For some reason when we consider Electronic Health Records (EHR) -- the collection of our medical history -- many assume that this must be a centralized repository of such information. After all, systems such as Johns Hopkins EPR or Google Health bring together a great deal of data, some of which users probably didn't know was saved anywhere.

Why can't our Electronic Health Records be decentralized? Is there a reason that we can't request our records from institutions that have them -- in real time?

There are two fundamental problems with Electronic Health Records, or EHRs. One is the handling of legacy data. While most health information, especially imaging studies, are in digital form, legacy information is often in the form of handwritten notes or hardcopy x-ray films. Over time many institutions are digitally scanning such information and providing it electronically. XML-based formats such as Medical Markup Language (MML) can facilitate the process of making that information available and usable.

The second problem is the privacy and security of personally identifiable health information. In the U.S., the aspect of privacy and security is addressed by the Health Insurance Portability and Accountability Act, or HIPAA as it is more commonly known. HIPAA is often said to prohibit transfer of patient information outside of a healthcare organization across the Internet. That transfer is actually acceptable, as long as the information is appropriately secured.

Given that approximately 150 people have access to a patient's records for a hospital stay the potential for physical theft of records is much higher in an institution with weak security than via the Internet with any form of security in place.

In addition to these concerns, the use of a central repository of health information exposes patients to additional risk: the existence of their personal information in more than one location, and the potential difficulty of determining which version of the information is accurate or most current where it does not match.

A distributed repository on the other hand -- perhaps using a publish/subscribe model or web services provided by the healthcare institutions -- would resolve these issues by locating the single copy of current and accurate information from the institution that has it when it is required.

A model has already been proposed for a distributed Electronic Patient Record [PDF] using a combination of Active XML (AXML) and GUPster. Active XML allows documents to contain some information and make peer-to-peer calls to web services to generate the missing data when it is required. GUPster provides access control for the distributed XML data.

Information provided for distributed systems can be anonymized so that only the patient can see their complete records, without requiring duplicate copies of the data, thus satisfying HIPAA privacy and security requirements. The patient is ensured that the information is the single accurate and current copy, directly from the provider institution, with newly digitized information accessible as soon as it become available.

A decentralized Electronic Health Record system provides the best opportunity to maintain up-to-date medical information using the existing provider infrastructure without having to build a parallel centralized secure storage system. And that provides the patient with the most timely and accurate information when and where they need it.

Larry Borsato has been a software developer, marketer, consultant, public speaker, and entrepreneur, among other things. For more of his unpredictable, yet often entertaining thoughts you can read his blog at larryborsato.com.