Here is the first:
The My Health Record System: Potential to Undermine the Paradigm of Patient Confidentiality?
Authors
Gabrielle Wolf and Danuta Mendelson
Australia’s national electronic health records system – known as the ‘My Health Record (‘MHR’) system’ – may threaten to undermine the traditional paradigm of patient confidentiality within the therapeutic relationship. Historically, patients have felt comfortable imparting sensitive information to their health practitioners on the understanding that such disclosures are necessary and will be relied on principally for the purpose of treating them. The MHR system potentially facilitates access to patients’ health information by individuals and entities beyond the practitioners who are directly providing them with healthcare and, in some circumstances, without the patients’ consent. It may also enable patients’ health practitioners and their employees to read records that those practitioners did not create or receive in the course of treating the patients and that are irrelevant to their treatment of them. The MHR system could have harmful consequences for individual and public health if patients become unwilling to disclose information to their healthcare providers because they fear it will not remain confidential. In addition to examining the risks of breaches of patient confidentiality in the MHR system, this article considers how the potential benefits of an electronic health records system might be achieved while maintaining patient confidentiality to a significant extent.
Here is the link:
The paper runs for over 30 pages but the conclusion brings the arguments it is making to a clear end.
VI CONCLUSION
Most Australians have been, currently are and/or will be patients. Therefore, since the opt-out period for the MHR system commenced on 16 July 2018, the government imposed on a majority of the population the need to make important decisions. For those of us who cherish the confidentiality of our health information, electing not to participate in the scheme may be the only viable choice. If we acquiesce, unwittingly or otherwise, to our MHR registration, we cannot be assured that the information we provide to our healthcare providers in the course of the therapeutic relationship will remain with them, and that only relevant details will be disclosed with our valid, informed consent for the purpose of treating us.
In response to growing public concern about the potential for loss of patient confidentiality in the MHR system, in December 2018, the Federal Parliament passed the My Health Records Amendment (Strengthening Privacy) Act 2018 (Cth), following an inquiry by the Senate Community Affairs References Committee into the MHR system. Some breaches of patient confidentiality that might otherwise have arisen under the MHR system will be prevented owing to the passage of this Act and other breaches might also be prevented if recommendations for amendments to the MHR system in the Senate Committee’s Final Report, delivered in October 2018, are implemented. For instance, the My Health Records Amendment (Strengthening Privacy) Act 2018 (Cth) amends the My Health Records Act 2012 (Cth) to prohibit the System Operator from disclosing patients’ health information in their MHRs to law enforcement and government agencies unless they have an order from a judicial officer requiring the System Operator to do so. In addition, the Senate Committee recommended applying record codes to patients’ MHRs by default and preventing third parties from accessing patients’ MHRs without their ‘explicit permission’, though these suggestions have not yet been implemented. Yet the My Health Records Amendment (Strengthening Privacy) Act 2018 (Cth) and the Senate Committee’s Final Report do not address all of the fundamental flaws in the design of the MHR system that threaten to undermine the traditional paradigm of patient confidentiality within the therapeutic relationship. As discussed above, these weaknesses include the following: the MHR system enables the linking and aggregation of a high volume of sensitive health information; the access points into the MHR system and thus the people who could access patients’ MHRs are possibly countless; the system lacks sufficient means for preventing or reducing breaches of patient confidentiality; the extensive data in patients’ MHRs can legitimately be disclosed in certain circumstances; control of clinical records is removed from clinicians and the institutions that support them; and the system is vulnerable to cyber hacking.
The ostensible potential benefits of the MHR system will not outweigh the damage that could ensue from the system’s erosion of patient confidentiality. Although many patients would value an electronic health records system that enables accurate health information about them to be ‘readily accessible to those who need’ it to treat them, they will also be extremely concerned to preserve its confidentiality. Any loss of confidentiality of their health information may undermine patients’ trust in the health records system and even in their health practitioners. In Randell’s words, ‘[t]rust is gained slowly and can be lost abruptly’. Also, ‘once lost’, trust ‘may be difficult to re-establish’. As noted above, without trust in their health practitioners and the health records system, patients may be less candid with their practitioners, thereby diminishing the accuracy and comprehensiveness of information they provide to them. They might also be less willing to undergo testing and treatment. This could have adverse implications for individual and public health.
----- End extract.
If anything, I believe the authors are a way too trusting regarding the ADHA claims for data quality, completeness and timeliness of the information held and these failing greatly strengthen their arguments.
The second paper is as follows.
Evaluating the Contextual Integrity of Australia’s My Health Record
Authors Timothy Kariotis, Megan Prictor, Shanton Chang, Kathleen Gray
Pages 213 - 218
DOI 10.3233/SHTI190166
Abstract
My Health Record (MyHR) is Australia’s national personally-controlled electronic health record. Initially established in 2012, it moved from an opt-in to an opt-out system in 2018. This paper considers the privacy aspects of MyHR shared health summary. Drawing on Nissenbaum’s theory of privacy as contextual integrity, we argue that the shift in the event-specific nature of information sharing leads to MyHR breaching contextual integrity. As per Nissenbaum’s decision heuristic for contextual integrity, we evaluate this breach through a reflection on the changing nature of health care, including patient empowerment, and the greater complexity of care. It is evident that more needs to be known about the benefits of shared health summaries, as well as the actual use of MyHR by clinicians and patients. Though we focus on MyHR, this evaluation has broader applicability to other national electronic health records and electronic shared health summaries.
My Health Record (MyHR) is Australia’s national personally-controlled electronic health record. Initially established in 2012, it moved from an opt-in to an opt-out system in 2018. This paper considers the privacy aspects of MyHR shared health summary. Drawing on Nissenbaum’s theory of privacy as contextual integrity, we argue that the shift in the event-specific nature of information sharing leads to MyHR breaching contextual integrity. As per Nissenbaum’s decision heuristic for contextual integrity, we evaluate this breach through a reflection on the changing nature of health care, including patient empowerment, and the greater complexity of care. It is evident that more needs to be known about the benefits of shared health summaries, as well as the actual use of MyHR by clinicians and patients. Though we focus on MyHR, this evaluation has broader applicability to other national electronic health records and electronic shared health summaries.
Here is the link:
Here is the conclusion from the freely downloadable .pdf available from the link above:
6. Discussion and Conclusion
Initial assessment of MyHR SHS points to a breach in contextual integrity due to a shift from a ‘push’ to ‘pull’ method of information sharing. This disrupts the event-specific nature of current information sharing. Evaluating the contextual integrity of shared information in an electronic health record is complicated by the changing nature of health care. Team-based care requires greater sharing of information, which challenges traditional values related to confidentiality and privacy. In addition, clinicians’ need for information to support individualised decision making is growing, and providing that information in an efficient and effective way is essential. If MyHR proves to have benefits to patients and clinicians, a breach of contextual integrity may be warranted. However, the evidence for summary records is still limited. There appears to be a risk that the promise of better care will be sunk by too much data with too little relevance at the point of care. New values related to patient empowerment pose opportunities for a shareable electronic health record that may justify breaches of contextual integrity. However, this rests on the assumption that patients have the resources to take control of their MyHR. Further evidence of MyHR SHS benefits, and of patients and clinicians actual use, is needed before we can conclusively determine whether MyHR breaches contextual integrity.
----- End extract
Again it is hard to believe the quality and accessibility of the data held in the MyHR will come close to meeting the expectations of the authors for clinical value and utility.
Taken together these two articles provide a powerful set of reasons as to why the MyHR is probably doomed to erode trust and not deliver the benefits expected.
Comments welcome.
David.
No comments:
Post a Comment