Thursday, May 24, 2007

Guest Article on Health IT Privacy in Pulse +IT Issue 4 – May 2007

Visit the website for more information, many free articles, back articles and subscription information.

http://www.pulsemagazine.com.au/

----------

HEALTH INFORMATION PRIVACY: WHAT DO DOCTORS AND PATIENTS WANT AND NEED?

Dr David G More MB, PhD, FACHI

In the last few weeks we have had a number of reminders that management of the privacy of patient records remains a contentious and difficult area.

The first key reminder came in late February 2007 when Paul Feldman, co-chair of the American Health Information Community’s (AHIC) Confidentiality, Privacy and Security Workgroup, submitted his resignation to the interim National Coordinator for Health Information Technology at the Department of Health and Human Services (HHS).

AHIC (which has the same role as the Australian Health Information Council – also rather co-incidentally AHIC) is the peak health IT policy advisory board in the US and provides advice directly to the US Secretary for Health and Human Services (the equivalent of our Federal Health Minister).

In his resignation letter Feldman writes that the workgroup “has not made substantial progress toward the development of comprehensive privacy and security policies that must be at the core of a National Health Information Network (NHIN).”

Given this resignation comes after six meetings and many months of work, the degree of difficulty in reaching a consensus between parties is obvious.

The second reminder came with the April 2007 release of a survey conducted among UK GPs regarding the sharing of clinical records electronically with the UK NHS ‘Spine’ – which is a secure repository of shared electronic patient records which – under appropriate conditions – can be accessed to assist in patient management anywhere in the UK.

In summary the article in the UK Pulse magazine [not affiliated with Pulse+IT] survey found:

• About one-third of physicians said they will allow full sharing of their patient records;

• Four out of 10 physicians say they will opt out completely from the program and allow none of their records to be shared;

• 80% of physicians surveyed still think that sharing electronic health records can threaten patients’ confidentiality, despite a government marketing campaign to promote the IT program; and

• 67% of General Practitioners oppose the implied consent “opt out” model, which has formed the basis for the program to be rolled out.

If what is found in this survey is truly reflective of the views of practitioners, and I have no reason to assume it is not, then the implications for electronic sharing of health records by GPs is profound. What seems to be clear from these results is that a policy approach that makes practitioners feel secure and confident about the control of patient information, both for themselves and as agents for their patients, needs to be evolved.

A third reminder has come as recently as early May 2007 with multiple articles appearing in the E-Health Insider Primary Care - Issue No 116, 2 April 2007 reviewing the difficulties being faced by the UK Connecting for Health Program in getting acceptance for their ‘opt-out’ consent plans for electronic record sharing. More details can be found here:

www.ehiprimarycare.com

It seems to me there is one organisation and advocacy entity in the US that ‘gets it” and that is the Patient Privacy Rights Foundation which is a tiny non-profit entity led by Deborah Peel, an Austin, Texas-based psychiatrist.

As reported on the US Modern Medicine website, her views are as follows:

“Peel’s Patient Privacy Rights Foundation, meanwhile, has become a ubiquitous proponent for privacy controls in the growing debate over patient rights and healthcare data usage. On Tuesday, the Coalition for Patient Privacy, of which the foundation is a member and Peel serves as chairwoman, presented to a meeting of the HHS IT advisory panel, the American Health Information Community, an 11-point list of basic privacy principles. The principles also incorporate the definition of privacy developed by the National Committee on Vital and Health Statistics and presented to HHS Secretary Mike Leavitt last year that states: “Health information privacy is an individual’s right to control the acquisition, uses, or disclosures of his or her identifiable health data.” The principles include using technology to allow patients the right to opt-in or opt-out of electronic systems, giving patients control over access, providing for complete audit trails and allowing patients to segment sensitive information. In a letter to the AHIC over Peel’s name, she wrote, “Technology can create far stronger privacy protections and granular control over access to records than is possible in paper systems.” She called on AHIC to “facilitate the creation of an electronic health system that patients will trust by using ‘smart’ technology to build ironclad privacy protections into system designs up front.” The full article can be found here:

http://tinyurl.com/yuzodm

The core points she makes, and what I think is getting to be the minimum acceptable position, are the following:

1. To have acceptable health information privacy rights it is necessary that the individual control the acquisition, uses, or disclosures of his or her identifiable health data.

2. The principles that need to be implemented include using technology to allow patients the right to opt-in or opt-out of electronic systems, giving patients control over access, providing for complete audit trails, and allowing patients to segment sensitive information.

3. That with proper planning aforethought it is possible to design systems that meet these standards. It is not the lack of capacity to design privacy compliant systems it is the lack of will to do so that is the problem.

4. Clinicians need to keep uppermost in their minds that individuals provide information to them, trusting it will not be abused. If that trust is not honoured, no electronic record sharing system will succeed I believe.

With this said, it is also true that if you explain the purpose behind, and the benefit to be derived from, health information sharing, and make it clear only authorised or de-identified information sharing will occur, the vast majority of the population are comfortable and content. As long as they are asked for consent beforehand, and can opt-out if they choose, resistance melts away. This is especially the case among patients with chronic disease who receive treatment from a range of carers who need to be better co-ordinated than they are now by and large.

Also it needs to be said that the surreptitious sharing of patient information – even if de-identified – is a totally unsatisfactory practice and where it occurs it is to be condemned. The bottom line here is that people like to be asked, and if asked will usually agree. If not asked annoyance soon emerges – think un-invited telemarketing calls!

Public perception of the security of their information is also very important in this regard. The rising incidence of identity theft in the country is lessening the confidence of the public in technology to protect financial information and most people see their medical record as a more private document than their bank statement.

I also believe it is not good enough to take the position that paper and electronic records should be treated identically from a policy, technical and privacy perspective. The goal of record protection may be the same but the methods of implementation are clearly different. You have to try hard to disclose the information in multiple paper records due to their cumbersome nature and size. Not so with electronic records where we have seen tens of thousands of records disclosed with the loss of a single laptop or unencrypted DVD.

It seems to me there needs to be much more acceptance on the part of both system designers and clinicians that maintenance of health information privacy is an ‘elephant in the room’ that can truly derail the best technical approaches to information sharing. GPs, Specialists, Service Providers and Hospitals all need to keep this in mind as we move forward. Of course none of the above diminishes the need for awareness and action on the part of clinicians in their individual practices to also protect all internal records as well – be they paper or electronic. The hiccups with which I opened this article show what happens if you don’t. Once public trust is lost it will be very hard to regain. The bottom line of all this is that any e-health project that fails to get its approach to privacy right greatly increases its risk of failure - it is really that simple. What is needed is clear, so there is just no excuse!

Dr David More is an Independent Health Information Technology consultant and blogger who has been working in the e-Health domain for over twenty years. He is concerned at the lack of clinician and patient focus in much of what is happening in e-Health in Australia.

----------

David.

1 comment:

John Johnston said...

We do have a problem with health information privacy management and legislation and work practice are not enough to solve them in general practice and other primary health care delivery settings. The problems start in the GP practice. We have an MBS Schedule that is now rich with collaborative care items under the Enhanced Primary Care initiative. These items, that target disease prevention and management approaches, require information sharing between clinical staff in the practice and with external allied health and specialist participants. The majority of GP clinical desktop users in the field are using systems with no fundamental data structures that support selective access to the clinical record.

Sure, there are mechanisms that prevent practice clerical staff from viewing clinical data but that’s where it stops.

In some systems, any practice staff member with a data entry authorisation can see all of the clinical records so that long before we send additional clinical information with secure encrypted messages to another site, and another carer, patient privacy has had the potential to be breached. The fault is not with the GP, or practice staff, but rather with the perfectly understandable problem that GP clinical desktops were designed for GP use and not for collaborative care provision settings.

Its going to take a while for GP clinical desktop vendors to turn the ship around, but in the interim, there will be a plethora of breaches right there in the GP practice where clerical and other clinical staff are being given roles of data entry into these systems.

It is fine to have workplace agreements that commit staff to a code of practice, and that’s an important process, but the real question is when there is a privacy breach. Whether a worker is dismissed or not, hasn’t the ultimate damage been done to the patient; one which results in some altered perception by the person responsible for the breach and that person for ever afterwards, irrespective of whether the breach is discovered? There is a bit of work to be done.