Moderator: David Flaherty, former Privacy Commissioner of British Columbia
2. Khaled El Emam, Canada Research Chair in Electronic Health Information, University of Ottawa
3. Marc Smith, Senior Information Management Specialist, SAS
4. Lorraine Dixon, Senior Manager/Privacy Officer, Oracle Canada
5. Leroy Brower, Assistant Commissioner for Policy and Adjudication, Office of the Information and Privacy Commissioner, Province of British Columbia
Started with a vote as to who is a fan of the electronic health record, the audience was evenly split.
9 institutions at the federal level have legitimised access to your EHR.
Secondary uses of the data is big data processing for optimising health care delivery, data is released and shared, and we trust it is done responsible. The data should be anonymised or de-identified, but how do we know this is done with our data?
Mimi LePage cited an example in Ottawa of how effectively health information flowed from an MRI to the correct health practitioners from primary care to specialists.
Closer to home, an example of a cancer patient had excellent service while the attending was dealt with within the BC Cancer Agency, but information did not flow well to other health care services, so when there was a complication there was an extensive delay in response that might have been fatal. While dramatic, the point being that distributed EHR/EMR systems and practitioners not leveraging EMR/EHR create information gaps, as the assumption becomes that "everyone who needs your information will get it.".
Sensitivity of the data was discussed; this might seem obvious to those of us in health care, but some concrete examples of PHI as sensitive, biographical core information were given as stigmatised conditions, prescriptions, and other aspects of non-benign conditions. The panel debated on whether PCI or PHI was more sensitive; the consensus was that both are, and both must be respected at least equally, and the priority seems to be based on which is currently at more risk in the eyes of the individual.
Discussed ownership or control over our PHI. The Lab Info System of BC has your data if you've had a lab test, private labs like LifeLabs have their proprietary system, but this is being folded into the central system later this year. This information is no longer yours.
David asked the panel what the best defence in controlling your information is, and the response was that we must understand what is being released, and how it is protected. All your medical information is highly correlated, so hiding or encrypting one piece, such as a diagnoses, but leaving lab results, or treatment, still makes the locked information highly predictable. So the value of locking parts of the correlated data is minimal if not de-identified for secondary uses. Patients overly concerned with privacy have the right to have information not entered into EHRs, but this risks future health.
A case study of in patient teenagers on use of facebook indicated that they would not use facebook to share information about their current health as they wanted to be viewed as "normal" to their peers. These same teenagers were very conscious of facebook privacy settings as opposed to their peers, and used facebook to communicate with their health care practitioners via facebook messaging.
The concept of lockboxes in Ontario healthcare EHRs was discussed, and studies have shown that few health care providers actually have educated patients of their rights. Disclosure Directives are the BC equivalent; labs have been given posters and bulletins to share with clients, and information is available on the govt of BC website. This has had a very small uptake, and only certain health communities with stigmatised conditions have shared the information heavily. This does not apply to private data collections of private labs.
The panel was asked to weigh risks and benefits, and provide their over-all opinion of the value of EHRs.
the Canadian Health Ways motto of "knowing is better than not knowing" was cited, but importantly stressed that control over who is accessing what information and for what purposes is vital. This does give us reason to worry, and the controls and governance is critical, but governance and controls without enforcement and management/monitoring is ineffective for those who truly wish to abuse the access. It seems there is still no good answer to how do we actually police the use of these systems. You have handed this information into the trust of the public service and their private agents, and we need to ensure we hold the public sector accountable for what they do with it.
Examples of Alberta's provincial EHR failures would include the citizens not knowing about or how to mask their data, and more so, that a high percentage of the physicians are also ignorant of this. Benefits would be the provincial financial benefits of the secondary use of the data to reduce fraud, and improve service delivery.
The question came to the panel of whether they support 3rd party access (such as the RCMP or other police agencies) to EHR data for public safety purposes. The response from the panel was mixed, the primary concern against was the slippery-slope argument. This brought up the lawful access debate on federal Bill C30. It was an example of public backlash against concerns over privacy being successful. Correlating data across different health agencies or institutions could be considered for lawful disclosure, and limited to health care service works, perhaps the definition of what is health care service provision needs to be addressed. Breakdowns in social working systems were suggested as being fixed by leveraging wider access to HR data, but this seems like a knee-jerk reaction that must be considered beyond the emotional reaction for an instant fix, and elevated to finding the right solutions, governed by the right policies.
- Posted using BlogPress from my iPad
Location:13th Privacy & Security Conference