73% of physicians share EMR passwords

Maintaining a high level of security in electronic medical records (EMRs) requires physicians have unique user IDs and passwords, but, according to a study published in Health Informatics Research, 73.6 percent of physicians have received the password of another staff member.

Security measures are meant to protect the information within EMRs. One of the most common ways to protect data is to unlock EMRs with a specific password for each user. This study evaluated password sharing among physicians to identify how often and why they are being shared.

Researchers provided a four-question Google Forms-based survey to 299 participants including physicians, residents and nurses. Questions asked participants if they had obtained a password belonging to another member of staff, how many times password sharing had occurred and why.

Results showed that 73.6 percent of participants had obtained a password belonging to another medical staff member. Password sharing occurred an average of 4.74 times. Additionally, all residents in the survey reported having obtained another members password while only 57.5 percent of nurses reported the same.

"The use of unique user IDs and passwords to defend the privacy of medical data is a common requirement in medical organizations,” concluded first author Ayal Hassidim, MD and colleagues. “Unfortunately, the use of passwords is doomed because medical staff members share their passwords with one another. Strict regulations requiring each staff member to have a unique user ID might lead to password sharing and to a decrease in data safety.”