Enough passwords!
How the world changes. Just a few years ago the only password that mattered to me was the one for my ATM card. Now, in medicine, have so many new regulations concerning privacy that everything we do seems to require a new password or pass-code. And even though I can’t speak from experience, I’m sure medicine isn’t alone. Because America loves rules and policies, and apparently America loves passwords.
I’ll give you an example. When I go to work in the emergency room, where we have a new computer system, I enter a four digit ID number, and also a four-digit pass-code. Then, for the rest of the shift, anytime I want to use the computer to order tests or look up lab results, I have to re-enter those eight digits. But there’s more. Anytime I want to view a patient’s nurse’s notes or print that chart, I have to ‘log-on’ again with four of those digits. So I’m ‘logging-on’ twice to view the information I once accessed by picking up that antiquated device, the clip-board. Apparently every time the information is viewed, the event is recorded so that some unfortunate functionary can verify that it was ‘legitimate’.
Fair enough. I understand the need for privacy. No one wants the public to have access to the lab results detailing their sexually transmitted disease, that their drug screen showed cocaine, or that they’re suicidal because their spouse left them for a clown from Ringling Brothers. I respect that. But it doesn’t stop there.
When I want to see old charts from previous visits, I have to use another computer. But its password uses a different format. Not only so, it has to be periodically changed. Fine, I simply move between two different sets of passwords and one user ID. But then, when I want to look at X-rays, there’s a different computer, with a differently formatted password system. And it also requires a username and pass-code. It also needs to be updated periodically. Once, as I tried to update it, I entered the format incorrectly a few times and was locked out of the system. I had to use someone else’s code to see the x-rays I ordered, and on which I would base my care and treatment of patients! All for the sake of privacy.
So, the tally is two user ID’s, with a total of 11 characters and three pass-codes with a total of 18 characters. I also have a pass-code for my long-distance calling card and a pass-code for my cell-phone voice mail and home voice mail, in addition to the passwords and screen names for e-mail access. At the minimum, I’m keeping track of some 95 numbers and letters to function in my daily activities. I feel like I’m working on the Manhattan Project!
I think we’ve gone overboard in regards to privacy. Everyone from the Federal government to the JCAHO (Joint Commission for the Accreditation of Hospital Organizations), all the way down to local risk managers and attorneys are clamoring for privacy protection for everyone.
You’ll notice that at your doctor’s office, you have to sign the privacy policy every year. Even my child’s endocrinologist, who manages his diabetes, has a sign in the office that says (in effect), “We can no longer call instructions to your voice mail or answering machine.” Like someone at home is going to be surprised about the diabetes?
Much of our privacy obsession is probably obsession with our own importance. Furthermore, if someone is in our ER rifling through records, we’ll see them. We never leave. More to the point, I doubt if any lay-person will walk past the x-ray view-screen, look up and down, then call their spouse and say, “Loreen, you’ll never guess what I saw! Turns out your high school sweetheart Tommy has a three broken ribs, a somewhat enlarged heart and interstitial changes consistent with asbestosis! Let’s call everybody and tell ‘em!”
We live in a computer-based era, and much of our information is contained on screens and in files. We use our cell-phones constantly. We send information over the Internet. There are genuine concerns about the security of information.
But at a certain point, at least in medicine, the constant tap of keys on keyboards, the constant updates of numbers and letters is sure to distract us from our main function; the care of patients. And in the end, all of that secured information isn’t that interesting anyway. Trust me; I’ve seen it.
Hah! You are so correct with this, but I find it equally ironic that you still use a long-distance calling card.
Sigh. All so true. Our hospital acts like the stupid Xray reports are the freakin’ holy grail. And you’re right. They’re not interesting.
Ahhh, but you didn’t mention the fact that you have to change that pass-code every 3-4 months. Sigh.
The password is pervasive through all industry. Someone in some IT lab looked at it and said, “Well, we could passcode it and it would make it more secure.” It seemed like a good idea at the time, but they aren’t seeing the dozen or so other places you are having to supply a code. It seems like it’s an easy fix and doesn’t really cost anything, but I doubt anyone is counting the impact of millions of us typing out codes hundreds of time everyday. Yet, it is one of those “What are you going to do” issues. If you object to a passcode on a computer or a program you look like a fool because “It’s just a password, for chrissake! Get over it!” Personally, I pray that my care is never jepardized because some IT person was afraid that an unauthorized person would see my medical records. If anyone wants to know about my health history, pull up a stool. I’m sure I could bore you for an hour or two.
Great Blog, but can’t seem to figure out how to subscribe to your RSS feed, can you help? Thanks.
Kevin,
Some have had trouble with that. I think one of my editors was able to do it via a Google reader when she got a g-mail account. Does that help? If not, let me know and I’ll do more research on it.
Thanks for reading!
Edwin