While a policy debate is ramping up in the U.S. over how much control patients should have over the transmission and sharing of their electronic healthcare records, Canada, the Netherlands and the United Kingdom are not only well ahead of the U.S. in setting privacy policies in favor of more patient control, but also in implementing systems that empower patients to restrict the flow of their informationboth in whole and in partaccording to a new report.
This is just a snapshot because things are changing on a monthly basis, particularly in the U.K and the Netherlands, said report co-author Joy Pritts, a privacy lawyer and associate professor at the Georgetown University Health Policy Institute. "They're having some very important trials on parts of their national system."
"Canada is using masking technology right now," Pritts said in a telephone interview. "In all of the provinces we identified, people can mask the information. We just looked at these three (Alberta, British Columbia and Ontario) because they were established or developing programs where the requirements were publicly available. They've been doing this in B.C. for over a decade."
"We in the U.S. like to think that we are the foundation of democracy, and you look at other countries and they give their patients a lot more choice, from a policy angle," Pritts said. "Once you've established a policy, what these other countries have chosen to do is make the technology fit the policy. In the U.K., their policy process is quite open and it has evolved over time and they've had to get back and revisit some of these things, so they are doing the policy and the technology hand-in-hand."
The 58-page report, co-authored by Kathleen Conner, a senior consultant with FOX Systems, and dated Feb. 16, was commissioned by the Substance Abuse and Mental Health Services Administration, an arm of HHS that supports and oversees drug- and alcohol-abuse treatment programs. It was released last week at the national meeting of the federally funded Health Information Security and Privacy Collaboration in Bethesda, Md.
The report comes as Robert Kolodner, M.D., interim director of the Office of the National Coordinator for Health Information Technology at HHS, has signaled that the government will require its next round of contractors working on implementations of prototypes of the national health information network to build patient control capabilities into their health-data exchange systems.
Kolodner spoke of heightened patient controls at the Healthcare Information and Management Systems Society trade show March 1 in New Orleans and again at the HISPC meeting March 5.
In Canada, the report looked at Canada Health Infoway, the federal IT support program, the Pan-Canadian Privacy Framework, and at privacy protection programs and technologies in use in three provinces.
"There are hundreds of (IT) projects in Canada that are getting funding from Canada Health Infoway and to qualify, they have to comply with the (federal) privacy and security architecture. They have to be able to prove their systems can comply with and support the local privacy laws."
For example, Alberta's Physician Office System Program helps physicians pay for an electronic medical record system that can mask data at the discrete data element level, affording patients the ability to partially opt out of the provincial data-sharing scheme. By 2008, according to the report, these IT systems also must be configured to allow patients to restrict data flows to specific providers and circumstances, such as emergency visits, and to alert the user when a new prescription order interacts with a masked record.
British Columbia's PharmaNet project allows patients to mask their entire prescription record and let only selected providers see that record by sharing a password with them. Emergency departments can break the glass and gain access to the records, however.
The Ontario Emergency Department Access to Prescription Drug History Initiative gives patients the ability to opt out completely from the data-sharing arrangement, as well as mask specific drugs at the patient's choosing.
In the U.K., the National Health Service is creating a central database for storing individual demographic data and health summaries in what it calls a Summary Care Record, which will contain links to more Detailed Care Records kept by providers. Pilots for the Summary Care Record are planned this spring. By 2008-09, the system should have widespread capabilities to restrict access to sensitive information in either record system by having it sealed, or made unavailable to providers not on the patient's healthcare team.
In the Netherlands, according to the report, patient controls will be even more "granular," a description being bandied about by some privacy and technology experts still wrestling with what to call a system that enables patients to turn on or off data flows at the level of even a single data field. In the Netherlands, according to the report:
"An individual can totally opt out of participating in the electronic exchange of their health information (in which case it is not recorded in the national registry and cannot be accessed in an emergency). They also can request their provider to conceal or mask discrete data items in their medical record. When the provider's system receives an inquiry for the masked data, the system will not return the data. When information is masked at this level, it is generally concealed from all healthcare providers other than the generating source.
"Individuals also will be able to restrict access to their data by user or category of users through specifying choices in their authorization profiles. Authorization profiles, which will be maintained in a national registry, will allow individuals more detailed choices including establishing: which providers or class of providers may access their health information; the context in which they may access (e.g., "only in emergency"); and the category of information (e.g., demographic or medical) which is accessible."
In the U.K., which is experiencing technical troubles deploying its national IT system, privacy protection has been difficult, too, according to Pritts, in a telephone interview.
"They are ending up with a nationwide database and they have a nationwide (patient) identifier, but they have national insurance, too," Pritts said. "They are the provider and the payer, but even with that, Id say all Europeans just have a different attitude toward individuals and their rights to privacy."
Pritts said in all three countries she studied, some of the pressure to build in privacy controls came from the European Privacy Directive, a broad privacy policy passed in 1995, becoming effective in 1998.
"The European Union got together and decided how they were going to deal with the collection and transfer of information," Pritts said. "The general policy in the EU is that certain types of information are given greater levels of protection and those include healthcare information. To give you a very general idea, the rule is that providers can share healthcare information for treatment under an implied consent model coupled with the individuals right to withhold information. The patient does have the right, I guess we would call it, to opt out."
"Canada drafted its federal privacy policy in compliance with the EU standard," she said. "It's been found to be in substantial compliance so that Canada can exchange data with Europe."
Pritts, a panel moderator at last week's HISPC conference, heard Kolodner pledge government support for patient controls.
"What I also heard from him is that we're not going to let the technology drive the policy, which is a very good stand to take," Pritts said. "I think there were a lot of people who were concerned with the way the technology was developingthey were getting out in front of the policy and it would be difficult to put any consent models into it later on."
What do you think? Write us with your comments at [email protected]. Please include your name, title and hometown.