When you interview experts on health-care IT, they inevitably agree on its backward state. Health care now accounts for roughly one-sixth of GDP, yet its IT infrastructure is barely in the 20th century, much less the 21st. Although most hospitals now have electronic medical-record systems, many physicians still do not, and those that do have not necessarily succeeded in integrating their systems with those of other providers—or their own workflow. Physicians will often jot down notes to be entered into the computer later, rather than altering their patient interactions so that they can talk and type at the same time. This behavior not only extends the workday, but also limits how useful the tools are. Though these systems could theoretically harness computing power to enhance diagnosis and patient discussion, many doctors use them as a poor substitute for a pen and paper.

Kavita Patel, the director of the Health Policy Program at the New America Foundation and a veteran of the Obama administration’s health-care-reform efforts, says that physicians are cautiously watching what might be done with more-detailed records; they’re used to operating as autonomous professionals, not closely monitored employees. Patel has been a practicing physician, and she points out that some of the concerns that doctors have, such as how electronic records might be used in malpractice cases, are valid. Inadvertent data loss, poor tracking of changes to the records, data-entry errors, and privacy breaches all raise potential liability issues for physicians. Also understandable is their fear that standards will be set in a way that turns their white coats into straitjackets. Over the past decade or so, insurers have become more aggressive about holding physicians to standards of care, not always with great results.

Take a woman with chronic urinary-tract infections or recurrent sinus problems. Ten years ago, physicians might have prescribed a prophylactic dose of Cipro; thanks to a shift toward rules-based medicine and tighter cost controls at insurance companies, they now tend to ask patients to come in for tests and then try a cheaper antibiotic. But since these extraordinarily painful infections often hit on a night, a weekend, or a business trip, the result can be a patient who ends up in the emergency room after hours of unnecessary agony. This outcome is more expensive, and worse for the patient: a lose-lose proposition. More-advanced data mining might let us set more-complex standards that take into account things like emergency-room visits. On the other hand, if data mining is done badly, it might simply lead to more crude rules with more unintended side effects.

Patel thinks that on balance, the results of expanded data monitoring will be good. So does David Cutler, a Harvard health-care economist who advised the Obama campaign. He believes that building a data mine could greatly improve how we treat patients. At the moment, randomized controlled trials are the gold standard of medical research. You divide patients into two groups, give one your new treatment, and see how those patients fare compared with a control group that is getting an old treatment, or no treatment at all. These studies have great rigor, but also great limitations: they cover a small number of patients, for a limited time, and they test only what the researchers are looking for. So even though drugs are subjected to the Food and Drug Administration’s scrutiny, horrible side effects may only become obvious later, like the heart problems that forced Merck to pull Vioxx from the market. If a complication appears in only one out of every 10,000 patients or takes years to develop, even a comprehensive trial can easily miss it.