The following long and interesting comment appeared a day or so ago.
This comment is in response to an article I published here:
The comment suggests a critical missing aspect of the NEHTA PCEHR ConOps. The comment is responding to my ideas on what is needed to have Health IT projects actually succeed.
I agree we have a governance problem. And since the pcEHR is the big play in the space (whether it succeeds or fails, it seems likely there won't be anything else national for a long time), it's something we need to take seriously.
It seems to me that the ConOps doesn't quite come to terms with the central problem we face trying to build a national EHR: we need to build distributed trust.
I say this because the national EHR is a grand play to reduce the amount of money - and more importantly, the time of doctors and nurses - to provide the level of care that we are used to. It will do this by reducing the amount of time that these people need to gather information - on the basis that collecting the information is what takes time. But we can only do that if the information that is in the system is trusted by the users (all of them). So the central problem with a really scaled EHR is building that trust.
The ConOps doesn't grasp this issue. This is what is says specifically about trust:
"trust is critical for the success of the rollout and uptake of a PCEHR system"
Great. That's exactly what we need out of the EHR. But what kind of trust does the ConOps talk about?
"Trust is one of the many critical success factors for the PCEHR system, therefore it is essential to ensure that:
• people seeking access to information are whom they claim to be;
• information received from a claimed person is from that person;
• information transmitted across networks is appropriately encrypted andhas arrived at its destination point without being tampered with; and
• access to information is appropriately authorised.
A high level of data quality is another essential ingredient in trust around the PCEHR system. High levels of data quality are required to assist providers and individuals in making safe healthcare decisions."
I agree with all that. And there's real challenges there.
But these technical issues are not the core issue - which is how we get people to trust each other. Because right now, trust is not a scalable asset we can rely on. Patients, Doctors, and Nurses trust each other as individuals - to a degree - but that that trust doesn't scale. These groups don't trust themselves as a group, let alone the other parties.
As long as all the parties insist on being gatekeepers for the pcEHR - so that information can only become part of the EHR if both the source agrees, and the patient agrees, and either can subsequently revoke their permission - this is not a trust based system.
When the ConOps talks about "high quality" - what does it mean? The discussion that follows it is very focused on the quality of the data, not the quality of the participations. There is a shout out at the end of the section to clinical governance, but still, this is about data quality, not about really establishing distributed trust.
The ACHI comments on the pcEHR say that eHealth change is really changing healthcare with a "e", and that's the real thing the ConOps doesn't grasp: that in order to build a system that can leverage trust, we need to build the trust, not only in the system, but also between the participants.
But perhaps this is what the pcEHR is about - it's called "patient controlled", because there's no other way for it to even exist as things are; perhaps it's all we can hope for - better than nothing. And there's certainly an argument that if this is all we can have, then let's have it, and hope that it grows into something useful in the longer term.
It certainly seems that we aren't yet ready for the hard discussions that need to occur in our society in order for us to build distributed trust - and these aren't technical, they're social. So I think that we'll have to watch other countries forge ahead and build working systems that they can leverage, while we squabble about the peripheral issues and whine that we can't have both our trust and our freedom at once.
----- End Extract.
I have to say there is not a single point here I disagree with and I also believe that the challenge of actually achieving the necessary levels of trust will be very, very difficult. I do recognise that there are examples of working professional trust networks (including clinicians) but that trust networks between strangers is a real challenge with only a few examples of success (maybe like eBay)
It seems to me that in the 21st Century in Australia cynicism, fear (of the future with concerns on a renewed CFG, new taxes, a collapsing environment, ineffective Government and so on) and scepticism are at levels as high as I have experienced in my short 60 years. Establishing trust in a situation where we are told of new cyber-threats and see apparent policy paralysis in everything from what to do about the Murray-Darling Basin to Gay Marriage is going to border on the impossible.
I know many are confident that we will just ‘muddle through’ but I have to say that just recently my faith in muddling has become pretty stretched.
In the situation where bi-partisan action seems to be almost impossible I really wonder where the consensus to undertake major initiatives in areas like e-health will come from?
This said the writer is right. Building trust is a major part of what is needed. It is the how we can do that I am not sure about!