Dr. Sam Heard published this last
week. You may want to read and opt-out!
It’s not My Health Record, it’s Yours
Published on November
4, 2018
I
am a general practitioner and a long standing proponent of electronic health
records but I am going to opt out of the Australian Government’s My Health
Record (MyHR). This will, for the first time in history, create health
records which are not under the custodianship of health professionals. This
will be done without the person’s consent. I consider this to be dangerous.
I
may opt in when I can see advantage for me, and that will be when it really is
MY Health record. I work in a context where many people use the shared record
and both they and we are grateful. But they understand what is going on and
have consented. It was a local thing. Now it is out of control. Literally, out
of your hands.
Whose Health Record?
Health
records have only been personal for a hundred years or so; before that they
were daily logs in hospital wards or outpatients. GPs have been keeping
reasonably comprehensive individual health records for many years with letters
to and from hospitals and specialists, pathology and radiology results, and
progress notes – which are the GPs’ reports of the interaction with that
person. General Practitioners, with your funding, have generated this resource.
Who sees the Value?
As
health care has got more complicated this comprehensive record has become more
valuable. In view of this, and the fact that patients move and change their
GPs, society has legislated that a person should be able to get a copy of their
record and give it to their new GP. If that record is electronic (which is
almost always the case these days) you would hope that they might be able to
receive it over the internet and incorporate it into the new doctor’s software.
It may seem unbelievable, but it usually comes on paper! Even when the same
software is used by the practices at each end! If not paper then it will be
“electronic paper” as a fax, a pdf or html. I received a ‘wodge’ of paper from
a nearby GP’s dot matrix printer when I first went into practice nearly 40
years ago. It wouldn’t fit into my folder as the size was not standardised.
Despite a lifetime of work to create a standard health record format, (known as openEHR) that could outlive systems and
software, I still get paper and faxes. Never a record we can incorporate into
our software.
Ownership or Access?
Ownership
of health records, particularly electronic health records, is ambiguous. The
simplest axiom is to accept that it is the property of the person who is the
subject of that record and the set of authors of that record. The subject of
the record (or their guardian) can give access to whoever they want. It
has not
to this point been the government’s health record in any
sense, but MyHR starts to blur that boundary.
In
fact, MyHR supposes that the government is a better curator of your health
record than your GP or some other provider who is attempting to meet your
health interests. In the absence of standardisation, there is always pressure
to centralise. Although this is attractive to bureaucrats it is fraught with
many problems, most of which we have not yet faced.
Is it Accurate or Complete?
There
is another change that has taken place: public concern about the accuracy of
digital records – health or otherwise. Giving people access to their digital health
records is a check and balance on the completeness and accuracy of these
records and is helpful if people have concerns (and know how to access them).
Patients in some parts of the world can look at their doctor’s records on line
– and show them to others. It is rare that they can add to them, but there is
increasing interest in co-production of health information between health
professionals and the person themselves. This will allow entry of measurements
such as blood sugar and blood pressure, logs of exercise and perhaps the fact
that they have stopped or not taken prescribed medication or have started a
treatment they did not get from a health professional. After all, only people
themselves can know what medications they are taking or have stopped.
Dangers of a Single National Database
Hacking
“If
it is on the internet, you probably need to see it as public at some time in
the future”, a speaker at a security conference said to me recently. The
ex-foreign Minister, Julie Bishop, said the same thing on Tomorrow Tonight on
the ABC last week. Wow, that goes against the grain. Why is MyHR a particular
risk?
The
larger and the more centralised a data repository, the higher the risk of
security breaches. The ransom to unlock a hacked national database is likely to
be many millions of dollars so it is very attractive. It is certainly true that
a very high level of security is possible for such a monster database but
governments will never have the resources that a company like Facebook has to
spend on security; and yet 50 million Facebook records were recently hacked.
That is twice as many as can possibly be in MyHR. There is an even more
important risk to security in health care. Health care is now the biggest
employer in most settings involving more than 1.5m
people. Your relatives and personal adversaries are likely to work in
health care or know someone who does. They are actually insiders –
administrative and clinical people who have access. By contrast to MyHR, a GP
practice has a very small database largely unknown to an outside agency and it
is relatively secure as risks are local and more likely to be known. But the
safest place for you to keep your entire health record may be with a special
agency who could do that for you safely. Or be enabled to hold it yourself with
an encrypted backup. Hospitals and GPs have been doing this by default. You
probably have some old films or reports around. But to have agencies like this
we need far more standard approaches than are available.
Making Corrections
Once
information is in the national database it will be inordinately more difficult
to remove and correct it than when it is only stored locally. We are not known
to the government. Inevitably, and many (hundreds? of) times a day, health
professionals will write in the wrong person’s record and save it to MyHR. This
may sound neglectful, but it is difficult to prevent completely. Once that
information is pushed up to the national health record it needs to be removed.
The real problem is, it is not in your health record, and someone who doesn’t
look at their health record might have it in theirs for years, or forever.
Health
records can get all sorts of stuff in them. Junk, errors, value laden
non-sense. A GP I worked with when I was younger described a person as a
“psychopath” in the health summary of the then paper record. This label may
have been accurate at some point but was clearly not when I asked her about it
years later. Another had “IQ 57” in her problem list. Computers bring further
problems with accuracy. A patient in a practice where I work was administered
“paracetamol” (an analgesic or pain killer) and then, due to lack of care, the
nurse classified the encounter and chose “analgesic nephropathy” from the list
of codes from a list presented after typing “analge”. Problematic entries like
these make it more difficult for people to navigate the health system without
prejudice or inappropriate treatment. These problems are very easy to correct
locally where the client and clinician are known but very difficult and time
consuming when it is anonymous.
Curating your Health Record
Currently,
if you want a mortgage you will usually have to agree to the lender getting
information from your GP. Some GPs fall for the lender’s request to forward the
entire record; something they do not have the right to do without your explicit
consent. I have not had one patient agree, when consulted, to send the entire
record to the insurance company. A considered report of key information is what
is required. It takes time and responsibility. But the situation may be
considerably worse if you have a MyHR. You can understand in the light of this
why the government has said earlier this year that it is inevitable that
insurance companies will get access to MyHR in the future, as people want to
get mortgages. Personal access control will not stop insurance companies
legitimately requesting access before providing a loan. GPs currently vet the
request and the health record, withholding sensitive and potentially
confidential information that bears no relation to health risk in the future
while providing information that allows assessment of risk pertinent to the
insurer’s decision. This will include data such as cancer diagnoses, blood
pressures, weights, smoking status, waist circumference and other measures that
are associated with shorter life expectancy. In the case of MyHR, who will
consider the interests of the patient?
Who Benefits from a Centralised Health Record?
There
is really no evidence to date that a national health record repository will
make any major difference to care and outcomes although it has been
particularly important in Aboriginal health in the Northern Territory. Having
access to accurate information about people as they move about the health
system is likely to be beneficial, particularly if you are mobile. But it has
to be trusted and complete in relevant aspects to be useful. While many people
who are mobile or have major illness will benefit from the sharing of health
information, it is unlikely to make a major difference to standards of care as
this information is already sought in most instances, or available in
correspondence. Very up-to-date prescribing will probably have some utility at
this scale.
So
how can it be argued that consent is not required? I am very happy for people
to ‘opt in’ once they believe that they will benefit and I am sure there are
many people who will. The risk of privacy breaches, of inaccurate or incorrect
information being recorded and the lack of curation will be balanced for some.
They and their health providers will have access to information at the point of
care around the country. The costs and risks demand our consent; it must
not be assumed.
Further,
government agencies will undoubtedly have access for what are deemed to be
‘honorable purposes’ by governments of the day. Again, I think we should
have to consent to specific secondary purposes, understand the need for
completeness of information, and the potential benefits to us or others from
the involvement in some way. This is unlikely to occur on a repository of this
scale.
Is
making participation in the national health record repository involuntary the
best solution? The shift to “Opt out” means you get one if you take no action.
That is not respecting a person as a citizen.
Why would I want to Opt Out?
Being involved as Citizens and not Consumers
We
are now consumers and we consume healthcare at an alarming rate. Never mind the
over-treatment, the over-diagnosis – the more we get the better. That works
politically up to a point…happy consumers. But there are consequences to this
consumption apart from the waste. If we have been prescribed antidepressants
for a normal reaction to the loss of a loved one, or had an ECG for chest pain
that shows some ambiguous changes, or have a high blood pressure reading
because we are frightened and full of adrenaline, the content of our record
damns us in the future. It does so unnecessarily, as we actually have no health
problem, but in a way we cannot control. Consider the possible
consequences. Higher insurance premiums perhaps, more unnecessary tests because
the next doctor is anxious or a persistent shadow of mental illness or suicide
risk and difficulty getting travel insurance? The problem with our health
information is that it is a threat to our autonomy. If people have certain
information about us they can legitimately act on that basis, and defend it legally.
To be citizens and partake in society as autonomous individuals we must guard
our health information closely.
What Happens with Dr. Shonky, Stays with Dr Shonky.
When
an incorrect record is created in a shonky ’emergency clinic’ stating that we
had ‘pneumonia
requiring a major course of potent antibiotics for 14 days because it did not
respond to the first course‘ rather than a more likely diagnosis in
a fit person of ‘a viral lower respiratory infection‘ it stays in
that small emergency department. No one else knows. The more mobile you
are, the more you see different practitioners, the more you find free and
easily available services, the more your MyHR will be promoted as ‘valuable’
and the more full of noise it will become. There is little or no value in this
information, especially when compared to a comprehensive letter from a
specialist general practitioner or physician, whom you know well, providing
information relevant to the problem you want solved to another practitioner you
are going to see.
Less
educated people will be dealt the worst hand here and stories will slowly get
to the press – wrong diagnoses, wrong treatment and occasional major harm.
The Special Case of Children
I
am particularly concerned about children. Parents have persuaded government
that they have the right to access to their children’s MyHR. This sounds
reasonable. However, it is very rarely that children will benefit from having a
shared record as they are usually robust. I do accept that there are complex
paediatric situations where parents are likely to opt in and they and their
child will benefit.
However,
in the new nightmare, children will ALL have a record. Now, in this dystopian
future, consider the plight of the adolescent who is seeking contraception to
prevent pregnancy. After the age of 14, adolescents will be able to turn off
parental access to their health record. But will they even be aware of the
existence of this thing? Will Dr Shonky understand the implications of adding
certain information to MyHR? Most troubling is that the adolescent will
not be able to turn off access without parents being aware of this. How many
Adverse Childhood Events are going to arise because of the MyHR? The world is
not the middle class playing field that people working for government in
Canberra experience. What are the future consequences for children with hostile
or neglectful parents who seek care? I have heard that school visits have been
ceased by one practice because of parental access to records.
Is there a Utopian Future?
I
would like to offer some examples of health records that I think could meet our
needs, and by using the word ‘our’, I mean citizens and clinicians.
For
the young, IT savvy person who is most concerned about privacy, I would propose
an individual health record on their phone and backed up onto the cloud
maintained by a regulated cooperative agency. The health record would be
composed of transactions with different health providers, potentially in
different countries and even in different languages. This does require
standardised export from health professionals and hospital systems and a
means of access to a person’s health record but it is quite possible. There are
technologies now available that can be used to validate such records, enabling
the person to have a fully validated health record despite no one else having a
copy of it.
The
next level of control for citizens is where the health record is held by a
number of providers in a range of settings. Some information is likely to be
aggregated in one place by their provider of choice, but this service would be
paid for and the person able to move some or all of the record to another
provider. This model would involve EhrBanks, trusted aggregators and qualified
custodians of health information. These companies would hold some of the
information and links to other records on other systems. The links can access
and be able to pull down all the source records if required.
The
EhrBank companies would ideally be non-profit and allow individuals to consent
to ‘secondary’ use of their health information for specific purposes. A
representative group of clients could agree to use of data for research or
other proven benefits.
In
this future, I would see a national health record, but only for people moving
long distances and not having providers that were grouped geographically or
organisationally. You might just have your allergies there and your
prescriptions if that was of benefit.
Summary
This change to MyHR has
led to more than one million people choosing to ‘opt out’. I am concerned for
the people who have not had the chance to grapple with the consequences. I
believe that Australians should opt out of MyHR if:
1)
they believe that unknown people having access to their health information is
more of a concern than health professionals not having access to it
2)
their health record holds information that could damage them in the future
2)
they are under 18 (involving parents opting out their children at birth)
For
those who want to opt out, it might be time to consider an open platform that
allows a range of solutions to meet people’s needs, while ensuring control.
There are some budding examples.
Here is the link:
Frankly I have little to add. Sam's emphasis on real consent and the utility of shared records when properly done in the Aboriginal community are more than worth noting.
Read carefully and make up your
mind.
David.
2 comments:
A really well put together case. Thanks for posting David. It is this kind of broad holistic thinking that is missing from the ADHA and through that only now seems to reside in isolated pockets, mostly hidden from general public view. This episode in the EHealth journey has not been one of it brightest. Hopefully we can soon move from the dark into the renaissance.
I agree and well said! Like Sam I have spent much of my life advocating for the beneficial sharing of health information and working on what is needed to achieve that - sometimes with him. Like Sam, and for similar reasons, I have opted out. I imagine the current poll on this blog will show that other people with deep knowledge of the domain, as Sam has, will have arrived at the same conclusion.
Post a Comment