Over the past six months, there has been a growing (and certainly more visible) patient-centered movement fomented in large part by some of the health care digerati / blogerati / twitterati I know — revolving around patient control over electronic health records.
Dave DeBronkart (@ePatientDave) — not the most circumspect guy you'll ever meet — is very straightforward about it. He says: "Gimme My Damn Data." (See my earlier take, with links to his post on his Google Health experience.) Gilles Frydman (@gfry)and others were responsible for putting together the "Declaration of Health Data Rights" (the link is to my post on the subject, with links to related resources); while that title is more sedate, Gilles is an equally vocal advocate for patient control of data. In fact, he and Dave are two of the key drivers of e-patients.net and the Journal of Participatory Medicine. Mark Scrimshire (@ekivemark) — HealthCamp's "chief troublemaker," with whom I had the pleasure of organizing HealthCamp Boston earlier this year — blogged on the subject of patient control of patient data a couple days ago, as he pulled together some recent posts by Gilles and Jen McCabe (@jensmccabe) which relate to part of this past Sunday's #hcsm tweetchat with Steven Daviss (@HITshrink) and others (scroll down to 8 pm or so to read about licensing of patient data). Please follow all of these links to catch yourself up on the conversation, if you haven't been following along.
Mark suggests in his recent post that each of us should offer an emendation to the standard HIPAA Notice of Privacy Practices, directing our health care providers to upload our health data into our PHR of choice, and has called for some editing assistance.
My gut level reaction to Mark's suggestion is to agree that it makes sense and to dive into the editing. Unfortunately, making sense is not a prerequisite (and may even be an impediment) to adoption of suggestions like this.
In my post on the Declaration of Health Rights (linked to above), I wrote that one key approach to ensuring that there be more widespread sharing of data would be for participatory-medicine-minded health care providers to revise their Notices of Privacy Practices (NPPs) (as they will have to by February, thanks to the Son of HIPAA rules under the HITECH Act effective then). One reason for my suggestion that the change come from the provider side is very pragmatic. Privacy advocates have promoted a number of emendations to the standard NPP language used by health care providers, but my educated guess is that virtually all health care providers collecting signed NPPs are completely incapable of managing such "exceptions." Are they required to do so? Yes. Can we reasonably expect that they will? No. So the carefully-drafted amendments are, at best, sitting in non-digitized storage somewhere, collecting dust.
In the #hcflower conversation in the past week or so on twitter and elsewhere, prompted by a guest post and subsequent discussion on Howard Luks' (@hjluks) blog, a core of health care providers and HIT cognoscenti have begun wrestling with the technical details that would have to be working in the background to enable the instant availability of patient data to any relevant clinician or health care facility. Because of the difficulties inherent in this exercise, Mark's proposed NPP amendment addresses the existing EHR/PHR architecture; nevertheless, it seems to me that it is probably premature — even if acknowledged and honored by health care providers, the data shared would, more likely than not, be of the quality experienced by ePatientDave, leading him to exclaim "Gimme My Damn Data," and would very likely not be provided in real time (leading, of course, to the potential of excess testing and inappropriate treatment).
There are other related issues raised in the #hcsm tweetchat, but those are perhaps best reserved for another day.
So, what do you think?
- Are patients now ready to insist on having their health care providers upload their health information to PHR systems such as Google Health or Microsoft HealthVault? How can patients ensure that these data be transportable from a tethered PHR to a freestanding one if and when they change providers or insurers?
- Are PHR platforms and health care providers prepared (and equipped) to act on these requests? My working assumption is that the answer at the moment is no, since there are some technical issues to overcome. One approach to the technical issues relating to real-time queries from one provider to another's EHR is outlined here. It is unclear to me what would be involved (in time and money) in getting from here to there. (Technical congnoscenti: help me out here.)
- What other questions need to be asked and answered in order to move this further along?
David Harlow
The Harlow Group LLC
Health Care Law and Consulting
Thanks for the post, David, and for outlining areas for further definition and discussion. In answering your two questions:
#1: Are patients now ready to insist on having their health care providers upload their health information to PHR systems such as Google Health or Microsoft HealthVault? Answer: Yes. Absolutely, and the person who finds the most seamless way to do this will reap immeasurable financial and reputational rewards. See details below…
#2: Are PHR platforms and health care providers prepared (and equipped) to act on these requests? Answer: No. And that’s too bad. (See my answer to #1).
A quick reference point. In my practice as a high risk pregnancy specialist, I am often asked to evaluate patients who have had a previous stillbirth. This is a difficult situation and (of course) the first question that a patient has for the next pregnancy is; “Will I have another stillbirth?” In many cases, the answer lies in the cause of the initial stillbirth. Invariably, at the time of the initial adverse outcome, there are a large battery of tests done to determine the cause of death for the first child. Unfortunately, many patient’s do not have or know the results of these tests when they come to see a specialist like myself with their next pregnancy. A large part of my job is putting on my Sherlock Holmes cap to search through records from other hospitals. In some cases, I can call and have records in (literally) 5 minutes. In other cases, I have to fax multiple signed requisitions and then wait days or even months to get the information I have requested. In one case, I received records from a hospital in Brazil faster than I received records from across town.
This would not be the case if patient’s had access and control to their own health data.
My hope is that this bottleneck will one day become archaic. I’m hopeful that this will happen quickly due to the nature of disruption and progress in a digital age.
Consider this. There was once a time when to make a withdrawal from a bank you had to physically present yourself to *your* bank to do so. We now take for granted the ability to have immediate access to our funds from any ATM or grocery store. Any bank that did not give it’s customers access to funds immediately would (in the current setting) rapidly become obsolete.
Dave DeBonkart has popularized the phrase “Give me my damn data,” and I clearly think he is on to something. In this day and age, no one would tolerate non-realtime, non-interactive silos for their financial resources. When banks realized this, they bent over backwards to make sure that consumers had constant access to their funds.
Eventually, health care systems will realize that patients will not tolerate silos for their health information. When that happens, (soon) I see rapid development of the type of real-time access to transportable health data. The current barriers will fall only when someone realizes that the old system is inefficient and ultimately less profitable.
David, Excellent! review and recap of the recent discussions. Your 2nd bullet is where we all fall down as providers. Most are *not* prepared to receive a request from a patient to share with PHR and then actually do so. The Flower concept — just a name to attach to a set of ideas — is to create an environment that pushes developers, vendors, providers, and patients to DEMAND a simple mechanism to share the data.
I’d like to be able to click a button that causes the patient’s data to be sent to her PHR of choice. Better yet, let the patient log in and push the button, or tweak the settings, himself. It needs to be that simple. It needs to just work.
The swedish law says that all patient have the right to be able to log-in to their own journals, if computerbased. Is this the same for USA residents?
There is a general right of access; the problem is with implementation.