Who owns a patient’s health information?
·The patient to whom it refers?
·The health provider that created it?
·The IT specialist who has the greatest control over it?
The notion of ownership is inadequate for health information. For instance, no one has an absolute right to destroy health information. But we all understand what it means to own an automobile: You can drive the car you own into a tree or into the ocean if you want to. No one has the legal right to do things like that to a “master copy” of health information.
All of the groups above have a complex series of rights and responsibilities relating to health information that should never be trivialized into ownership.
Raising the question of ownership at all is a hash argument. What is a hash argument? Here’s how Julian Sanchez describes it:
One guarantee in the healthcare sector is that when it comes to personal health information (PHI), there is no lack of issues and pundits to discuss security and privacy of such information/data. If one does not jump up and down bleating on about the sanctity of PHI and the need to protect it at all costs, well then you may be labeled a heretic and burned at the proverbial stake.
Now don’t get us wrong. Here at Chilmark Research we firmly believe that your PHI is arguably the most personal information you have and you do have a right to know exactly how it is used. Whether or not you own it remains to be seen for we have seen, read and heard one more than one occasion – some healthcare providers believe that it is their data, not yours, and may only begrudgingly give you access to some circumscribed portion of your PHI that they have stashed in their vast HIT fortress, or worse, scattered in a number of chart folders.
But where we do differ with many on the sanctity of PHI is that the collective use of our de-identified PHI on a community, regional, state or even national level can give us some amazing insights into what is working and what is not in this convoluted thing we call a healthcare system in the US and needs to be strongly supported. Unfortunately, we do a terrible job as a country in educating the populace on the collective value of their data to understand health trends, treatments and ultimately ascertain accurate comparative effectiveness. This leaves the door wide open for others to use the old FUD (fear uncertainty and doubt) factor to keep patients from actively sharing their de-identified PHI.