Tuesday, July 05, 2011

In Electronic Health Information, Who Decides Which Info is "Sensitive"?

I participate in a committee that establishes policies for our state's health information exchange (HIE). The HIE is the electronic infrastructure that permits hospitals, physician groups, labs, imaging companies, pharmacies, and others to share information about patients. The idea behind the sharing is to make it easier for your primary care doctor to share your health data (ideally, with your permission) with your cardiologist and your dermatologist. The potential benefits to this sharing include:
  • quicker exchange of information than with faxing or mailing
  • less likely for papers to get misfiled or lost (eg, think Hurricane Katrina)
  • better tracking of who accessed what information
  • less duplication of tests ("I know you had a CAT scan at the other hospital last week but I can't wait for the results to be sent to me so I'm getting another one.")
  • improved coordination of care
  • fewer medical errors due to more information available
  • decreased liability due to sharing of important information with other providers
The potential risks include:
  • decreased privacy due to potential for data breach, identity theft
  • loss of data due to technical problems (viruses, hardware failure, etc)
  • failure to secure data due to inadequate authentication, authorization, encryption, etc
  • more errors in health record due to automated data collection processes
  • increased liability due to sharing of sensitive information with other providers
I wanted to talk briefly about this notion of "sensitive health information." Our committee has spent many hours discussing what this might mean and how to define it. One view is that all health information should be treated as "sensitive," while another is that only certain categories of health information, such as mental illness, substance abuse, HIV status, domestic violence, abortion history, and genetic data, should be treated with additional safeguards against inadvertent access or disclosure. This latter viewpoint promotes the stigma about mental illness that we have been trying to erase.  It wasn't so long ago that epilepsy and cancer might have been on this list. My viewpoint is that patients should be the one to decide which elements of their health information should be treated with extra precautions and which should be considered routine.

This was ultimately agreed upon by the other committee members, but it still didn't help us much because the technology for patients to review their health information and mark which bits should be tagged as sensitive is not yet built into nearly any of the electronic health record products or the HIE systems. There is no standard for doing so nor is there even any agreement about how or whether it should be done. Groups like healthdatarights.org and speakflower.org have promoted these ideals, but we are not much closer to achieving them.

Anyway, I discussed this topic in my Shrink Rap News blog post this week over on Clinical Psychiatry News. Read more about it over there. If you are a psychiatrist, log in or register on CPN and join the discussion (my mistake -- other professionals and also consumers are allowed to register over there).


Awake and Dreaming said...

If all my doctors had information about all my meds I'd be happy. Psych meds and all. Even happier if I could go to the emergency room, give them my health card number (canada, so everyone has one) and they could pull up my meds, conditions, allergies, medical history etc... Even better if the paramedics could do it on their laptops (yes, our paramedics have laptops...) I'm all about that. Why do I care if my dermatologist knows I'm depressed, heck my dentist and my eye doctor all know what meds I'm on. I would love love love it if my naturopath could get in on the sharing too. I wind up having to get my doctor to fax me things so I can fax them to her.

Maybe I just don't understand the privacy concern though. I guess I just sort of trust doctors to use their discretion about what information they need and when they need it. They don't have time to read up on all my info and then use it against me!

aek said...

I've been on the admin side, the provider side and the patient side, and here are my two top concerns:

Inappropriate access and use of all data: demographics, payer info, diagnoses, txs - the works. Everything from identity theft to providers accessing patient info for entertainment to employers and insurers using it to deny employment, terminate high $ or people w/ stigmatizing dx to denying insurance. Until patients can't be harmed by having all of the data electronically and immediately accessible (and it's not transparent - patients cannot tell who has accessed data and for what purposes), I fear that system-based ehr's shouldn't be rolled out.

An example of
protected mental health info" having more restrictions leads to providers who don't have access to query patients why not. So that becomes a flag for something stigmatizing and now the word's out about what that probably is given the patient's age, sex and other hx.

My other beef is that when errors are introduced into the record, they tend to get amplified and remain permanent fixtures. I'm starting to think that no data should be permanently entered until reviewed and signed off by the patient. And what a nightmare, given extant patient health literacy levels.

EHRs are not ready for prime time at all. You have my sympathy, Roy.
(Your dog is a handsome wee beastie)

Anonymous said...

As long as patients can choose what information is shared (or not shared), I don't have a problem with it. Personally, I am relieved that my psych history from years ago remains separate from my medical record, and I was able to leave it far behind. Being able to move away and start fresh elsewhere, choosing what I shared with my new PCP was very freeing. I fear that with an electronic medical record, I would not have been able to do that. If my psych history had followed me, it would make me less likely to see a PCP because I would constantly be worried about what they thought and if they would take my concerns seriously.


Anonymous said...

I work in IT for a hospital system that is progressive about its EMR (electronic medical record) system. I'm also a patient who mostly sees doctors within the same system. My personal EMR has doctor notes from my PCP back to 1997 and labs before then.

Our system uses different databases to save psych data and occupational health data. If a user doesnt have access to those databases then the documents simply do not show in the patients EMR for them.

Only in the past few years have we started giving patients access to their own charts online. The system is mostly for allowing patients to message their docs office (far more secure than email and is saved to the patient chart) pay bills and view SOME lab values and radiology reports.

I've seen the negative results of having an EMR in my own patient chart - templates allow docs to put CYA info in automatically without them having actually said or done it (my sleep doc is a frequent offender with the line "advised to not drive while tired" repeated in every note done by the clinic but other than my first evaluation visit that advise has not been repeated directly to me again)

What I've also noticed is that despite the volumes of notes available in my chart I have encountered docs who dont even bother to read their own previous notes in my chart before a visit.

As far as the concern about who uses the data or can access it. We are a hospital with a large number of employees who also use our clinics for their own care. Our EMR tracks the name/time/type of information viewed by all users of the system. We also live in a large enough city that our hospital does have some celebrity patients. Inappropriate release of medical data is a big deal to us. Our EMR can be set to flag all access to a specific chart. We audit our employees charts at a more frequent rate to catch (and discourage) inappropriate access. A boss or coworker who thinks its okay to check the chart of another employee without written documented permission and or being involved in direct care of the employee will be disciplined and likely fired

I dont see a large interest in allowing our patients any control over their charts (corrections are still an in person process) I can only imaginr the administration of such a process would be a nightmare (its difficult enough to help patients (and employees) simply remember a password to login)

Plus I can see how it could hurt us. A patient decides(or mistakenly) to "hide" a class of results or notes related to their blood pressure or that gastric bypass surgery they had five years ago and their current doc makes a bad choice on limited data. Its one thing for a patient to not bring in chart copies or to not tell a doc and its another to have the data belong to our hospital system and the doc be blocked from it.

We should keep in mind the age/capability of our patient population. Think about how hard it was to teach grandma to use email, how will it be to try to get her to understand her online EMR data. If she isnt computer savvy enough to log in and mark data as "sensitive" doesnt that make the system discriminate against her?

rob lindeman said...

Two chestnuts come to mind:

1) When you've got a hammer, everything looks like a nail. We have a network of computers: let's share health records on them! That's got to be good, right?

I weep for the days when docs used to actually talk to each other. The solution to fragmentation is not file-sharing, it's de-fragmentation (what used to be called picking up the phone and calling the doc)

2) Garbage in, garbage out. Anyone who has ever used an electronic health record knows that the info is only as good as the user(s) doing the data input. In my bitter experience, the quality of the inputs varies from so-so to execrable. And you want to share that s*** on a network? No thanks!

wv = wirra (anamatopoeia) the sound a frisbee immediately before and after striking one in the face.

aek said...

IT Anon (Would you please choose a username? I get so confoosed!;))
I really appreciate the detail in your comment, and I endorse it all, with one exception. Who "owns" the patient data?

I work under the premise that the patient owns it, and thus, has the ultimate authority (but certainly not autonomy) in its use. Isn't that why patients are required to sign release agreements?

While systems, such as yours, are on top of these issues, the majority of hospitals, nursing homes and other provider organizations are not.

And to give you and Roy new wrinkles, how about considering how visuals and graphics are going to be incorporated into records. Cell/smart phone photos and videos are already being used in diagnostics and journal articles. How are these types of records going to be managed? Physicians and nurses have been sanctioned for taking photos of patients and posting them on the web - Facebook, MySpace and personal blogs have all been hosts to unwitting identifiable patient photographs.

Isn't it a patient's right (if irresponsibility) to not share data with providers? Anonymous one had a good point that she was relieved that his/her mental health info was not available to non mental health providers. I've seen records riddled with notations that patient complaints, signs and symtoms were attributed without supporting evidence to psych issues and from that point on were ignored. There is a huge mortality discrepancy between people w/ dx mental illnesses and those without. Without research to demonstrate that care is not affected when non MH providers are aware of MH dx, caution may well be warranted, and patients should (in my view) be able to control what get shared and with whom, because that may well be a critical strategy in accessing minimal standards of care and practice for themselves, sorry to say.

Thanks for providing so much food for thought in your comments, Anon 1 and IT Anon.

ShrinkRappers: what is the commenting policy for # comments to a post? I also worry about being a thread-jacker....

rob lindeman said...


Can you provide citations for the mortality discrepancy, MH vs. non-MH?

If the discrepancy is real, the problem could be framed as yet another justification for separating mental and biological illness.

A conceptual separation is more likely to reduce a putative mortality discrepancy, and do so faster, than de-stigmatization of MI.

Dinah said...

aeK: the only "policy" is 'Pretend you're sitting in our living room.'

I have also seen the wrong information added to Electronic records. I was told that I needed to update the patient's medication in the computer with every visit---all of their medications, based on what the patient tells me they are taking. I flatly refused-- I will only update those medications which I am prescribing. If a patient comes and taking something and they have the name or the dose wrong, I don't want to be responsible for putting the wrong medicine in the computer. And I've seen other docs write notes where the doses or the medications were just wrong-- Risperdal becomes Remeron, and I assure you I've never prescribed 5 mg of Klonopin (I do believe that was 0.5mg). Xanax, Zantac, what difference does it make?

Roy said...

long anon: re grandma, it depends how this is setup. If the default is that nothing is sensitive (which is the default that most current HIEs choose), than your description is correct. However, if the default is that everything is sensitive, then those who desire and are able to can flag data types (eg, all serum chemistries except for psychoactive drug levels) as routine. Trust me, there are many e-patients out there who want to have more control, as well as more utility, from their medical information.

Rob: GIGO is definitely the rule with these things. Well, that is the case on paper, as well, though paper records arguably have a more potentially limited impact. And electronic exchange is a method, not a destination. It's all in how it is used, right? Recent paper in JAMIA found that electronic prescriptions contain same level of errors as paper ones. So, adding electrons is not a panacea. Picking up the phone is real-time electronic exchange, though I only get the person I want at the time about a third of the time.

Roy said...

Rob, policy discussions on the +MH vs -MH mortality data started in 2006 after a study showed shocking premature death rates in folks with chronic severe mental illness. Part of it was due to risk factors (eg, smoking) and part due to inadequate integration of physical and mental health.
So, the policy analysis has moved to improved integration of care, not greater separation. Thus the accelerated antistigma focus.

rob lindeman said...

Thanks, Roy, but this is a news item. I was looking for primary source material.

Maggie said...

I have the same concern aek does; that proliferating the digital records will amplify any misdiagnoses. Rob has a good point on the "garbage in, garbage out" line.
If, at some point in the future, specific drugs were no longer stigmatized (which, if you think about it, is pretty crazy to begin with, given how much is prescribed off-label) then sharing information about current medications and past drug reactions would be reasonable.

Not that data security isn't an issue, but somehow for mental health issues, that possibility bothers me less than the problem of the probability of "garbage in."

I'm tempted to say that nothing should be added without approval from the patient, but that could end up being problematic too. I can easily imagine a doctor deciding that the patient is just being "difficult" because they don't want something in particular on an electronic record.

aek said...

Dinah, I appreciate your concern about patient reported info being transcribed into the record as physician ordered or sanctioned. As a patient, I have repeatedly reported the vitamin and mineral supplements I take (which I selected after maintaining a detailed food analysis journal for several months). No physician has entered that into my record for the reason you proffered. Yet, patients are instructed to report all meds/supplements taken: OTC and prescription. I ended up using the Drugs.com website which allows me to self enter everything - and it performs an interaction and caution analysis, to boot. I print copies for my providers and myself because none of it interfaces with the ehr or my patient portal info. I can't even email it to my doc using a secure website.

What's more, the cut and paste feature of ehr's promotes the amplification of errors. Unless you're willing to read a patient's record from the beginning forward, it's nigh unto impossible to detect when, where and to what extent errors appear and become taken as factual. It seems that HPI, ROS, med lists and treatment plans are the biggest areas of concern. And are they ever of concern!

Anonymous said...

5 years ago, I switched PCPs after a long period of not going for care. The initial visit came about a month after a discharge from a psychiatric hospitalization. On my intake questionnaire for the PCP, I filled in the list of the meds I was taking and active and past diagnoses, etc. When the PCP came into the exam room, he suddenly had information that the Emergency Room had arranged to have me committed for 72 hours at the psych hospital. He just kept harping on it and asking me a bunch of questions. I felt ambushed. It was obvious he got into the Hospital (the one with the ER) computer and saw 4 hours' worth of my treatment (without the follow-up). I had listed my diagnosis, so we could've talked about the issue from that staring point, but he logged into the records and thereby thought he "knew everything." It was offputting, I guess because I didn't control the data.

moviedoc said...

One reason GIGO has less impact in paper charts is that few docs will take the time to wade thru hundreds of pages of old records AT ALL.

In examining the idea of allowing patients to decide, bit by bit, which info gets shared with which other provider, I hope someone considered the critical factor of knowing whether or not the record is complete. One of the greatest dangers is a physician acting on info she believes to be complete which is incomplete. For example, an alcoholic treated with naltrexone who does not allow access. If the ER doc tries to use morphine there will be increased risk that the pt will suffer. There must be a flag that says the patient has omitted info. Then other providers can try to guess what was omitted or try to get it from patient (whom may not be able to communicate or recall) and significant others.

rob lindeman said...

Thanks for the cite, aek

Sunny CA said...

I like the idea of doctors sharing with my other doctors. I also like the idea of having online access to my own chart so I could read test results myself, but I am not sure it is worth it given the possible inhanced access to the records by employers and insurers.

Allowing patients access to their own results might have prevented the following medical errors. (1) I was interested in results of a thyroid test my gyn ordered and called the office and was told "your results were normal". When I pushed for the numerical result it was discovered that the doctor in her zeal to add additional testing to the blood work, forgot to order the thyroid test. When it was actually tested it show hypothyroid condition. (2) My grandmother fell and was taken to the hospital where her thigh and hip were x-rayed. Her doctor released her a few days later, and my parents treated her as a malingerer when she pleaded that she could not stand and could not live on her own. She stayed a few weeks with my parents then was forced to live on her own again accompanied by much complaining about pain. Several years later, when that doctor retired my sister transported grandma's file and read it before delivery to the new doctor. She found a hospital radiology report after the fall that showed a bone break (I do not recall if it was the hip or thigh bone). It is possible that with electronic records neither of these physician (and their staff) errors would have been made.

My personal reasons to be against shared records is that I don't want my insurer and employer to have full electronic access. I was self-employed and self-insured for over 25 years and when I was hired fulltime last August I maintained my former insurance and left blank the request by the new insurance for the name, policy number and permission to contact my former insurer. I did this so I would not risk my new employer seeing my mental health record.

It is possible that insurers or employers could do automated searches for certain diagnoses that might lead to the patient losing their job. It is possible that is not happening, but I think it could happen given the technology that exists.

Anonymous said...

Whoo boy. Knowing electronic records were coming down the pipe, my psychiatrist began keeping the bare minimum possible so that the e -record would not be much. My PCP is in love with e records, despite the fact that he has ] not read the notes on file from the previous doc. Not sure what great benefit they hold. No doc has yet to follow up on a major specialist finding of a few years back and I am okay with that-denial has one big advantage-it keeps anxiety at bay unitl you die. Funny to me that the only records any doc seem to care about are psych ones and those, in turn, determine how they will deal with my other legtimate health issues. Not saying this is an across the board issue. The docs I have like e-records but do not read them. The pyshciatrist does not like e-reords due to documented incidents of abuse with patients and so does a "work around". Does this really benefit me? No. I am against e-records as they stand in my jurisdiction. Ultimately, what is electronic ends up in the wrong hands. Not a fan.
I do wear a Medic Alert bracelet for the really important life or death stuff. My choice. That sums it up for me.

Anonymous said...

While I understand Moviedoc's concern, if a patient chooses to withhold information that ends up harming them then that's the patient's own fault. I don't like the idea of a flag, it's too paternalistic. We're not children.

I like my gynecology records being with my gynecologist and my psychiatric records being back with the psychiatrist. If I see a dermatologist, I'll be happy to let them know I take birth control pills but they don't need my gynecology records and they don't need psychotherapy records from 10 years ago and on and on. That's my business unless I feel it's relevant.


Roy said...

Docs should never presume that they have complete information. Or that what they do have is correct. We are constantly trying to gauge the probability of truthiness by asking for things like the original source of the data or associated elements to determine if something fits an expected pattern.

Anonymous said...

One thing I do like about an EMR is the ability to trend lab results (it appeals to the nerd in me).


moviedoc said...

Agree with Roy about presuming complete data, but the "S" word (should) gets us little but guilt, which is pretty worthless. I "should" be able to read my own handwriting. In the real world docs regularly presume data to be complete. EMR's have the potential to bring the presumption closer to reality.

jesse said...

I know little about e-records or hospital work because my practice has been outpatient-only for years, but here is my concern: Ever since Daniel Ellsberg it was clear that psychiatrists' records could end up anywhere, and so I try to keep my records from containing anything that could be compromising to my patients. I don't mean meds, but things that are, well, personal, the kind of things one tells a psychiatrist.

Is the same thing prevalent in hospital records? For instance, recording that an overdose was a suicide attempt but being quite careful about explaining the factors that precipitated it? Does that lead, eventually, to treatment being too much influenced by "treating the chart" and to psychiatrists not even being interested in hearing these precipitating events?

So do e-records contribute to check-list psychiatry?

Anonymous said...

Another problem with having a patient's psychiatric records as part of the general electronic medical record is the damage it could do to someone else's name. For example, let's say the patient makes up a lie about someone and the psychiatrist quotes the patient. "Joe Schmoe assualted me." Poor Joe Schmoe has just had his name dragged through the dirt to the dermatologist, the PCP, this doctor and that doctor without having any awareness that this has happened or opportunity to defend himself. Is that fair to Joe Schmoe? If a patient makes up a hurtful accusation and it stays in a record in the psychiatry dept there are a lot less people who will see this lie, but make it part of the general medical record and the psychiatrist has helped damage someone's name. Yikes.

wv = latess. It's getting latess, I should go to bed.


snore stop said...

Psych meds and all. Even happier if I could go to the emergency room, give them my health card number (canada, so everyone has one) and they could pull up my meds, conditions, allergies, medical history etc... Even better if the paramedics could do it on their laptops (yes, our paramedics have laptops...) I'm all about that. Why do I care if my dermatologist knows I'm depressed, heck my dentist and my eye doctor all know what meds I'm on.

jesse said...

Leslie, it doesn't even have to be a lie! "My husband is having an affair with...." It doesn't take much imagination to see what could happen, and what we do not write down may be ultimately more important than what we do.

Anonymous said...

Jesse, that's a good point and something that definitely needs to be considered I think. I can think of dozens of scenarios where there could be problems. Even if it's something that isn't harmful to another person's name and even if the patient is ok with having psych records be part of the general medical record, what needs to be remembered is the people the patient discusses did not consent to having their personal business broadcast to the lab tech and the nurses and all the other staff who may come in contact with the medical record over time.

And, not only that I just think of how long it took for me to work up enough courage and build enough trust with my therapist to confide certain traumatic events that have happened in my life. Nothing against my PCP or dermatologist who I actually like very much, it's just that I don't feel that I owe them every intimate detail about myself.