Thursday, April 7, 2016
Question of the Week No. 12
Healthcare providers are moving to a system of
electronic health records where an individual’s entire medical history,
diagnoses, treatments, medications and other health information are maintained
in a digital form. For the purposes of
providing better and more timely health care to individuals, should physicians
and other healthcare providers be able to freely access and share this
information with each other without a patient’s consent?
Subscribe to:
Post Comments (Atom)
Yes. It is a system that is designed to ensure patient safety. When, for example, a person goes to an Emergency Room, that ER needs to know if the individual is on any medication, or has had any prior procedures, that would interfere with the procedures they need to undertake. Sometimes the person is unconscious and can't speak for themselves. Sometimes the family members who speak for the person are unaware of the history. Such uncertainty has cost lives. There was a recent story (see the link below) about a recovering heroine addict who died because she was prescribed opioids post-surgery by a well-meaning surgeon who simply did not know about her addiction. Because of her addiction, her body was too sensitive to receive some of the medications she was prescribed and she died.
ReplyDeleteAt the very least, these types of tragedies will almost certainly result in law suits for the hospital. If the medical facility and/or treating physicians will be left holding the "liability bag," so to speak, then they should be allowed to take whatever precautions are necessary to ensure patient safety and to insulate themselves from liability.
That's not to say that there aren't privacy risks that should be mitigated. If such a policy was implemented to allow sharing of patient data, the policy should also have strict regulations for safety measures that need be taken to prevent breaches of privacy.
Ultimately, the bottom line is that when it comes to saving lives, the benefits outweigh the risks to privacy.
For the story: https://addictionunscripted.com/young-woman-whose-addiction-story-inspired-obama-just-died/
No, physicians and other healthcare providers should not be able to freely access and share information without the patient’s consent (the system I am envisioning would be a centralized, national system that any physician/healthcare provider could get access to). I can see the benefits of a sort of centralized system, especially if the patient were unconscious and unable to give consent. However, in the majority of cases, getting the patient’s consent is the best policy, as it does not cause a significant delay and gives them the opportunity to ask questions about who can see their record. The consent may be for doctors within a network, at a certain practice, etc. (i.e. doesn’t have to be consent for every individual doctor, nurse, etc.) but the consent form should list who can access that information.
ReplyDeleteThe other part of the question that pushes me to a “no” answer is “healthcare providers.” I would want to know more about who fell under that definition because while large hospitals may have sophisticated IT departments and data security plans, it seems more likely that a small private practitioners, chiropractors, or physical therapists would not have these same measures in place. Overall, I am generally not in favor of the aggregation of large amounts of data in a single accessible database. This aggregation raises many of the privacy concerns we have talked about all semester such as creating a lucrative target for hackers, controlling access on such a large scale, and using patient data for purposes they are not aware.
No. I think that Physicians should be prohibited from freely accessing a persons health records unless there is informed consent from the patient after understanding the scope, purpose and other details of the use of their records. If there is a legitimate reason that a doctor wants to review your records it is not unreasonable to require the doctor to contact you. Most doctors are so busy that they don't review a persons records until immediately before seeing the patient or other situation directly related to the care. Any access to patients records unrelated to the present care being given to the patient should be prohibited.
ReplyDeleteNo. Physicians should not be able to access medical records without consent from the patient. I think the answer to this question is more ideological than practical. Although Angela points out the story of a patient who died because the physician was not able to access his medical records, I imagine there are ways to circumvent those problems without giving physicians unqualified access to medical records. I am in favor of developing a centralized database, but, given society values privacy for its intrinsic worth, there needs to be measures in place to ensure that consent is obtained.
ReplyDeleteFurther, it is also troubling to imagine a physician sharing medical information without consent, especially when the patient does not have a preexisting relationship with the third-party that the information is being shared with. Doctors and other medical professionals are not unscrupulous. I have met enough insurance defense lawyers to be skeptical that all doctors are behaving ethically. Thus, not only does this proposal undermine the intrinsic value of private information, but it can also result in real harm because a conniving doctor could potentially do a lot of damage with an unfettered ability to access and share information. At the very least, even if a doctor is allowed to access medical information without consent, I think doctors must obtain consent before sharing that information with third-parties.Doing so insures the doctor is not using the information outside of its intended scope and at least allows the patient to seek independent advise if that information is shared.
No. Although there are benefits to being able to share and access such information without the consent of a patient; such as, where they are physically unable to consent, the door should not open. Sharing health information with other doctors without permission is a violation of the privacy right of the individual due to such sensitive information.
ReplyDeleteThe benefit to society by sharing such information is not outweighed by the privacy interest. Due to discrimination for disabilities and genetic information, sharing such information without consent has varied potential pitfalls; exposure to individual healthcare providers that a patient didn't want to create a patient-physicain relationship in the first place. One issue I see is this sensitive information being gathered through search engines--such as in Google gathering data on people searching the flu--and mirrored up with other medical information such as prescription usage shared by pharmacies and diseases searched on the internet shared with third parties. Such information could be then used to create a health profile--all along not violating HIPAA--used as a marketing tool and even more dangerously for discriminatory purposes.
Constitutional right of privacy in information gathered about out health information although not absolute should be carefully considered in light of the vast access and potential breach of information.
Yes, but only as long as the collection, storage, transmittal, use, etc. of Protected Health Information (see: https://en.wikipedia.org/wiki/Protected_health_information ) is still bound by the HIPAA Privacy Rule (see: http://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/ ), the HIPAA Security Rule (see: http://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/ ), Meaningful Use (see, Chapter 5 of: https://www.healthit.gov/sites/default/files/pdf/privacy/privacy-and-security-guide.pdf ) under the American Recovery and Reinvestment Act of 2009, the HITECH/Omnibus Breach Notification Rule (see: https://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf ), and otherwise meets or exceeds standards and adheres to principles prescribed by the Office Of National Coordinator for Health Information Exchanges (see: https://www.healthit.gov/sites/default/files/hie-interoperability/onc-hie-pin-003-final.pdf ), since State HIEs are the principal method of exchange of PHI in the context of this question. In fact, according to the Office of National Coordinator, as of 2013, State HIEs were broadly available in 47 states (see: https://www.healthit.gov/policy-researchers-implementers/state-hie-implementation-status ), and if you have been to a major healthcare provider in Utah, unless you have opted out of such data collection, your own health records are probably available through Utah’s HIE (see: http://www.mychie.org/about/ ). According to one report (see, Page 13-14 of: https://www.healthit.gov/sites/default/files/CaseStudySynthesisGranteeExperienceFinal_121014.pdf ), Utah first had an opt-in model for participation in HIE, which hindered efforts to develop the State HIE, so the state legislature passed HB 46 which automatically included beneficiaries of programs like Medicare, Medicaid, CHIP, and Public Employees Health Program, unless they opted out. Subsequently, Utah became an “opt-out” state, and now, providers can exchange information for treatment, payment, and operations, without explicit patient consent. However, since many of my classmates seem to have expressed concerns about the collection of their health information, perhaps those concerns could be mitigated by considering the fact these records, although available to any provider in theory, have not actually been used widely, according to Page 32 of the same report.
ReplyDelete