Since we're all so excited at the prospect of putting medical records online, can we talk, for a moment, about security? A techie friend of mine told me recently about a nefarious site that somehow manages to mimic whatever site you think you're going to -- a shadow jcrew.com, for example, or a shadow Orbitz, or Expedia, or Staples, anyplace where you might be about to provide your credit card information on that very secure order page. The evil-twin site has figured out how to draw you from the site you think you're going to, to an exact replica, without you having any idea that you've just entered an alien cyberplanet. When you pay for your new home office paper shredder, or the cunning flats with the satin bows, the money goes not to the retailer but to the villainous creators of the replica site. You've been had - and besides, you never get what you ordered.
I mention this because everyone swears that the medical records sites are going to be absolutely positively secure -- which in the world of the internet too often means only that reasonable people won't be able to get at the information. Unreasonable people? They could well have a heyday finding out that you're HIV positive, or that you recently received treatment for an STD, or that you have an eminently treatablet but possibly prejudicial cancer.
I disagree entirely with everything that opponents of gun-control have ever said or will ever say, but they do have that snappy little slogan; if guns are illegal, only criminals will have guns. Let's re-purpose that concept for our own end: If online medical records are secure, only hackers will have access to our medical records. They do seem to love a challenge, based on some of the pranks they've pulled. Breaking into medical records offers such opportunities for blackmail, on a puny, case-by-case basis, or for corporate espionage, if you want to think globally. Can you imagine a big health-insurance company hiring a squad of hackers to make sure that none of its applicants are lying about their medical past, and that none of their customers forgot to mention those headaches?
And that's just the privacy side of the question. We haven't even talked about the larger consequences of computerized medicine, in which patient data gets plugged into a statistical grid that determines what they've likely got, given their constellation of symptoms, and what the odds are that a particular treatment will help them out. This may sound reassuringly scientific to the literal-minded among us, but it reinforces our two-tiered system of patient care, in which the poor get short shrift and the rich get options because they can afford them. Say a treatment helps forty-nine and a half percent of the time. Computerized medicine can withhold it from a poor patient because hey, it doesn't help most people. The same system can provide it to someone who can afford the 39 percent copay with a cap on his fancy PPO policy.
While we're at it, who needs doctors? Let's not stop with computerizing medical records; why, we should be able to computerize medicine altogether. If Starbucks really closes 600 stores, the medical-technology complex could take over the drive-through outlets: People pull up, stick out their arms, get blood drawn and their blood pressure taken, type their symptoms onto a keypad, and by the time they get to the end of the driveway they have a diagnosis and, if necessary, a prescription. From databases to robotic surgeons, we can cleanse the system of uncertainty.
Which could be fun except for the one unavoidable truth that drives doctors crazy: The most obvious diagnosis is all too often not the correct diagnosis. In our continuing infatuation with technology, we sometimes skip over the question of what we should do, in thrall, as we are, to the thrill of what we can do. I'm not reassured by the notion of my symptoms being fed into a machine because I still remember, with admiration, the old-guard internist who told me he always liked to shake hands with a new patient, "because there's a lot you can learn from a person's hand." And I'm not ready to have my inner life -- literally -- logged into a computer, not until I'm sure that there are no strangers in the virtual exam room with me.
If you've read this far and are still skeptical, perhaps you missed the headline on CNN mid-week -- the one about hackers hitting the government, including 80,000 incursions into the Department of Defense, which probably thought it was just as secure as on-line medical records are undoubtedly going to be.