quickly locate and download songs regardless of whose computer they might be on, so the NHIN will allow a doctor to quickly call up a patient’s digital records from whatever databases they may reside in—at a hospital, at the family doctor’s or dentist’s office, at a clinical lab, wherever.

But Napster users weren’t revealing much about themselves by allowing others to view their playlists. A universally accessible medical record system, on the other hand, raises all kinds of privacy concerns: Should your podiatrist be able to see your psychiatric file? If not, how do you ensure that various health care workers see only what they need to see? Who’s responsible for fixing mistakes in your record, and how can you even tell if a mistake has been made?

During a typical hospital stay, for example, it is estimated that an average of 150 people—including nurses, X-ray technicians, and billing clerks—have access to a patient’s medical records. In one incident, a star baseball player who’d been treated at a New York City hospital for a shoulder injury reportedly had his test results looked at by nearly 7000 people. The NHIN, with perhaps billions of records potentially accessible, will undoubtedly prove an irresistible target for hackers interested in probing the secret lives of celebrities and politicians.

Another concern is the myriad data brokers and pharmaceutical and insurance companies, who see the NHIN as the mother lode of consumer data. With access to this information, drug makers could figure out which drugs are being prescribed for which patients or even which patients have which diseases, and then target their advertising accordingly.

David Brailer, the government official who until May had been overseeing the U.S. electronic effort, has insisted that patients themselves will control access to their medical information. But will they? As it is, an ever growing number of employers and insurers are compelling individuals to disclose their personal health information, thus undermining any practical attempt at confidentiality. [For a more detailed discussion of privacy, see the sidebar, "The Privacy Challenges," which accompanies this article online.]

And how much will all this cost? The Center for Information Technology Leadership, in Wellesley, Mass., puts the 10-year cost of the NHIN at $276 billion, while the Rand Corp., in Santa Monica, Calif., estimates $115 billion. But both studies also claim that the system will generate huge savings: the CITL study estimates an annual return of at least $78 billion, while the Rand study puts the potential savings at $81 billion a year, through lower administrative costs, the avoidance of needless tests, and so on.

There’s good reason to believe that both studies lowball the costs and overvalue the savings. As the studies’ authors themselves point out, their findings are based on assumptions and extrapolations that are themselves based on expert opinion but little hard data. It’s the proverbial “turtles all the way down” problem, with overly optimistic assumptions stacked on top of yet more optimistic assumptions.

Steffie Woolhandler, an associate professor at Harvard Medical School, is skeptical of the models used to estimate the costs and benefits of the NHIN. Given that no one has ever built a national health record system before, she says, the studies’ findings should be seen at best as informed guesses.

Indeed, we’re likely to see large numbers of failures as the NHIN is rolled out at hospitals, doctors’ offices, nursing homes, and elsewhere. If historical trends hold, those failures could amount to tens of billions of dollars wasted. A sufficient number of failures could lead health care providers to reject the whole idea of the NHIN, as is a possibility for the UK’s system.

Given the enormous tasks that remain, it is difficult to see how the NHIN will be completed by 2014, just eight years from now. The 2007 federal budget allocates only $169 million for health IT—out of a total expenditure on health care of $675 billion. In other words, most of the financial burden for developing the national network rests on the private sector. But Baron, the Philadelphia physician, predicts that unless there is financial support for small practices to adopt automated medical records, the NHIN will remain a distant wish. In fact, under current conditions, one study projected that it will be 2024 at the earliest before small practices adopt electronic health records in sufficient numbers for a national network to be effective.

If the NHIN effort fails, the consequences will be far-reaching. In­formation technology does have huge potential for improving the quality of care, as the experiences at the Mayo Clinic, Baron’s office, and other places have shown. And so, before we go much farther down this path, we need a realistic assessment of the true costs and benefits, and of the significant social, technological, and financial risks facing us. Will such a reckoning occur? At the moment, Harvard’s Woolhandler says, “There is no political force behind any call for realism today, except the American people.”

About the Author

ROBERT N. CHARETTE is president of ITABHI Corp., a risk-management consultancy in Spotsylvania, Va. An IEEE member, he wrote about failures in large-scale IT projects in the September 2005 issue of IEEE Spectrum.

To Probe Further

The online version of this article includes coverage of the U.S. military’s digital record system and medical privacy concerns; /oct06/docdb.

Aspects of Electronic Health Record Systems, edited by Harold P. Lehmann et al. (2nd ed., Springer, 2006), covers the many technological, political, and social issues that must be addressed to make them a reality.

The September-October 2005 issue of the journal Health Affairs is devoted to the use of IT in health care, including the creation of a U.S. electronic health record system.

This article is for IEEE members only. Join IEEE to access our full archive.

Join the world’s largest professional organization devoted to engineering and applied sciences and get access to all of Spectrum’s articles, podcasts, and special reports. Learn more →

If you're already an IEEE member, please sign in to continue reading.

Membership includes:

  • Get unlimited access to IEEE Spectrum content
  • Follow your favorite topics to create a personalized feed of IEEE Spectrum content
  • Save Spectrum articles to read later
  • Network with other technology professionals
  • Establish a professional profile
  • Create a group to share and collaborate on projects
  • Discover IEEE events and activities
  • Join and participate in discussions