The Nabobs of negativism are wrong.The ability to sort large quantities of data and facilitate instant user access from remote locations have raised fears that do not exist with paper systems. A concern for the total loss of patient privacy accompanies the computerized patient record (CPR Cardiopulmonary Resuscitation (CPR) Definition Cardiopulmonary resuscitation (CPR) is a procedure to support and maintain breathing and circulation for a person who has stopped breathing (respiratory arrest) and/or whose heart has stopped (cardiac ). While debate over the total implications to society is necessary when evaluating any new technology, be it nuclear energy or gene therapy, what may be overlooked is what the new information system may actually ameliorate. Could computerization com·put·er·ize tr.v. com·put·er·ized, com·put·er·iz·ing, com·put·er·iz·es 1. To furnish with a computer or computer system. 2. To enter, process, or store (information) in a computer or system of computers. of the patient record improve the poorly-protected right of confidentiality that is owed to patients? Recent action by the federal government may be a harbinger of optimism that safeguards can be implemented. The Medical Records Confidentiality Act of 1995 (S. 1360) was introduced in late 1995 as a template for a uniform national policy. While debate over the details of the bill continues, the concept of patient privacy is now being discussed in a national forum. if this new technology can assure us of a truly confidential medical record, an unintended side effect may result. One's right to privacy in matters of health care may finally be safeguarded. We all love to gossip The sanctity of the confidential relationship between patient and physician has been a fundamental part of health care from the beginning of our attempts to cure illness. It is referenced in the Hippocratic Oath Hippocratic oath ethical code of medicine. [Western Culture: EB, 11: 827] See : Medicine .(1) Even when a patient dies, the confidentiality lives on. The purpose is to allow a patient to speak freely to optimize the physician's diagnostic and curative power. Except for a handful of exceptions,(2) the physician may not reveal information obtained from either discussion or examination, unless the patient first consents to the disclosure.(3) At the end of the 20th Century, something happened to this concept in practice. Medicine matured. Scientific advances required many people to deliver the care that previously only involved a patient, a physician, and, at times, a nurse or pharmacist. Third-party payers routinely request information to verify, requests for payment. The government has increasing medical information requirements The information needed to support a business or other activity. Systems analysts turn information requirements (the what and when) into functional specifications (the how) of an information system. for birth records, mortality reports, and, most controversially, the tracking of public health trends. Because there is no single party whose sole concern is the protection of the patient's confidentiality, there is rarely any active enforcement. While the courts have ruled that others in the health care team have the same duty to the patient to maintain confidentiality as does the physician, the large numbers of those now involved in health care, often working anonymously as lab technicians, medical records coders, or circulating nurses in an operating room operating room n. Abbr. OR A room equipped for performing surgical operations. , serve to foster a cavalier attitude toward this right. indeed, the late Arthur Ashe Noun 1. Arthur Ashe - United States tennis player who was the first Black to win United States and English singles championships (1943-1993) Arthur Robert Ashe, Ashe publicly revealed his HIV HIV (Human Immunodeficiency Virus), either of two closely related retroviruses that invade T-helper lymphocytes and are responsible for AIDS. There are two types of HIV: HIV-1 and HIV-2. HIV-1 is responsible for the vast majority of AIDS in the United States. status as a direct result of his confidential lab results having been leaked to the National Enquirer En`quir´er n. 1. See Inquirer. Noun 1. enquirer - someone who asks a question asker, inquirer, querier, questioner . Who gave them this information? There is no room for a sanctimonious sanc·ti·mo·ni·ous adj. Feigning piety or righteousness: "a solemn, unsmiling, sanctimonious old iceberg that looked like he was waiting for a vacancy in the Trinity" Mark Twain. position by any one group. All health care professionals have become lax in their habits regarding patient confidentiality patient confidentiality Medical practice A Pt's right to privacy and freedom from public dissemination of information that the Pt regards as being of a personal nature. See HIPAA, Medical privacy. . A recent report, "Elevator Talk: Observational Study In statistics, the goal of an observational study is to draw inferences about the possible effect of a treatment on subjects, where the assignment of subjects into a treated group versus a control group is outside the control of the investigator. of Inappropriate Comments in a Public Space," in the August 1995 issue of The American Journal of Medicine, summarized 259 elevator rides where there was conversation concerning patients resulting in 39 inappropriate comments by health care professionals (13.9 percent of the total), and 18 violations of patient confidentiality.(4) The authors describe the results as "morally problematic." Orwellian prediction - the outcome database Not only have the pragmatics pragmatics In linguistics and philosophy, the study of the use of natural language in communication; more generally, the study of the relations between languages and their users. of modern medical practice adversely impacted patient privacy, but there are an increasing number of entities that actively seek the contents of medical records, as this information is considered to have a pecuniary Monetary; relating to money; financial; consisting of money or that which can be valued in money. pecuniary adj. relating to money, as in "pecuniary loss. value by many commercial enterprises. Outcomes-based research relying upon large databases of patient records to quantify treatment outcomes and make managing care economically feasible, has multiplied requests for broad-based patient information. Potential clients include health maintenance organizations, various health care networks, insurers, pharmaceutical companies, medical equipment firms, research enterprises, as well as employers, detectives, information brokers, and even political campaign managers.(5) These parties may use many strategies, both legal and illegal, to obtain information from those having access to records.(6) Traditionally, internal quality assurance reviews of hospital charts and peer review sessions have been protected under a number of states' quality review statutes that shield such records from discovery.(7) However, as governmental agencies and payers have sought to validate quality and reduce the variability and cost of care, health care providers increasingly must consent to voluntarily provide access to patient records for analyses. Courts have ruled that patient rights to confidentiality do not extend to data collected by government. For seven years, the Years, The the seven decades of Eleanor Pargiter’s life. [Br. Lit.: Benét, 1109] See : Time New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of State Department of Health has collected data to assess the quality of care provided to patients undergoing coronary bypass coronary bypass Surgical treatment for coronary heart disease to relieve angina pectoris and prevent heart attacks. It became widely used in the 1960s. One or more blood vessels—usually an artery in the chest or a vein from the leg—are transplanted to create grafting and, for five years, this data has been publicly available. In 1990, the Department made public the 1989 data based upon crude, expected, and risk-adjusted mortality rates, as well as the volume of procedures performed at each hospital.(8) A Long Island, New York, newspaper, Newsday, sued under the state's Freedom of Information Law to gain access to physician-specific data on mortality. Although resisted by the Department of Health, which questioned whether the low volume of operations per surgeon distorted results, the New York Supreme Court For the highest appellate court in New York, see . The Supreme Court of the State of New York is New York State's highest trial court, and is of general jurisdiction. There is a supreme court in each of New York State's 62 counties, although some of the smaller counties share upheld the newspaper's right to print physician-specific results collected on cardiac surgery Cardiac surgery is surgery on the heart and/or great vessels performed by a cardiac surgeon. Frequently, it is done to treat complications of ischemic heart disease (for example, coronary artery bypass grafting), correct congenital heart disease, or treat valvular heart disease outcomes.(9) Does the public have a right to obtain flawed data? And if so, why? A fad? In 1991, the Institute of Medicine (IOM IOM See: Index and Option Market ) released its report, "The Computer-Based Patient Record computer-based patient record Electronic medical record Health informatics A 'personal health library' providing access to all resources on a Pt's health history and insurance information : An Essential Technology for Health Care." It supported adopting the CPR as the standard of medical practice in the U.S., and described it as a continuous chronological history of a patient's medical care linked to various aids for users, such as reminders and alerts to clinicians and clinical decision-making systems. Subsequently, the IOM report led to the creation of the Computer-Based Patient Record Institute, an advocacy group supported by health care organizations, as well as computer and data processing data processing or information processing, operations (e.g., handling, merging, sorting, and computing) performed upon data in accordance with strictly defined procedures, such as recording and summarizing the financial transactions of a firms and professional groups.(10) Another report by an IOM panel, "Health Data in the Information Age: Use, Disclosure and Privacy," was prepared in 1994 and recommended a series of steps health database organizations (HDO HDO High Density Overlay (phenolic resin-impregnated plywood used in concrete forms) HDO Hearing Designation Order (FCC proceedings) HDO Humanitarian Demining Operation HDO High Demand Occupation ) should implement to guard patient confidentiality and minimize misuse of the data. These include: * Providers identified in reports should have the opportunity to review and analyze data prior to release and HDOs should publicly acknowledge responsible changes to their findings. * Federal legislation to protect patient confidentiality and privacy rights, impose penalties for violations, and provide for government enforcement should be enacted. * HDOs should formulate and enforce policies about data acquisition and dissemination and should only release non person-identifiable data under very specific circumstances. * Employers should not be allowed to require access to a person's data from an HDO as a condition of employment or receiving benefits.(11) For those involved in collecting outcomes-based research, the strict definitions of privacy need to be redefined. Robert Brook, MD, RAND's Director of Health Sciences, contends that there will be a new health care paradigm where patients will willingly forfeit a certain amount of their privacy in order to permit data collection that ultimately provides information to improve the quality and cost of patient care.(12) The pragmatics of modern medicine may simply be too overwhelming to allow otherwise. Lawrence O. Gostin Lawrence Oglethorpe Gostin is an American law professor who specializes in public health law. He is best known as the author of the Model State Emergency Health Powers Act and as a prolific contributor to journals on medicine and law. He received his B.A. , JD, of the Georgetown University Georgetown University, in the Georgetown section of Washington, D.C.; Jesuit; coeducational; founded 1789 by John Carroll, chartered 1815, inc. 1844. Its law and medical schools are noteworthy, and its archives are especially rich in letters and manuscripts by and School of Law, who participated in a major effort to assess privacy and security of personal information under a reformed health care system, originally favored a more traditional definition of confidentiality. In 1993, he suggested that electronic databases should provide an "adequate measure of respect" for privacy and autonomy of the individual, consistent with societal needs for an efficient, effective health care system. He concluded that individuals should be afforded the right to know about, and to approve, the uses of their data.(13) This would be accomplished through the patient's informed consent - one that is a truly voluntary choice and permits disclosure under specific conditions. More recently, in an extensive overview of privacy and computerized records, Gostin acknowledged the need for a national health information policy that encourages collecting vast amounts of electronic health care data balanced against creating uniform rules for handling this data. He admitted that the human burdens in terms of loss of privacy are far from trivial issues, but noted that the national health care system's need to measure data justifies the "diminution in privacy against collective expectations of considerable benefit" that will ultimately result.(14) Heightened awareness to unauthorized access Perhaps because of a cross-pollination from the security-sensitive software industry, many health care organizations implementing the CPR have a heightened awareness about protecting unauthorized system access and assuring patient health information confidentiality. From a technical perspective, there are numerous, specific security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security that can be built into systems to short circuit both intentional and unintentional breaches to database security. For example, authenticating access by passwords, automatic request of identification numbers, and journaling of all accesses every day can provide security for networks.(15) Encrypting data and restricting information to those who truly need it to perform their assigned duties are other means to assure database integrity.(16) In addition, personal identifiers, database trap doors being closed by programmers, tagging sensitive data elements, and limiting access via physician use of a key and a password are generally adopted system protections.(17) Another means to control access by modem is for the system to receive the call and password and then phone back the accessing number after verification. Audit trails enabling lists of those who access system and strict separation of patient name and other identifiers from the data are also critical in retaining confidentiality and patient privacy. The computer-based patient record facilitates information sharing See data conferencing. on a wide scale. Whereas before, information was shared within an institution without patient awareness on an implied "need to know" basis, the new environment of health care has moved from the privacy of the medical office into newly merged health care networks and integrated delivery systems integrated delivery system Integrated provider Medical practice A coordinated health care system formed by physician groups and hospitals which ↑ efficiency and ↓ redundancy in providing health care; IDSs coordinate delivery of a broad range of health that utilize computers and CPRs as tools across geographically disparate facilities.(18) Furthermore, as envisioned by the Institute of Medicine, the CPR would be seen by a wider group of parties and contain more data than the traditional medical record, such as assessments of patient's physical functioning, emotional and mental well-being, cognitive functioning, and health perceptions.(19) In addition to controls on hardware, software, and network databases, corporate institutions need to implement specific policies to govern accessing health care data. The Council on Scientific Affairs classifies patient records as primary records used by professionals, while providing health care services, or secondary records derived from the primary records for nonclinical users. To protect patient confidentiality, access for primary records would be restricted for some users and, in turn, prevent inclusion of sensitive data in secondary records. Incorporating this concept into computer-based records systems would enable management of care without compromising privacy.(20) Another approach is to assure that specific requirements for how data will be taken and used be written into contracts when institutions permit outcomes researchers or statewide initiatives to gather database information. For example, 46 Minnesota hospitals are contributing data to the Minnesota Clinical Comparison and Assessment Project (MCCAP MCCAP Managed Care Consumer Assistance Program McCAP McLennan County Collaborative Abstinence Project (Waco, Texas) MCCAP Maritime CIS Contingency Assets Pool ), a statewide outcomes program sponsored by Health Care Education and Research Foundation of St. Paul St. Paul as a missionary he fearlessly confronts the “perils of waters, of robbers, in the city, in the wilderness.” [N.T.: II Cor. 11:26] See : Bravery . MCCAP developed licensing agreements with all 46 hospitals detailing precisely for which purposes the data could and would be used. MCCAP sought trade secret status for the database, making it more difficult for data to be subpoenaed in a lawsuit.(21) Established research organizations, like RAND, have well-developed guidelines to safeguard both the patient's privacy and the proprietary information that might be gathered by operating within in a health care organization. In addition, RAND has a Privacy Resource Office to assure that safeguard guidelines and client requirements are maintained during a project. Medical Records Confidentiality Act of 1995 Because it impacts interstate commerce interstate commerce In the U.S., any commercial transaction or traffic that crosses state boundaries or that involves more than one state. Government regulation of interstate commerce is founded on the commerce clause of the Constitution (Article I, section 8), which , the federal government has jurisdiction to regulate the field.(22) A congressional effort was introduced in the Fall of 1995 - the Medical Records Confident Act of 1995 (S. 1360). The bill is an attempt to address the loss of patient confidentiality with CPRs and the issue of personal privacy with respect to medical records and health care-related information for a uniform national policy. Sponsored by Senator's Robert F. Bennett There are multiple men named Robert F. Bennett, among them:
For others named Robert Bennett see Robert Bennett (disambiguation) (R-Utah) and Patrick J. Leahy (D-Vermont), it has divided the health care community in terms of whether the act goes far enough to protect patient-identifiable information. The bill contains the following: * Creates procedures for individuals to examine, copy, and correct errors in their medical records. * Designates persons or entities with access to identifiable information as "health information trustees health information trustee Health information A party designated by the Bennett-Leahy bill that would be allowed access to a person's personal and privileged–private medical information. " and delineates circumstances under which such information can be released both with and without patient authorization. * Permits "health information trustees" to disclose protected health information protected health information Health informatics Any individually identifiable health informatlon that is used or circulated by an entity that falls under the governance of HIPAA; the privacy regulations mandate safeguards for protected health information, and the to public health authorities and to health researchers if the research is approved by certified Institutional Review Boards (IRBs) or, in the case of research outside health care and academic institutions, meets requirements for approved IRBs for research. * Establishes a federal certification for health information services See Information Systems. (institutions that receive identifiable health information and create non-identifiable data for approved uses), which must meet requirements to protect identifiable information. * Provides civil and criminal penalties as high as $500,000 and 10 years imprisonment Imprisonment See also Isolation. Alcatraz Island former federal maximum security penitentiary, near San Francisco; “escapeproof.” [Am. Hist.: Flexner, 218] Altmark, the German prison ship in World War II. [Br. Hist. for wrongful disclosure of protected information. * Preempts most state laws pertaining t medical records.(23,24) In hearings before the Senate Labor and Human Resources Committee on the bill, Don E. Detmer, MD, of the University of Virginia, noted that this bill would create a national standard for medical records and their use, where only a "patchwork of largely inadequate, uncoordinated un·co·or·di·nat·ed adj. 1. Lacking physical or mental coordination. 2. Lacking planning, method, or organization. un , and sometimes contradictory state laws" now exists.(25) In fact, as Aimee Berenson, legislative counsel for the AIDS Action Council stated before the same committee, only 34 states have any level of privacy protection, and 14 of these have privacy provisions under various state statutes enforced by a plethora of different institutions ranging from corporations to hospitals to insurance commissioners.(26) Although originally 13 health care organizations signed a letter to the Senate supporting the bill, several are now objecting to exemptions to transmit patient-identifiable data and to the potential for fostering large medical databases disseminating identifiable health information. Two signing organizations, the Bazelon Center for Mental Health Care and the New York Public Interest Group, now indicate the bill is flawed. Among other opponents are the Center for Study of Responsive Law, an organization associated with Ralph Nader, the Public Citizen Group, and the American Psychiatric Association The American Psychiatric Association (APA) is the main professional organization of psychiatrists and trainee psychiatrists in the United States, and the most influential world-wide. Its some 148,000 members are mainly American but some are international. .(27) Conclusion There is a growing recognition for the need to pool data and for governmental involvement to regulate that process. The need to quantify the quality and validity of health care outcomes has made this a national imperative. However, concern for individual rights, privacy, and confidentiality implied in the delivery of health care is challenging the very existence of data banks. The ability to use pooled data for outcomes research will allow medicine to become a truly scientific healing art, freed from treatments justified only by tradition. No longer will we radiate ra·di·ate v. 1. To spread out in all directions from a center. 2. To emit or be emitted as radiation. ra the thymus thymus Pyramid-shaped lymphoid organ (see lymphoid tissue) between the breastbone and the heart. Starting at puberty, it shrinks slowly. It has no lymphatic vessels draining into it and does not filter lymph; instead, stem cells in its outer cortex develop into because it looks "too big" or forego a trial of labor in a woman simply because she has previously had a Cesarean cesarean /ce·sar·e·an/ (se-zar´e-an) see under section. ce·sar·e·an or cae·sar·e·an or cae·sar·i·an or ce·sar·i·an adj. Of or relating to a cesarean section. delivery and we were taught "Once a Cesarean, always a Cesarean."(28) We can find the best practices and use that knowledge to provide the best care possible for our populace. And to do all this, we need modern information systems - the CPR. In the end, it may be necessary to re-invent the definition of confidentiality in the context of today's physician/ patient relationship. As the "elevator study" reveals, there are daily breaches by professionals whose careless comments leaked patient-identifiable information in a public place. Such lapses indicate the need for ongoing educational sessions to address their cause and to re-enforce core professional precepts. Medicine's newest "magic bullet (jargon) magic bullet - (Or "silver bullet" from vampire legends) A term widely used in software engineering for a supposed quick, simple cure for some problem. E.g. "There's no silver bullet for this problem". " - the computerized patient record - has the capability to be the sentry guarding the confidential record. Ironically, with all the attention being paid to the CPR in terms of establishing adequate protection for patients, computerization of patient records may well improve what has too often become a poorly protected right - the right of a person to simply be left alone. References [1.] Hippocratic Oath: "Whatever, in connection with my professional practice ... I see or hear, in the life of men, which ought not to be spoken of abroad, I will not divulge, as reckoning that all such should be kept secret." [2.] In Tarasoff v. Regents of the University of California Tarasoff v. Regents of the University of California, 17 Cal. 3d 425, 551 P.2d 334, 131 Cal. Rptr. 14 (Cal. 1976), was a case in which the Supreme Court of California held that mental health professionals have a duty to protect individuals who are being threatened with bodily , 131 Cal. Rptr. 14 (1976), the court held a psychiatrist liable for fading to warn a woman that her former boyfriend, his patient, was planning to kill her. The physician learned of the threat during therapy, and believed he was duty bound by the therapist-patient relationship not to divulge this fact. "The protective privilege ends where the public peril begins." [3.] California Evidence Code S 994. [4.] Ubel, PA, Zell, MM, Miller, DJ, et al. Elevator talk: observational study of inappropriate comments in a public space. Amer Jour Med, August 1995;99(2):190-194. [5.] Woodward, B. Sounding board: die computer-based patient record and confidentiality. NEJM NEJM New England Journal of Medicine . November 23 1995;333(21):1419-1422. [6.] Ibid, 1420. [7.] California Evidence Code [sections]1156 et. seq. The written rercords of a quality assurance committee shall not be admitted into evidence in any action or before any administrative body, agency, or person. [8.] Chassin, MR, Hannan, EL, and DeBuono, BA Benefits and hazards of reporting medical outcomes publicly. NEJM. February 8 1996;334(6):394-398. [9.] Ibid, 395. [10.] Woodward B , Op, Cit., 1419. [11.] Darby, M. Data: IOM panel urges strong measures to protect privacy of patient data. Report on Medical Guidelines & outcomes Research. February 10, 1994:6-8. [12.] Ibid., 8. [13.] Gostin, L.O., Turek-Brezina, J., Powers, M., Kozloff, R., et al. Law and medicine: privacy and security of personal information in a new health care system. (From the American Society of Law, Medicine, and Ethics and the President's Task Force on national health care reform). JAMA JAMA abbr. Journal of the American Medical Association . November 24, 1993; 270(20):2487-2493. [14.] Gostin, LO. Health information privacy. Cornell Law Review The Cornell Law Review is the flagship legal journal of Cornell Law School. Originally published in 1915 as the Cornell Law Quarterly, the journal features scholarship in all fields of law. . March 1995;80:451-528. [15.] Roger, FH. Security threats and trends in society. Medical Informatics medical informatics, n the field of information science concerned with the analysis and dissemination of medical data through the application of computers to various aspects of health care and medicine. . 1989; 14(3):219-225. [16.] Ibid, 223. [17.] Lincoln, TL. Editorial commentary: Privacy: a real-world problem with fuzzy boundaries. Methods of Information in Medicine. 1993;32(2):104-107. [18.] Woodward, Op. Cit., 1420. [19.] ibid. [20.] Users and uses of patient records: report of the Council on Scientific Affairs, American Medical Association American Medical Association (AMA), professional physicians' organization (founded 1847). Its goals are to protect the interests of American physicians, advance public health, and support the growth of medical science. . Arch Fam Med. June 1993;2(6):678-81. [21.] Koska, MT. Outcomes research: hospitals face confidentiality concerns. Hospitals. January 5, 1992; 66(l):32-34. [22.] Article 1, Section 8, U.S. Constitution. "The Congress shall have the power ... to regulate Commerce with foreign Nations and among the several states." [23.] Goedert, J. Medical records privacy bill provokes an intense debate. Health Data Management. January 1996;4(i):6 and 8. [24.] S. 1360, A bill to ensure personal privacy with respect to medical records and health care-related information, and for other purposes. 104th Congress, 1st session. October 24 1995:145. [25.] Testimony: Hearing on S. 1360, The Medical Records Confidentiality Act of 1995. Senate Labor and Human Resources Committee. [26.] Ibid. [27.] Goedert, Op. Cit., 6. [28.] Cragin EB. "Conservativism in Obstetrics". NY Med Jour 1916;104:1-3. While this may have been appropriate in 1916, this concept continued well past the time when medical advancement rendered it incorrect. Key Concepts: Patient Confidentiality/ Computerized Patient Records/Patient Privacy/Quantifying Health Outcomes The handwritten hand·write tr.v. hand·wrote , hand·writ·ten , hand·writ·ing, hand·writes To write by hand. [Back-formation from handwritten.] Adj. 1. medical record has been the method of choice for documenting health care data since the last millennium. Given this successful tenure, it would be natural to greet any new information system that purports to be an advancement with skepticism. Morever, physicians as a group are hardly progressive. Yet health care is taking a giant leap and is finally accepting computerization. The advantages and drawbaks of computerized information systems have long been thoroughly tested in such diverse industries as the military, banking, and the airlines. It is difficult to imagine any of these industries in their modern form without an advanced information system. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion