Another interesting briefing coming out of the ONC Health IT Policy Committee meeting this week was a presentation from Privacy and Security Workgroup chair Deven McGraw, which highlighted the workgroup's current focus on privacy protections in health information exchanges, with particular emphasis on the question of how to handle consumer/patient preferences, consent, and control over use and disclosure of personal health data. While the workgroup is not ready to take a formal position on this issue, McGraw explained that they hope to present specific recommendations at the next Policy Committee meeting, currently scheduled for May 19. The workgroup's focus on privacy and security from a patient-centric perspective appears to complement the five essential elements the NHIN Workgroup has proposed to constitute a trust framework that includes sufficient security and privacy provisions, oversight and enforcement, and technical capabilities to serve as an enabler of health information exchange (HIE). The NHIN Workgroup is focusing on trust as a prerequisite for HIE participants to realize the value of exchanging data, while the Privacy and Security Workgroup is looking at building trust among individuals, especially including providers and patients as well as the public in general.
While everyone is in violent agreement that a better foundation of trust is needed before the grand vision for health information exchange can be achieved, it shouldn't be lost on anyone that it is exceedingly difficult to arrive at a common framework of trust when different stakeholders have different goals and priorities for adopting electronic health records and exchanging the data those records contain. Many of the anticipated benefits from the interoperable electronic health records rely on widespread adoption of health information technology and universal participation among individuals, stemming from President Obama's January 2009 call for every American to have an electronic health record by 2014. For patients, the key challenge seems to be ensuring sufficient privacy and security protection to give individuals confidence in the EHR systems and the use of their data, to get them to want to have their health records in electronic form at all. Putting patients in control of their data and capturing and using patient consent and usage preferences seems to be the favored way to engender trust among individuals, but in doing so the value of health information exchange in improving quality of care may be negatively impacted. If consent is enabled at a level of granularity that allows individuals to keep certain portions of their health records hidden, the result for anyone requesting access to those records through health information exchanges may be incomplete data. Depending on the nature of the data omitted from an ostensibly comprehensive view of a patient, the risk of clinical mistakes due to incomplete records goes up, threatening the improvements in quality of care and reduction in medical errors that electronic health records are intended to produce.
The importance of complete information in clinical care settings is well established. It's not by accident that data disclosure for the purpose of treatment is explicitly exempt from consent requirements that apply to some other uses of health data under the HIPAA Privacy Rule. The Health IT Policy Committee has among its members practicing physicians whose views illustrate the two sides of the granular consent debate: Dr. Charles Kennedy of Wellpoint shared an example of situations where the access by one type of practitioner to health record data related to a different type of care (specifically, an internist seeing medications prescribed for a patient by a psychiatrist) upset the patient in question and fell short of yielding the sort of privacy protections patients seem to want. In contrast, Dr. Michael Klag of Johns Hopkins objected to the idea of giving patients such granular control over their health records, even if patients are made aware of the potential dangers of withholding medical information. The approach of requiring data disclosure for treatment (that is, of exchanging data without seeking consent) might satisfy clinicians, but we noted in this space last week, surveys suggest that absent some degree of control over health data disclosure, many patients may opt to withhold information from their doctors rather than have the information become part of their records. It is hard to imagine how better health care outcomes can result if individuals are able to selectively withhold data from medical providers.
Finding the right balancing point between patient privacy and consent and optimizing the utility of data shared through health information exchange is more a business and policy problem than it is a technical challenge, although the technical means of enabling granular consent in EHR or supporting health IT systems are far from trivial. It seems that managing consent on the basis of the purpose for which health data is requested might be a more suitable starting point for finding a workable solution to this issue. Such an approach has the advantage of following the requirements of all the major federal privacy laws and being consistent with the Nationwide Privacy and Security Framework that includes the core privacy principles upon which the Privacy Act and other legislation are based and which privacy advocates argue should be directly reflected in health IT initiatives like the NHIN and in health IT adoption programs like meaningful use.
One-Shot vs. Iterated Prisoner's Dilemma
6 hours ago