As the push for broader adoption of electronic health records (EHR) is underway, several issues have come up as deterrents to adoption. The Journal of the American Medical Informatics Association (JAMIA) published a study in its current issue that predicted less than half of small physician practices will adopt EHR by the government target date of 2014 at the current rate of adoption. Barriers cited in new studies, like training and privacy issues, are tied closely to larger concerns like the cost of implementation and setting standards. But the full promise of EHR will not be realized unless these issues are considered in the implementation.

An article in the Boston Globe referenced two studies that highlighted the training and privacy issues associated with EHR. A JAMIA study of physicians in Massachusetts, found "no difference in performance between EHR users and non-users" with respect to quality of care. The researchers attributed the results to underutilization of built-in safety features in EHR, such as test or appointment reminders. The researchers concluded that "Intensifying the use of key EHR features, such as clinical decision support, may be needed to realize quality improvement from EHRs." The burden for some of this failure has to fall on EHR vendors who must provide adequate training as well as technical support, especially to small practices. The long term success of adoption will depend on proven quality improvements and disappointing results like the one found in Massachusetts will only hurt adoption rates overall.

Another, more complicated issue is privacy laws around EHR. The Journal Management Science is publishing a study that found when a state has privacy laws in place, "it reduces the likelihood a hospital will adopt an electronic medical record system by 20 to 30 percent." The reason is that the cost of customization for each state makes the implementation more cost prohibitive. With some hospitals having to layoff medical staff and eliminate patient care services due to economic conditions, this added cost puts the implementation out of reach. The stimulus bill included privacy provisions, such as patient notification of health information disclosures, which strengthened existing HIPAA regulations but there are many open questions regarding standards. For instance, the bill states that covered entities should limit the disclosure of protected health information to a "limited data set (as defined in section 164.514(e)(2) of such title) or, if needed by such entity, to the minimum necessary to accomplish the intended purpose of such use, disclosure, or request, respectively." Unfortunately, the bill gave the HHS Secretary 18 months to provide the definition of the term "minimum necessary." In the meantime, clinicians and vendors have to deal with a confusing patchwork of existing regulation on the federal and state level. Until those regulations are set, customization requirements for each state is inevitable.