Association of American Medical Colleges Reporter, October 2008 Medical identity theft has raised concerns for the security of electronic health records. Dr. Christopher Mast, lead physician analyst for UTMB's EHR project, is quoted. UTMB officials have safeguards in place to protect patient information and privacy, Mast said. Anyone accessing a patient's file must log into the EHR system with a username and password, and the system keeps a record of each login. Also, access to patient records is granted based on the parameters of an employee's job.