Kertas, Kabel, dan Kata Sandi: Kenapa Rekam Medis Kita Masih Tidur di Lemari Besi?

🔀 Read in English 🇬🇧

Selamat Datang di Hajriah Fajar: Hidup Sehat & Cerdas di Era Digital

Kertas Masih Diandalkan, Kabel Sudah Berkarat

Ada rumah sakit yang katanya “terakreditasi paripurna”, tapi tempat simpan rekam medisnya masih lemari besi berkarat di pojokan ruang administrasi. Map warna coklat kusam bertumpuk kayak tumpukan utang, lengkap dengan tulisan tangan pakai pulpen biru yang sudah luntur kena hujan bocor dari eternit. Di luar, mereka punya IG resmi. Di dalam, password WiFi ditulis di kertas HVS yang ditempel di belakang kulkas ruang dokter jaga.

Lucunya, semua orang tahu password-nya, tapi nggak ada yang berani ganti. Katanya, “Takut nanti sistem error.” Loh, emangnya sistemnya jalan pakai firasat?

Ketika SOP Cuma Dibaca Saat Audit

Kalau audit dari Dinas Kesehatan datang, barulah SOP keamanan data dibuka dari laci, ditiupin debu, terus dipajang di meja kayak kitab suci. Tapi setelah itu? Balik lagi ke kebiasaan lama. Dokumen pasien masih difotoin pakai HP pribadi. Dokter kirim hasil lab lewat WhatsApp, kadang ke nomor yang salah. Pernah ada pasien yang dikirimin foto ginjal orang lain. “Maaf, salah kirim,” katanya, seperti lagi tukar foto kucing lucu.

Digital? Iya. Tapi Manual.

Beberapa rumah sakit memang udah punya sistem informasi. Tapi anehnya, sistem itu cuma bisa diakses dari satu komputer yang dikeramatkan di ruang kepala instalasi. Kalau mau input data, harus izin dulu. Kadang petugasnya lagi makan. Kadang sedang ke mushola. Kadang sistemnya ngadat. Akhirnya? Ya tulis manual dulu, nanti “dientri belakangan”—alias nggak pernah disentuh lagi.

Ini tuh bukan cuma masalah teknis, tapi juga tentang rasa percaya. Percaya bahwa sistem digital bisa diandalkan, dan manusia yang mengoperasikannya juga ngerti cara kerja dasarnya.

Tim IT-nya Cuma Dua Orang, dan Satu Lagi Lagi Cuti

Sementara itu, tim IT rumah sakit isinya dua orang. Satunya ahli jaringan, satunya jago ngoding. Tapi dua-duanya sekarang pegang semua: server, email, printer ngadat, bahkan setting ringtone direktur. Kalau server down jam 3 pagi, mereka juga yang dikejar. Kalau data bocor, mereka juga yang disalahkan. Kalau karyawan lain klik link aneh dari email “Rektor Malaysia”, mereka juga yang harus ngejelasin kenapa sistem bisa jebol.

Padahal, mereka udah bilang berkali-kali: “Jangan klik email aneh.” Tapi ya, siapa sih yang tahan nggak buka email berjudul: “Data Gaji Anda 2025 – CONFIDENTIAL (cek segera!)”?

Pasien Jadi Korban, Tapi Juga Kadang Pelaku

Lucu tapi nyata, ada pasien yang minta hasil lab dikirim ke WA, tapi kemudian marah ketika tahu datanya tersebar. “Kok bisa sih bocor?” Padahal HP-nya sendiri penuh aplikasi pinjaman online dan dia klik semua notifikasi tanpa mikir. Ada juga yang ngasih password akun BPJS ke anaknya biar bisa “cek-cek sendiri”, lalu bingung ketika anaknya iseng ganti foto profil jadi karakter anime.

Ini bukan soal menyalahkan pasien, tapi soal literasi digital yang belum merata. Kita mengira semua orang paham, padahal yang mereka tahu soal keamanan cuma: “Kalau HP lukman terkunci, itu berarti aman.”

Regulasi Ada, Tapi Kadang Seperti Tebakan

Di atas kertas, semua rumah sakit harus tunduk pada regulasi perlindungan data pribadi dan aturan dari Kemenkes. Tapi kenyataan di lapangan seringnya seperti tebak-tebakan. Apa boleh kirim hasil lab lewat WA? Jawabannya: “Tergantung… siapa yang tanya.” Sistem PSEF ada, tapi implementasinya sering kayak main puzzle. Ada potongan-potongan aturan, tapi nggak semuanya cocok.

Kalau Bukan Budaya, Maka Apalagi?

Kita sering mikir masalah ini teknis. Harus beli server. Harus pakai cloud. Harus enkripsi. Tapi kadang yang paling dibutuhin itu bukan alat, tapi budaya. Budaya untuk nggak pakai nama anak atau tanggal nikah sebagai password. Budaya untuk baca dulu sebelum klik. Budaya untuk nanya ke tim IT sebelum install aplikasi “Rekam Medis 2025 v1 Final Beneran”.

Tips Absurd Tapi Penting Buat Semua Orang

1. Jangan pakai nama mantan sebagai password. Risiko kebocoran emosional tinggi.
2. Kalau terima file hasil lab dari WA dan filenya .exe — kabur.
3. SOP itu bukan wallpaper. Baca. Pahami. Praktekkan.
4. Password “admin123” bukan password. Itu doa agar server cepat jebol.
5. Tim IT itu bukan pesulap. Jangan minta mereka restore data dari tahun 2013 kalau server-nya baru beli 2020.

Apa yang Bisa Kita Lakukan? Bukan Superhero, Tapi Konsisten

Nggak perlu langsung revolusi digital. Cukup mulai dari hal kecil yang bisa dijaga konsisten. Edukasi staf. Hargai kerja tim IT. Update sistem berkala. Evaluasi SOP dengan logika, bukan cuma formalitas. Dan yang paling penting: jangan anggap sepele data pasien. Itu bukan cuma angka dan huruf. Itu hidup orang.

Karena kadang, yang bikin bocor bukan hacker dari Rusia. Tapi printer yang ditinggal hidup semalaman dan semua hasil lab keluar ke meja cleaning service.

Sebelum Kita Tutup Map, Mari Kita Buka Mata

Mungkin selama ini kita terlalu fokus ke teknologi, sampai lupa kalau teknologi itu cuma alat. Yang bikin dia berguna atau bahaya, ya manusianya. Jadi sebelum kita ganti sistem, mari kita ganti cara pikir. Sebelum kita tutup map rekam medis, mari kita buka mata soal bagaimana kita memperlakukan data pasien.

Dan kalau ada yang masih simpan password di post-it warna pink di belakang ID card — mungkin udah saatnya libur dulu, minum teh, dan mikir ulang soal keamanan digital.

Welcome to Hajriah Fajar: Living Smart & Healthy in the Digital Age

Papers Still Reign, Cables Already Rusted

There’s this hospital—proudly accredited, mind you—where medical records are still sleeping in dusty metal filing cabinets. Brown folders stacked like decades-old regrets, scribbled with fading blue ink, smudged from the occasional ceiling leak. Outside, they have an official Instagram. Inside, the WiFi password is scribbled on a piece of printer paper taped behind the staff room fridge.

Funny thing is, everyone knows the password, but no one dares to change it. “What if the system crashes?” they say. As if the system runs on telepathy.

SOPs: Read Only During Audits

When the Health Office team shows up, the hospital dusts off the data protection SOP and puts it front and center—like sacred scripture. But once the audit’s over? Back to usual habits. Patient documents get photographed with personal phones. Lab results are sent via WhatsApp—sometimes to the wrong number. One patient even received someone else’s kidney ultrasound. “Oops, wrong file,” they said, like it was a meme.

Digital? Sure. But Still Manual.

Some hospitals do have information systems. But oddly, they’re only accessible from one “holy” computer in the head office. To enter data, you need to ask permission. Sometimes the officer is eating. Sometimes praying. Sometimes the system is just moody. So they jot it down manually and promise to “enter it later”—aka never.

This isn’t just about tech. It’s about trust. Trusting that digital systems can be reliable—and that the people using them understand the basics.

The IT Team Is Just Two People, and One’s on Leave

Meanwhile, the hospital’s IT team consists of two souls. One’s a network guy, the other’s a coder. But both now do everything: server maintenance, printer hiccups, director’s ringtone changes. If the server dies at 3 AM, they’re called. If data leaks, they’re blamed. If a random employee clicks a shady email from “Rector Malaysia,” they’re the ones expected to explain how the firewall cracked.

And they’ve warned everyone: “Don’t click strange emails.” But come on, who can resist opening something titled: “Your 2025 Salary Data – CONFIDENTIAL (Check Now!)”?

Patients: Sometimes Victims, Sometimes Culprits

Strangely enough, some patients request their lab results via WhatsApp, then get furious when their data “somehow” leaks. “How could this happen?” they ask—while their phone is loaded with sketchy loan apps and they click every notification like it’s a carnival. One even shared their BPJS password with their teenage kid to “check on stuff,” only to find their profile pic changed to an anime character.

Not blaming the patients here—it’s about the gap in digital literacy. We assume people know better, but some think digital safety means “locking your phone with Lukman's face.”

Regulations Exist. But Often Feel Like Guesswork

On paper, hospitals must comply with data protection laws and Health Ministry rules. But on the ground? It’s like a quiz show. Can you send lab results via WhatsApp? Answer: “Depends… who’s asking.” The PSEF framework exists, but applying it feels like solving a jigsaw puzzle blindfolded. Bits and pieces everywhere—but good luck making them fit.

If It’s Not About Culture, Then What?

We often think it’s a tech issue. Get a better server. Move to the cloud. Encrypt everything. But sometimes what we need most isn’t more tools—it’s a mindset shift. A culture where you don’t use your pet’s name as a password. A culture where you pause before clicking. Where you check with IT before installing “HealthRecord2025_FINAL_final_USETHIS.exe”.

Absurd Yet Useful Tips for Everyone

1. Don’t use your ex’s name as your password. Emotional leakage is real.
2. If your lab result comes in a .exe file — run. Literally.
3. SOPs aren’t wallpaper. Read them. Understand them. Actually use them.
4. “admin123” isn’t a password. It’s a wish for chaos.
5. Your IT team isn’t made of magic. Don’t ask them to recover files from 2013 when the server was bought in 2020.

What Can We Do? No Capes Needed, Just Consistency

You don’t need to launch a digital revolution. Just start with small things—and stick with them. Train staff. Respect your IT folks. Update systems regularly. Review SOPs using common sense, not just ceremony. And most importantly: stop treating patient data like random numbers. It’s not digits. It’s someone’s life.

Because sometimes the leak isn’t from some Russian hacker. It’s from a forgotten printer that spits out a stack of results overnight—straight to the janitor’s desk.

Before Closing the File, Open Your Eyes

Maybe we’ve been too fixated on tech, forgetting that it’s just a tool. What makes it safe or dangerous isn’t the code—it’s the people. So before you upgrade your system, maybe upgrade your mindset. Before you lock away medical records, open your eyes to how we treat data in the first place.

And if you’re still keeping your password on a pink post-it stuck behind your ID card—maybe it’s time to take a break, sip some tea, and rethink your digital life.