Healthcare record security concerns
A hot topic around the world is the use of digital systems to record health information for people. It’s not just the healthcare record security concerns – the fear that information can be hacked or even changed, it also has roots in incomplete recording of information, and how healthcare professionals use the systems that store the information.
One problem encountered is that doctors want to own their own data, and not share it with anyone – as they are concerned that their data (or lack of it) could be used against them. For example, if a doctor misinterprets a test, or missed a diagnosis, or made an invalid diagnosis – they don’t want anyone to be able to find that. In litigious countries, such as the US, a single mistake or omission by a doctor is enough to ruin their career – it may not be an actual error, it could be up to the interpretation of the records by other people!
The risk of complete information
Doctors are frequently given confidential information by their patients, which is at the doctor’s discretion over whether (and how) they record this. In the past, records were only really accessible by the doctor, and so the information they recorded may be in a shortened version that they can quickly record between patient appointments. Doctors don’t really like having to spend time entering patient records – they would far prefer to spend time with the patients than with the paperwork.
“Questions that doctors had routinely skipped, now stopped them short, with “field required” alerts. A simple request might now involve filling out a detailed form that took away precious minutes of time with patients.
From <https://www.newyorker.com/magazine/2018/11/12/why-doctors-hate-their-computers>
If the doctor is a family doctor, there may be history that they don’t actively record, because it is known. Where is the responsibility to ensure that this is complete, accurate and not open to interpretation? HIPAA requirements in the US include a focus on portability (that’s the P in HIPPA), meaning that the records must be able to be transferred to another healthcare professional – so they need to be complete, clear, not open to interpretation or having any expected knowledge.
The risk of irrelevant data
When I migrated from England to Australia, there was a requirement for me to have a chest x-ray to test for tuberculosis, and a blood test to rule out AIDS – of course both were negative for me, but it would be on my records that I had those tests. So, in an electronic record it would be possible for someone to query all people who have had the test, and make the assumption that there were other reasons for the tests. Similarly, a person who is concerned of a family history of a condition or disease may take the proactive actions to be regularly tested or take prophylactic medication – but would the same person then be categorised as having the condition already? In the above example of confidential information – this can also be disclosed by having a test.
The risk of access
I used to work in ambulance services, running the IT function both in London and in South Australia. I was trying to put in an electronic patient record system for ambulances in Adelaide, where the paramedic could look up the patient’s medications (and contraindications), allergies (including allergies to medications) and alerts (e.g. hemophilia, recent surgery, infection) – but this was blocked by paramedics for 4 reasons;
1) there is always an effort to find out who the patient actually is – if they are unconscious or they can’t identify themselves, particularly true when the patient is trying to avoid paying for the ambulance,
2) the paramedic has to treat the patient for their current condition, and in an emergency, and
3) [related to 2] the paramedic does not have time to look up records and read them when they are meant to be treating or transporting a patient – if the patient is given a medication that they have an allergy to (and, related to point 2), but the paramedic had access to the information on the computer, but did not have time to read it because they were treating the patient, the paramedic would be liable or responsible.
And finally, 4) patients expressed concern over their records being accessible – and their conditions being known by someone they had not authorised.
So, when I tried to put patient records in every ambulance in South Australia, it was blocked by doctors and paramedics, and resisted by patients.
Interestingly, in London, there was not the same resistance – primarily because the paramedics do not need to know who the patient is (because the transport and treatment is free under the NHS).