We have commented many times before that the whole idea of a USB-based (thumbdrive) PHR is simply a dumb idea. Crazy thing is though is that we see these things pop-up every now and then, (here, here and here) including an occasional sighting at a local pharmacy or even grocery store. Can’t figure out why these things keep showing up as no one who is even remotely knowledgeable of IT systems and the inherent risks of USB drives would ever allow some stranger to stick a USB into one of their computers and subsequently their network.
For example, at a conference we recently attended we spoke to a leading healthcare CIO who told us they have gone so far as to plug all the USB slots in computers in ER to prevent someone from inadvertently inserting a consumer’s USB.
But if you don’t believe us, maybe you’ll believe Joel Brenner, Mission Manager for Counterintelligence for the Director of National Intelligence, who characterized USBs as:
…the electronic equivalent of unprotected sex and the biggest source of ETDs (electronically transmitted diseases).
Now that’s reason enough to avoid these USB-based PHRs. Hopefully, those in the business of providing these PHRs will move on and provide something that truly would be a service to their customers.
[…] some stranger to stick a USB into one of their computers and subsequently their network.” Article John Moore, Chilmark Research, 3 March […]
[…] by GruntDoc on March 3rd, 2009 USB-based PHRs are Dumb Idea « Chilmark Research We have commented many times before that the whole idea of a USB-based (thumbdrive) PHR is simply a […]
[…] USB-based PHRs are Dumb Idea « Chilmark Research – […]
[…] talked before about USB- based Electronic Health Records (EHR), but it looks like they may be out the window. Some medical facilities have even blocked their computers’ USB ports, in an effort to […]
[…] Story picked up from Chilmark Research Possibly related posts: (automatically generated)Congratulations – you have translated into reality what I have been dream…Portable USB ShreaderAdded bcrypt PageReport on Meet the Candidates – August 7 […]
I know it’s an old post.
I agree that thumbdrives can be dangerous if they contain malicious content. But caring for patients with infections diseases is also dangerous unless appropriate precautions are taken.
Refusing to look at patient provided information because it might be dangerous is no more appropriate than refusing to care for patients that might be dangerous. Rather than plugging every USB port in the ER, better to provide appropriate precautions (policies, procedures, sandboxing software, even standalone off network computers) for reading the info on these thumb drive.
By the way, imaging centers typically provide CD’s with x-ray images to patients to take to the doctor in lieu of film. These CD’s typically have auto executing viewing software. Talk about an opportunity for malicious content.