Consenting Technologies

Yesterday, ONC held a fine gathering at the Grand Hyatt in Washington DC. There were experts, ONC Tiger team members and cutting edge technology vendors displaying and discussing platforms and software for providing patients the opportunity to define granular consent to the sharing of their electronic medical records down to a data element level.

Somewhere in the midst of watching that fabulous and very complex technology, it occurred to me that I don’t quite understand why we are discussing all these things. Obviously, we all agree that patients have a right to privacy, and as HIPAA outlines, our medical records ought to be protected from wanton disclosure without our permission. However, the showcased products and the ensuing conversations at the Grand Hyatt were on a completely different level of sophistication.

Physicians have been exchanging patient records since medical records were invented. Today, patients are signing the obligatory HIPAA forms giving health care providers permission for these exchanges, and most doctors use fax, phone, courier (usually the patient) and occasionally secure email to exchange medical records. A typical scenario would be a PCP making a referral – a letter summarizing the problem is usually written, some test results could be attached, a big yellow envelope with some film may be handed to the patient to bring to their specialist appointment. Physicians equipped with EHRs are doing pretty much the same, in a more automated fashion. We do not consider this an invasion of privacy.

It seems that things are about to change. Data, as we all know, yearns to be free, and once computerized, all data will finally become free (literally and figuratively). Instead of having the doctor select the pertinent information to be released based on circumstances and need to know, all our medical data will be available for access by all interested parties. So in our referral example, the specialist would request, or be granted, access to our entire electronic medical record. For most folks, this would be unacceptable. This is where consent comes in.

Newly empowered patients, or consumers, will need to go through their medical records and choose who can see what and under which circumstances they can see it. First we need to locate our medical records, which could be scattered amongst the various providers we see, or according to the best Toyota principles, will be all aggregated in a PHR that we control. So either we log into various Patient Portals, at various institutions, to give our informed consents, or log into our PHR which magically contains our entire medical record. In the latter case, it is not clear what the exact purpose of the consent would be since each provider would retain their own “unconsented” copy of the records.

Assuming I have a computer, and assuming I have access to the internet, and assuming my English is pretty good, and assuming my health care literacy is decent and I don’t have a disability preventing me from working with a computer, and ignoring these minute details, which are surely going to be resolved soon, let’s proceed with consenting. Since we have a specialist appointment coming up, we should decide what the specialist should see. Probably only stuff associated with the reason we’re going to see her for. We can safely check everything else off. Our PCP ordered an MRI, but we would really like the specialist to do her own tests, so let’s check off the MRI too. On second thought the blood tests looked a bit peculiar the first time around, let’s have some new ones, or let’s see what the specialist decides to order on her own. Checked off.

Now we need some general consent policies too. Who should be able to see our genetic information regarding increased risk for breast cancer? Nobody, that’s our own private business and if the insurers find out, we’re toast. Checked off. How about that little episode of depression? Oh, no, that’s nobody’s business either and we’re fine now. Checked off. At this point, all an unauthorized person can see is that we blocked all access to genetic information regarding breast cancer and mental health information. Hopefully it works better than invoking the Fifth Amendment in a court of law.

I understand Electronic Medical Records and wholeheartedly support their adoption. I understand that physicians need to exchange medical data in order to provide care. I understand per incident data exchange and I understand NHIN Direct. I completely understand a patient’s right to obtain a copy of all his/her records and I definitely understand the imperative to protect medical data from profiteering, legal or otherwise.

However, I do not understand the logic of opening up access to the entire medical record just so that patients can go back in and block same access, data element by data element. I also don’t understand the clinical value of a medical record that can be redacted at will without physician knowledge. And most of all, I don’t understand how small rural and underserved clinics, and their equally underserved patients, get to participate in this exquisite technology plan. Will this exercise improve quality of care? Will it reduce costs? Will it reduce disparities?

Margalit Gur-Arie blogs frequently at her website, On Healthcare Technology. She was COO at GenesysMD (Purkinje), an HIT company focusing on web based EHR/PMS and billing services for physicians. Prior to GenesysMD, Margalit was Director of Product Management at Essence/Purkinje and HIT Consultant for SSM Healthcare, a large non-profit hospital organization.

Categories: Uncategorized

25 replies »

  1. I’ll second the thoughts on most patients: I really don’t believe as many people are as interested in becoming masters of health care as some would have us believe. Just like most people trust a mechanic to look after their cars (even though they could do simple repairs/preventive work), most people want a doctor they can trust to handle their health.
    As for the redaction issue, I can certainly see how that would be a problem. What is I’m in a car accident in another state? If I’m unconcious, I’m not able to suddenly decide that my trauma care team should have all data, not just the little I’ve kept open. And as has been pointed out, who is then legally responsible when a mistake is made because the doctor couldn’t access a complete chart and prescribed a medication with a dangerous interaction?
    I keep hearing mutterings about the FDA getting involved or naming EHRs a medical device, but nothing official. Does anyone know exactly what the FDA has said on the matter, and if they plan to work with the ONC?

  2. “Sen. Charles Grassley (R, Iowa) started the high-level discussion about the FDA’s role in health IT in the context of meaningful use of EMRs and the push to get physicians to adopt technology. He sent a letter on Feb. 24 to Health and Human Services Secretary Kathleen Sebelius asking what her agency intended to do to ensure the safety of EMRs, and the role the FDA should play in monitoring them.
    The next day, an FDA director stated flatly: ‘Under the Federal Food, Drug and Cosmetic Act, HIT software is a medical device.'”
    So why are we even discussing this? Senator Grassley et. al should see for themselves what $8.9 million tax payer dollars have purchased so far: a virtual office at 200 S. Wacker Drive, a smoke and mirrors vaporware lab that probably never truly operated as a “lab”, just a store front for taking cash receipts. All of this should have been discussed a long time ago, before the billions of tax payer dollars were wasted.
    You betcha we are DAMN ANGRY. Even Dr. Ron Kirkland, who is running for Congress, agrees:
    “Friends, the spending must end,” Kirkland said. “The bailouts, the ridiculous stimulus plans, the outrageous farm subsidies to big corporations, and, yes, even small incentives for electronic medical records. We must end them now!”
    Kirkland spokesman Brent Leatherwood said Kirkland still supports the use of EMRs but feels that “now is not the best time to be spending money on this.”
    Finally, a consensus is beginning to emerge! Thank God we might be be experiencing a sea-change. The difficulty here is that now that the issue has been raised and is above water and visible, we want to make sure it stays that way.
    Let’s keep the lights on in the Light House, and push for a Congressional Hearing. For too long, these guys have been trolling our waters with illegal fishing nets. It has been basically piracy and poaching.

  3. Dr. Smith, we had quite a lively discussion here on the subject you mentioned and I’m sure we will have more…
    Dr. S., glad to see you here. I guess I never thought about the “consent” you have in mind. Do you seriously think that patients need to consent to usage of specific “devices” in the course of their care? I can see patients having the right to name the “device” manufacturer in a malpractice suit, but I’m not sure about consent.
    As to security of electronic information, as opposed to paper records, that is also an altogether different issue. I have no doubt that electronically stored data, particularly when stored in large quantities per location, is much more attractive to criminals and much easier to obtain.
    However, I don’t know that we even need security breaches in order for privacy to be violated. Perfectly legal selling of data can accomplish the same result. That, IMHO, needs to be stopped.

  4. Consenting technologies? Interesting title.
    Here’s thoughts about informed consent to use of EHR medical devices that govern care:
    “Draft Patient Rights Statement and Informed Consent on Use of HIT”
    Here’s about prospects for confidentiality:
    “Concern About Medical Records Is Not Misplaced”
    Wall Street Journal
    April 3, 2010
    Operation Aurora And a Widespread Reluctance to Discuss IT Flaws: Is Universal Healthcare IT Really a Good Idea in 2010?http://www.ischool.drexel.edu/faculty/ssilverstein/cases/?loc=cases&sloc=aurora

    ” .. The cart is waaaay before the horse! Until with have a unified and easy-to-use healthcare data privacy regime, technology needs to be held at bay ..”
    Yes. The public is DAMN ANGRY at unaccountable, incompetent big organizations.
    Dream on about technology until the cows come home — most will NOT going to cooperate with EMR/EHR until someone ACCOUNTABLE steps up. Probably will take at least 15 years, at today’s rate.
    And blaming Bush, Cheney, Rove, Boehner, Palin, et. al, will not win over the masses. They are so much smarter than that charade, it is not funny.

  6. Thanks for the heads up on the HHS-App for IPhones- this is one of my favorite tools!
    I did a preliminary scan on the application and found that it does cost 99 cents but it comes with an opportunity to review the application too which by itself makes the application valuable from that point of view providing feedback is given to the agency and public.
    On the other hand considering the Quality of people we have in the branch of government known as HHS it will probably not be a good investment even as a reviewer tool. What is needed is the application of a “no new spending rule” made retroactive to the end of the Bush Administration, Police actions on the fraud and abuse by government agencies and their cohorts in the private sector (the Tony Rezko’s) Industry Trade Associations, also known as “slime bag non-profits” and their malingering Cash Carrying Mules. The malingering should be a capitol offense punishable with mandatory jail time.
    The current state and degree of involvement HHS has with the HIT Industry is a fine example of the malingering by lobbyists schmoozing and coddling an incompetent buffoon. No amount of Botox will ever make that cracked Bobblehead believable or attractive.
    What we need is the actuarial on what it will cost to make the Rezko’s and Lieber people go away. We can build a Berlin Wall on the Mexican Border but we are unable to secure and operate a national government without slimebag lobbyists and crooks. Gee I wonder what kind of healthcare this translates to? HELL-CARE?
    All of which reminds me that I cannot take my dog on vacation this year because when I’m driving through Arizona they might mistake him for being a Mexican and that’s hard because I was planning to visit my Curandero for my annual checkup, he likes Muffy– my best friend.

  7. It is a travesty that the HHS Secretary is abusing the taxpayer by wasting money on these greed and control based ideas. It was stated:
    “The main point was creation of sophisticated policies for access to data and how the policies themselves should, or should not, be attached to the data itself. The patient is of course responsible for setting the access rights.”
    Most patients can not take their medications correctly and these self appointed “policy wonks”, aka HIMSS insiders, think patients can set access rights?
    For Sebelius to have authorized such a inappropriate meeting, considering that the current EMR devices are experimental and rife with errors, is reason to question her competence as well as her financial relationships with the HIT industry and HIMSS.
    Don’t forget, N. DeParle, former (she cut all ties!!) member, BOD of Cerner when it was wreaking havoc on medical care in the UK, is the “US Health Care Reform Czarette.

  8. Does anybody have the latest news on the LITTLE DICKEY (formerly known as “the Dick-O”, a.k.a. Richard Blumenthal)?
    The fellow that was reduced in size, appropriate to his false claims of service in Vietnam?
    You know, brother of David Blumenthal, MD, ONC Coordinator.
    I wonder which one of them came up with the great idea to charge .99 for the iPhone application: “HHS News Reader”? And whose pocket is this cash going to?
    As I have not reviewed this application, I wonder if this app provides either a gossip column or a classified section that discloses which HIMSS Insider is getting what cushy job inside of government; e.g., ONC, NIST, CMS, AHRQ, HIMSS-CCHIT?
    For .99 I would expect a forward observer standing on both sides of the revolving door reporting daily, who is moving back and forth from the Meet to Eat trough. And who is carrying the bags of billions of dollars around for LIEber and his crowd (you know, the 20,000 members).
    What a great idea this applications is! HIMSS can run ads for their version of the Golden Parachute for sale in the HIT industry.
    The .99 may provide a few good laughs, actually.

  9. Thanks to all for the use of the word “REDACTING”. According to Colonel Pat Wise of HIMSS this is not a real word but then HIMSS only deals in make believe, that they know what is right for everyone including what utterances may or may not be words tied to their ideas of safety; its safe if it puts money in the pockets of the vendors. “Is it Safe”, a reminder of the movie Marathon Man– how one man’s military would do anything to achieve world domination. So typical of the maniacal ideologies of the past and easily identified here in the present as dangerously flawed character traits.
    First Vee control der language, Den Vee control der ideas.
    So vat if meine bruder vas nicht ein Vietnam Combat Veteran!
    Eins, Zwei, Drei, ACHTUNG …….

  10. A waste of taxpayers’ money to have such a program.
    One minor problem_in the UK, it was recently determined that the patients do not look at their medical records nor will they opt in or opt out. The percentages were impressive and of no surprise to me.
    The default should be opt out, always.
    Another problem, the EMRs are often defective, and are currently being sold illegally, in violation of the Federal Food Drug and Cosmetic Act.
    For those who drink the kool aid of HIT, including those who attended and spoke at the conference, the following links may cause peristalsis reversus:

  11. I agree. I particularly like the general disclaimer idea. That way patients can have their privacy and docs can be alerted that they need to take the history from scratch. And I do agree that the vast majority of folks won’t even bother to go through their chart, just like they didn’t in the UK. So really the main question remains whether we start with opt-in or opt-out. That will probably be up to the States. I would prefer opt-out for clinical use and opt-in for “research”, with rock solid protection from data selling.

  12. “My thinking is that if doctors become aware of this latter possibility, they will place very little value on whatever records they receive.”
    Exactly, which is why it’s such a terrible idea. On top of that, to the extent that they do take the data as complete, they open themselves up to pursuing treatments that are contra-indicated given the full facts.
    I’m surprised you say that you see the other side. Why shouldn’t it be enough that someone can opt out for transmission of information; why does the system have to enable them to conceal that fact? Seriously, what is the legitimate argument there?
    One solution would be to have a generic warning to the physician that the patient has prevented some of their information from being transmitted. It doesn’t have to be so specific as “this patient has suppressed HIV information.” Obviously, that would make everyone think you have HIV. The message could be “This patient has chosen not to share some health information. Before conducting a course of treatment, ask the patient about common contra-indications for the treatment and whether the patient meets any of them.”
    The physician would know when that message pops up that the two most common types of things suppressed would be STDs and behavioral health, which would help in asking any relevant questions.
    Hopefully, a small percentage of patients will actually block information from being shared, because if the message appears too often once again the information won’t be trusted. I expect less than 10% of patients will suppress something.

  13. jd, it is more complicated than just deciding what goes to the HIE and what doesn’t, and the questions are very much still open today.
    The “cutting edge” presenters showed software that is minimally deployed or just in pilot phase. I don’t know if any State agency is considering purchasing these technologies.
    The main point was creation of sophisticated policies for access to data and how the policies themselves should, or should not, be attached to the data itself. The patient is of course responsible for setting the access rights.
    For example, the first presenter showed a federated model of medical data, where the aggregation is done in a patient controlled PHR and from there the patient is the only arbiter of what data is sent to various providers. The receiving provider has no way of knowing whether what he received is everything, or just a portion of the PHR, and nobody but the patient can look inside the PHR. A similar model was described by the second presenter, where one could send pieces of the record to a requesting provider. In both these cases a receiving provider will see no difference between a patient who blocked mental health information and a patient who has no mental health information to start with.
    I can see both sides of the argument here. Tom’s side is of course valid, because if you mark, say, HIV as blocked (or access denied), you may as well acknowledge that there is HIV information in the record, most likely positive. On the other hand if the receiving provider is mislead into thinking that there is no HIV information, problems could easily occur. My thinking is that if doctors become aware of this latter possibility, they will place very little value on whatever records they receive.
    You can find the testimonies from vendors here (Jul 29)
    The actual demos and webcasts will be available here

  14. Margalit, I must not have been clear. When I was closer to this, it was not an open question whether to allow people to remove information from the RHIO without an indicator that the patient didn’t want to disclose that information. There was no debate in 2008. The technology was always there to allow this (in fact, it is harder to allow selective removal with an indicator than without one). So I don’t think it has anything to do with new technologies, but instead shows that at least some people consider this an open issue today, whereas I thought it was closed. That’s the disconnect.
    I thought it was closed for good reason: It does not make any sense to allow selective withholding and not indicate that a type of information is being suppressed. So what if people assume the worst? If you are afraid of that, you alway have the right to suppress all of your information from the electronic exchange and insist on hand-delivering your files to the people you choose, or something. If you want to mislead your physician about your medical history, the system shouldn’t be designed to help you do that. The deception, with possible harmful medical consequences, should be entirely on you. I think we’re on the same page on the answer.
    Can you be specific about who is seriously considering allowing un-noted data suppression?

  15. > Technology, I believe, should be subservient to
    > business models, not the other way around.
    I’m on your side (and Dr. rbar’s too) — I’m one of those that are perfectly happy providing all their data for legitimate treatment uses, billing and so-forth. To boot, I can’t think of a scenario where I much care what is done with de-identified data either. Data-mine and research away! Knock yourself out. The more value derived from this data the better chance I have of it being complete & correct when I need it for something.
    But I stand by what I said: the response to an unauthorized query should be null.
    I think we have a pretty good idea what needs to be done with respect to record sharing in the short term. But in Medical Informatics Time, “short term” is at least a decade.
    > Personally, I prefer an electronic version of the
    > current practice, where your doctor just puts
    > together referral packages and Hospitals/Specialists
    > send back everything they have.
    Yes, the much-maligned CCR/CCD solves many, many problems without creating too many new ones…
    Lukewarmly yours,

  16. jd, there was no disconnect. They showed the current technologies, which are at the stage you describe, and then they showed new technologies which are still in their infancy. There were many options and many exquisite possibilities, including blocking genetic information, for example, with no indication that there was something there. Those were mostly for information shared withing one enterprise. It was indeed a fact finding conference.
    Either way though, if you block information and the other party knows it was blocked, they will probably assume the worst, and if they don’t know it was blocked, the consequences may be dire. At some point, I think, people will have to come to terms with who can see their medical records and who cannot. Personally, I prefer an electronic version of the current practice, where your doctor just puts together referral packages and Hospitals/Specialists send back everything they have.
    This implies the existence of a true Medical Home as it was originally defined, where all your records are stored and all your care is being coordinated from. Technology, I believe, should be subservient to business models, not the other way around.

  17. Margalit, there is a disconnect between this meeting you attended and what I was seeing in the field for RHIOs about 18 months ago. Those RHIOs in New York were all struggling with opt-in vs. opt-out (and leaning towards opt-in at the time). They were also struggling with the issue of what to allow patients to remove and how granular to get.
    However, to my knowledge, nobody was entertaining the idea of allowing patients to block information from the data exchange without an indicator that the information was suppressed. Have things changed so much that RHIOs are now seriously considering this, or was this group and ONC out of touch with what is happening in the field? Both options are hard to believe, for different reasons. But one must be true.

  18. Margalit,
    granular editing/redacting of MR is a recipee for disaster. Most patients probably won’t care about this feature anyway, but there are few but enough patients who are motivated by getting a serious and/or chronic diagnosis (probably to gain attention/compassion – secondary gain; if this seems deliberate, it’s called Muchhausen’s syndrome). And the patients who want new scans because the old ones are 4 months old (and nothing has changed in the interim), those do exist too. I don’t want to share a 3rd party payor/be in an economic risk pool where people are allowed to do this kind of nonsense.
    A lot of problems with patient centered medicine is the mistaken assumption that all or most patients/consumers are informed, rational decisionmakers. But that’s often not the case, and a lot of innovations will not succeed due to lack of interest and/or due to poor decisionmaking by the patients and subsequent poor outcomes. Except for the Med Kaz system. That for sure will thrive.

  19. Tom, this is not about whether to have a revolution or not. It is about how to proceed with the revolution.
    As Glen put it very well, the cart must follow the horses, or we are just going to stumble all over the hooves.
    There is some sort of assumption out there that people can, and actually want to, direct their own medical care and there is great confusion between full access to medical records and the responsibility of managing how those medical records are used by health care providers.
    Per your suggestion, I should be able to redact my medical records while physicians are unaware that I did so. This is a recipe for disaster. Not to mention that, as Gary wrote, I have no tools for knowing what to redact. For example, if I decide to redact my Diabetes, am I supposed to know that I should also redact the manifestation codes? If I don’t, Diabetes could be easily inferred. How about off label medications prescriptions? Should I be aware of all usages of a particular drug? The complexity is almost infinite. How does one gets his arms around all this? I am glad that at least one person at the ONC meeting asked that question, and there were no answers.
    I do hope John is right and this meeting was for informative purposes only and I agree that we need a simple starting point – IN or OUT. We can start building from there and it would behoove us to learn from the centralized medical record experiment in the UK. People just ignored the whole thing.
    As to privacy, Bobby, my biggest concern is not the exchange of records amongst physicians. It is the wholesale of patient data to commercial companies, either deidentified, semi-deidentified or fully identified. Neither patients nor doctors have any control over data selling, and computerizing records will make it rampant unless we put thoughtful legislation around it.
    I think privacy advocates should concentrate more on that than on the ability of very sophisticated patients to hide more information from their doctors.
    Who is going to be legally liable for errors due to redaction? The patient, who has no medical knowledge, or the doctor who is aware of the practice of redacting records and therefore should not trust ANY records now?
    What will this practice do to “defensive medicine”?
    Will the doctor be expected to walk patients through their records and figure out what should be kept private? Will there be a reimbursable CPT for that?
    How about just computerizing medical records, making them available to patients, providing a mechanism for docs to exchange data and making selling of records of any kind a Federal offense carrying mandatory jail time and astronomic financial fines?

  20. “Today, patients are signing the obligatory HIPAA forms giving health care providers permission for these exchanges, and most doctors use fax, phone, courier (usually the patient) and occasionally secure email to exchange medical records. A typical scenario would be a PCP making a referral – a letter summarizing the problem is usually written, some test results could be attached, a big yellow envelope with some film may be handed to the patient to bring to their specialist appointment. Physicians equipped with EHRs are doing pretty much the same, in a more automated fashion. We do not consider this an invasion of privacy.”
    Tell it to Deborah C. Peel, LOL

  21. I have some faith that what we saw was a fact finding mission. It is very important for policy makers to understand where technology is today and is heading. This was an example of where it is heading.
    I don’t though think that they have heard the voices that you are referring to. Those that need the data to make the right decisions. Those that can make better information with more data. Those that are perfectly happy providing all their data for legitimate treatment uses.
    I suggest we start with some very basic blunt instruments: OPT-IN and OPT-OUT. Those that don’t like this can simply choose OPT-OUT until technology standards and implementations catch up to their desires. See: http://healthcaresecprivacy.blogspot.com/2009/10/opt-in-opt-out-dont-publish-that.html

  22. > At this point, all an unauthorized person can
    > see is that we blocked all access to genetic
    > information regarding breast cancer and
    > mental health information.
    An unauthored person should not be able to know that this information exists at all — a query from him should produce a null response, not “authorization required” or some such.
    I do hope that difficulties are not used as an excuse for inaction. It seems that Mr. Marshall agrees:
    http://blog.freebeerparty.org/?p=493 except perhaps when he doesn’t.
    And things revolutionary are rarely welcome.
    “… it ought to be remembered that there is nothing more difficult to take in hand, more perilous to conduct, or more uncertain in its success, than to take the lead in the introduction of a new order of things, because the innovator has for enemies all those who have done well under the old conditions, and lukewarm
    defenders in those who may do well under the new. This coolness arises partly from fear of the opponents, who have the laws on their side, and partly from the incredulity of men, who do not readily believe in new
    things until they have had a long experience of them. Thus it happens that whenever those who are hostile have the opportunity to attack they do it like partisans, whilst the others defend lukewarmly, in such wise that the prince is endangered along with them.”
    — Niccolo Machiavelli, ca. 1510

  23. Not only these things you mention, but how does a patient know what is relevant to the physician she or he may be seing. She may redact important information relevant to the diagnosis or treatment. Insurance companies are a whole other problem… The two should not be mixed. The matrix needs to belegally divided into accessible and non accessible categories. clarified, expecially when it comes to non providers or allied health workers.

  24. The cart is waaaay before the horse!
    Until with have a unified and easy-to-use healthcare data privacy regime, technology needs to be held at bay.
    There is utterly total cacophony around privacy laws, regulations, policies, and personal preferences. It varies state-to-state, with local anomalies, and has as twice as many interpretations as there are lawyers.
    Worse, it is ambiguous as to what constitutes healthcare data or not. And for well-known healthcare data, such as lab tests or prescriptions, even the associated health condition often ambiguous. Given the lack of knowledge many people have about basic human biology, allowing patient redaction could be harmful to their health.
    So, while we’re waiting, let’s not let vendors waste any of our time on technobabble. Let’s focus on the real work at hand.