Wednesday, November 02, 2011

Privacy, Please?

Anon commented on my last blog post about clinical uses for Siri on my new iPhone:
"From the details in your contacts, it knows your friends, family, boss, and coworkers. "

That was from Apple's web site, regarding Siri. If you are using Siri for clinical purposes, know that Siri tells Apple everything. Siri--usly, how do you protect patient confidentiality if Siri/Apple knows so much? Sure, paper files can be stolen, so can cell phones. E files are vulnerable to all sorts of breaches. But what would you do if your iphone 4S fell into the wrong hands with all that clinical related stuff on it? Not quite the same as asking Siri where the closest dry cleaner is.
I find it kind of interesting what people worry about.  I have hundreds of contacts in my phone.  My husband is labeled no differently than my co-workers, than my friends. than my patients.  I'm not sure what it means to have one's iPhone "fall into the wrong hands."  I live in Maryland, so I'm not sure what Apple in Cupertino would do with my information, maybe send iPhone advertisements to my contacts? 

The issue of clinical information is  something I hadn't thought about.  I downloaded an app yesterday specifically for GoogleDocs, and it imported all my documents.  We wrote our book on this, so every chapter and every revision is now accessible on my phone, not to mention my posts for Clinical Psychiatry News and an unpublished novel or two.  I downloaded the app so I would have the option to dictate patient notes.  This would leave clinical information potentially accessible via a cloud or on the phone.  I'm not sure it's all that interesting.  My notes are usually pretty boring.  But I did think that I would print them and then delete, rather than have to deal with keeping charts in order in cyberspace.

I guess I find it interesting that people worry about issues of confidentiality with total strangers in places where it's hard to imagine a use for what is likely to be pretty boring information.  On the other hand, we live in a world where electronic medical records now exist in all types of venues.  I work at a large hospital.  I can access the records of any patient seen there, and if I go to a physician there, his notes about me will go onto the EMR. At this juncture, outpatient psychiatry notes are not on the EMR, just a record of the fact of the appointment (which does say "community psychiatry," and the psychiatrists add their medications, but this will change soon, I'm sure, and psych notes may well be part of the hospital's coming new system.  The patients are not asked, and the doctors they see have access to all records without getting prior permission.  There are very specific rules about whose records a healthcare worker may look at, and people have been fired for looking at their neighbor's records, but someone has to catch you.  This means that a patient would have to ask someone with access to the system to see who had accessed their records, realize that one of those people was not someone involved with their care (Hey, that's my new boyfriend!) and then complain to the hospital and initiate some type of complaint (I think).  There is nothing inherent in the system that prevents one person from looking at the medical records of their coworkers, boss, ex-husband,  or even their doctors, aside from their own conscience and the fear of being caught (and reprimanded).  At this point, and for this reason, I have chosen not to get care at the institution where I work.  

Our state is also working on a system, called CRISP, that lifts medical records from all providers to a centralized system.  You can opt out, but you don't need to opt in: do nothing and your healthcare information goes in.  I opted out, and I got a letter telling me they would keep my information in case I changed my mind.  Wait, so presumably my doctor will be feeding my information into this cloud, without asking my permission?  I don't really know how this will work-- from the shrink standpoint-- because no one has contacted me about putting my professional records into this system, and since my records are all handwritten on hard copy charts, I don't know how this would play out. 

Somehow we've come to think that electronic medical records will mean better care.  I could be wrong, but I'm not really sure why we think that.  It seems to me that the burden this will place on the physician to attend to the devices and the demands of this type of documentation, will consume time and detract from time with the patient.  As is, I've noted it takes about 5 times as long to send an e-script as it does to write a prescription, starting with the fact that the e-system my hospital uses logs me out every 7 minutes.  I'm told this can't be modified, and I'm not aware of any doctor who sees patients faster than every 7 minutes.  Secondly,  an electronic system is only as good as the information it propagates, and I've seen lots of mistakes in the electronic medical records.  The internist notes that the patient is seen by psychiatry and takes Restoril.  Wait, my patient is taking Restoril?  I didn't know this..oh, I think he meant Risperdal.  By my calculation, the number of lives saved by electronic information that is provided when the patient can't provide it himself, will about equal the catastrophes from the propagation of incorrect information.  

So I should be worried that Apple can see my contacts?  My brother, who is an original Caltech computer geek, told me recently that since I have a webcam, it's possible that someone could hack my computer and watch me through my camera.  At first, I was alarmed at the possibility, but then I thought about this for a moment and said, "Why would someone want to watch me type?"  Nothing that exciting is happening here.  Sometimes I don't wear makeup, here and there I stick out my tongue and lick my lips, and okay, in front of the computer, when I'm writing, I kind of talk to myself.  If this might interest someone...

I seem to have my own list of things to worry about.  That someone might hunt my patient information out from the cloud just hasn't yet made my list. 


Anonymous said...

"I seem to have my own list of things to worry about. That someone might hunt my patient information out from the cloud just hasn't yet made my list."

Two thoughts -
One, I really was put off by the tone in this. I may be reading into it (I don't know your sarcastic or non voice obviously) but my immediate response was - yeah, that's because you aren't the shrink's patient. you're the shrink. It is nobody's business if I am seeing a shrink or not. That said,

Two, most people I know don't really udnerstand "the cloud" etc. Patient numbers have been programmed into phones for years and it's not a big deal. "The cloud" seems bigger somehow, in part likely because

Three, patient notes. Again, and yes, I know you've posted about patient notes before but to reiterate - the patient doens't know what goes in the notes. Maybe yours are objectively boring. Maybe what you qualify as boring is only boring to you and isn't boring to me, maybe it's personal and vulnerable and feels damaging to have it out in cyberspace. After all,

Four - why did you opt out of the CRISP system? What's the big deal, it's all boring anyway. Why is your privacy worth more then mine, or any of your patients? Why is it not strange for you to want to opt out of that, but strange that it might bother a patient? Personally, I would be just as uneasy with "medical" notes being in a CRISp, or cloud type system as I would be with "psychiatric" notes.

(I'm not the person who wrote about Siri and in fact dont' have an iphone so am not super-familiar with Siri.)

Anonymous said...

It seems that some people do think about these issues. Thinking and planning do not constitute "worrying" and both are highly recommended activities, especially if you are a health care professional.

Anonymous said...

I agree with the first Anonymous. Dinah, I find your tone offhand and insensitive. Have you considered asking your patients how THEY would feel if their information (“boring” as it may be) made its way into cyberspace? After all, it is THEIR information, not yours, that is in question here; and THEIR opinion on it, not yours, is what matters.

Anonymous said...

Information on what to do.......

when you have concerns that your health provider is not taking reasonable measures to protect your privacy as in: "I downloaded the app so I would have the option to dictate patient notes. This would leave clinical information potentially accessible via a cloud or on the phone."

Jane said...

I think it's not so much the contact info but the patient notes that would concern people. I would think that would be a lot easier to steal from a portable phone. It's not like with Daniel Ellsberg where they actually had to break into the shrink's office and hope no one could trace it to them. I wonder what would have happened had there been witnesses or a cop just happened by :/ Like Watergate only it would've been Shrink Gate.

Also, it's so portable that if you lost it someone might post a lot of that stuff to the internet just for kicks. Or if you were dictating notes outside, waiting for a bus or wherever, someone could hear you talking about the patient. All kinds of stuff could go wrong. I could see a patient being uncomfortable. Especially a high profile one like in the case of Ellsberg.

Dinah said...

Oh, my. I think I didn't make myself very clear, or I got the tone wrong, or something.

I simply (I hope) meant to say that there are a lot of issues related to electronic medical records and privacy that I think people should be worried about, and these are in action now and violations and problems do occur and these are all so-call "protected, HIPAA-compiant" entities. To me, they feel like a bigger concern than say a doctor's contact list in a cell phone going to a an anonymous entity like the Apple cloud. And I hope I imparted the idea that it's not the standard to inform patients that their information is going in to these systems.

I have not used the Googledocs to dictate patient notes yet. I won't do it at a bus-stop, or in public, I promise.

There is a tradeoff to all these worries. For one thing, if your doctor keeps contacts in their cell phone, it may mean they are actually returning your calls.

Keeping out of any cloud may be hard. If a doctor information on a computer, it may be backed up in some cloud somewhere, be it TimeMachine or Google or Carbonite or iCloud. It means if the computer crashes or the office burns down, your medical information isn't gone forever. I'm not aware of any major confidentiality issues related to this due to someone hacking in to these large entities.
If your doc pays someone else to do his billing, that person has info on you without your permission, and their computers may be backed up in a cloud.

These issues are not going to get better-- the dictates of Obamacare require medical records. I think they are expensive, require a great deal of effort, have privacy concerns and may or may not improve the quality of medical care.

Dinah said... know, the more I think about it, the more I realize that there is a reason I've resisted technology in my private practice.
I won't be using GoogleDocs for patient information, and I'm sticking with the hand-scrawled low-tech notes that stay in my file cabinet.

BTW, apparently FaceTime calls are HIPAA compliant:

Unknown said...

Storing our information in cyberspace is even more widespread than many of us realize.

We think of phone messages as private, but many are on voice over internet protocol systems, like Vonage, or even Comcast digital phone service.

Gone are the days when messages resided on actual tapes on a machine in the doctor's office.

Remember that Seinfeld where one of them tries to replace an embarrassing answering machine message?

Unknown said...
This comment has been removed by a blog administrator.
Anonymous said...

I have lots of mixed feelings about electronic medical records. Yes, certain things about them are nice - lab results showing as soon as they're available, not having to read hen scratch, etc.

But, the privacy issue is a big one and the potential for harm is a lot greater with EMR's. People say all kinds of things to psychiatrists about other people, some of it may be true some may not be but true and then there's the problem with things being misunderstood by the psychiatrist and documented. The person the patient is discussing may have no awareness that their information is being transported far and wide.

I know of one situation where a patient disclosed abuse by another mental health professional and the psychiatrist who recorded the information wrote the current therapist's name as the abuser rather than the previous therapist who had been the culprit. An honest misunderstanding by the psychiatrist, but with psychiatric records being part of this one giant medical record this meant that a therapist who had done nothing wrong had this information open to every nurse, every physician, and any other person who had access to this record. Had the psychiatric record remained in the psychiatry dept where it belongs the number of people seeing the record would have been greatly reduced and the potential damage to this therapist's name would have been minimized.

Psychiatrists who record notes in an electronic medical record that many other physicians, nurses, etc have access to need to be aware of the harm that can be caused by recording damaging info about other people the patient has discussed.

Another problem with EMR's is what happens in the hospital when the IT dept is doing maintenance or the medical record is not accessible for whatever reason. Let's say a nurse needs to give a PRN medication and the medical record is down. What do you suppose they do? They go to the pyxis and it says drug X which can be given q 4 hours was removed from the pyxis 6 hrs ago. Safe to assume the patient took the last dose 6 hrs ago? Wrong. How do they know this if there was a change in shift and they didn't administer the drug? All the nurse knows is that the drug was removed from the pyxis 6 hrs ago but doesnt know when it was actually administered. Many times a nurse will get a drug out of the pyxis to give to a patient only to find the patient left the floor for tests (or to smoke) and is gone for 2 hrs. So, they may hold on to the drug until the patient gets back and then give it if the patient still needs it and then will document administration time. Nurses need to know when the drug was last administered before giving the next dose and they can't know that if the medical record is down.

Also, the info in the pyxis may not be up to date. It may show PRN medications still being available for this patient when they're not. For example, a physician may have put in an order right before the medical record went down to d/c drug x. The nurse may not know it because the medical record is inaccessible so the patient asks for a PRN medication that the MD d/c. Is the nurse, not having access to the medical record, going to see that the drug is still available for this patient according to info in the pyxis and give it?

If you are hospitalized you need to ask your nurse what happens when the medical record goes down. What do they do about medications? How do they know when the last dose was given? Etc...

I won't even go into the nightmare of a patient being admitted and all the admission orders are in the medical record that is now unavailable for 4 hours. Hope there weren't any stat orders because stat just got delayed 4 additional hours since no one knows about the stat order.


Anonymous said...

No one can have total and perfect control over everything, uh....except Google. it used to be that only paranoid folks beloved their every move was being followed. Now, thanks to security cameras, online commerce and the credit card paper trail, the uploading of info from every charity you to which you have donated, not to mention how hackable everything is: Sony, your free email account and so on, we cannot say we have any real privacy. But, there are reasonable measures that any clinician should have in place to guard against potential,breaches in the same way that clinicians do not hand out free keys to the file room. It may be that those measures do not fully protect but one should at the least consider the potential downfall of any new technology. GoogleDocs is something I would use to collaborate with a colleague on a project. It is not a place to store patient records, even for a short time. As far as the wrong hands, no one suggested some spy agency. Think harder.

Anonymous said...

I am not a psychiatrist, but as I have become enslaved by our EMR, I do question the final purpose.

Our EMR is slowly becoming populated by "clickey's" designed to document the elements required for "meaningful use" which is determined bureaucrats. These lines include documentation of screening studies (last mammogram, pelvic, pap smear, colonoscopy), tobacco use status, flu vaccine. OK.....but I am a specialist. In many cases, those screening studies have no use for my patients. The tobacco line...yes, obtaining that history prompts counseling (which I already do), but I worry that all that info subsequently captured by the government and insurance companies under the guise of meaningful use may be used in other ways.

Call me paranoid. The doctor's progress notes USED to be a means of communication -- the doctor's own documentation regarding their assessment, and if the patient was transferred for other physicians to see the course and history. Slowly, the record morphed with demands for additional sections to justify billing. Now, under the guise of "meaningful use" with the purpose of "coordinating care" the physician is becoming a data collector. But for what purpose? We talk about privacy, but all this information is potentially sent to the government (for those on medicare/medicaid) or insurance companies. We talk about privacy but from my perspective the EMR is a means for Big Brother to have easy access.

One of the goals of EMR's is to provide easy communication, but with that comes easy loss of privacy. From my perspective, with an EMR, one can not expect privacy. As was pointed out by an earlier commenter, in a hospital setting or large group setting, notes are available to many people.

I sometimes wonder if the younger generations who have grown up living their lives displayed on Facebook don't care. I liked the concept that I could control my life and my privacy. As I see this EMR roll out, and watch things like iPhones that can track our location if we have that GPS function turned on....this really does feel like a brave new world, and I have begun to think about life "off the grid". I don't know if that is possible.

Anon 3 said...

I now see a psychiatrist in private practice (or I guess, more accurately, I'm one of his private patients), but when I first started working with him he was a resident.

The hospital has had electronic medical records for a while. Psychotherapy records were in the EMR too, but access to them was much mroe restricted.