In the past few days, I’ve read two articles that are of particular concern to me because they raise the specter of “physician as God” when it comes to online health records or information.
The first article, by Thomas Goetz in the New York Times, discusses a web site called PatientsLikeMe.com where patients can share their own experiences, information, and find others like them. Goetz writes (my comments are italicized below):
Joe Heyman, a practicing physician in Amesbury, Mass., and the chair-elect of the A.M.A.’s board of trustees, praises the potential benefits of a tool like PatientsLikeMe for patients. He’s just uncomfortable with who’s minding the toolbox. “The idea of them is a wonderful thing,†he says. “But you know, as a physician I have a code of ethics. We have licensing boards and accreditation and all these people keeping an eye on us.†Heyman suggests that if physicians themselves aren’t sole stewards of the patient data — his first choice — then there should be some national standards or a law that covers a company like PatientsLikeMe that traffics in such data.
Why should physicians be sole stewards of these data? Are we now labelling all health information as “patient data?” The individuals who use that site may be somebody’s patient, but they are not in a doctor-patient relationship with respect to that site, and therefore, there is no justification for physicians becoming stewards of their data. Furthermore, why should there be a law or national standards covering PatientsLikeMe when there is no law that prevents pharmaceutical companies from data-mining pharmacy records and when there is no law that requires physicians and hospitals to disclose and notify affected individuals of all breaches involving their data or any mistakes that the physician has made in their care? Why should there be a higher standard of protection for patient-driven web sites than for professionals?
Heyman is also uncomfortable with how PatientsLikeMe encourages patients to take their medical information and then act on it. “Sometimes patients misunderstand what a doctor says to them,†he says, “so by the time it gets to the third or fourth party it’s like a game of telephone. It’s not as reliable as coming from the horse’s mouth.â€
So because the physician may not have been clear with one patient or was clear but the patient misunderstood anyway, we should bar patients from talking to each other or sharing what they think they know? Does the First Amendment have an exemption for health or treatment information?
Heyman may be speaking from the perspective of the injured party — PatientsLikeMe could be seen as a direct challenge to physicians’ omniscience — but there’s still something to his concerns. PatientsLikeMe not only lets members track their disease; it also tacitly encourages them to take action. While PatientsLikeMe advises users to consult a doctor before changing their treatments or dosages — patients can print out an exhaustive status report, replete with graphs and charts, to take on doctors’ visits, and personal physicians can register as caregivers on the site — there will inevitably be patients who treat the Web site’s apparent rigor and depth as a substitute for a physician’s training and expertise.
And that justifies treating patients as idiots requiring laws to stop them or web sites? The unpleasant reality for many physicians is that many patients are using the internet to research their conditions, become more informed, and are more active participants in their own health and treatment decisions. That’s a good thing, not a bad thing.
Erik Ensrud, the neurologist at Brigham and Women’s Hospital, worries that patients could spot an animal study or early-stage trial investigating an off-label usage of a drug and then start taking that drug in the hope that the researchers are onto something. “Even if a treatment seems promising, it could result in a very serious reduction in lifespan,†he suggests. “We’re talking survival.â€
True, but even without the web site, there are those patients who industriously use search engines to find clinical trials and act on them without physician prescription. Wouldn’t it make more sense for physicians to participate in the web site discussions to inject caution and explanations instead of trying to shut down or limit a web site? Can anyone really say that what they try is really more dangerous than some FDA-approved drugs that we find out much later have life-threatening risks? And what happened to that pesky First Amendment we call “freedom of speech,” anyway?
The second article, by Daniel Lee in the Indianapolis Star, focused on whether patients will be able to maintain any secrets from physicians. Lee writes, in part:
In one of the latest examples of the debate over how much patient history doctors should have access to, Dr. Marc Overhage, chief executive of Indiana Health Information Exchange, cast the lone dissenting vote as a 17-member federal panel recommended that patients get more control over electronic health records.
Overhage is a member of the National Committee on Vital and Health Statistics, which sent its recommendations to the U.S. Department of Health and Human Services last month. The panel encouraged HHS to give patients the power to sequester from their online medical records certain sensitive information such as domestic violence-related treatment, reproductive health and genetic information.
“I certainly believe it’s a patient’s right to protect and control their information,†said Overhage, a professor at the Indiana University School of Medicine.
However, he said physicians, in order to provide the best care possible, also need access to information — sometimes including information that is more personal in nature. The fact that a woman takes birth control pills, he said, could have an effect on how a doctor would prescribe other medications.
Then the physician should ask the patient — and explain that if the patient withholds information, they may not get the best — or even safe — treatment advice, but that doesn’t give the physician the right to access or obtain information on the patient without the patient’s express opt-in and informed consent.
He also said the recommendations he voted against leave too many unanswered questions and contain initiatives that could cost hundreds of millions of dollars to implement.
To best protect their privacy, Overhage said, patients should pick doctors and providers they trust. “They should be confident that the providers and those who work with those providers handle that information appropriately,†he said.
Oh, puh-lease, Dr. Overhage — we all know that patients pick doctors who are covered by their insurance and that trust has almost nothing to do with choice of providers any more.
The strongest privacy rights Americans have are health privacy rights, said Dr. Deborah Peel, a practicing psychiatrist and founder of the Texas-based advocacy group Patient Privacy Rights. “It’s the most sensitive personal data,†she said.
Even in the Internet age, patients should have the right to withhold certain information, she said.
“People forget that patients have never told every doctor everything,†Peel said. “Patients have always carefully sliced and diced who they tell what under what circumstances. That’s what the right to privacy means.â€
I agree with Dr. Peel completely on this point, but our firm beliefs may be influenced by the fact that we are both in the field of mental health, where patients may be more inclined to withhold either personal information or information about family history with respect to mental health problems.
The letter crafted by the federal advisory panel, sent Feb. 20 to U.S. Health and Human Services Secretary Mike Leavitt, noted that computerized health records hold great potential for improving the effectiveness and efficiency of health care. But the letter also noted that such records also mean that every doctor, nurse, pharmacist, chiropractor and dentist, and other health-care workers, have potential access to a patient’s complete medical history.
The panel also recommended that health-care workers be able to “break the glass†and access private information if needed in an emergency.
There is a doctrine of “implied consent” that applies to emergency situations. When a patient is unconscious or unable to provide informed consent, we take it that they would consent to life-saving treatment if they could give consent — unless they have previously indicated otherwise (such as Do Not Resuscitate orders or a living will, etc.) But when it comes to health care records, if the patient has knowingly withheld information despite being informed of the importance of complete and accurate records, then what gives the health care provider the ethical right to break the glass? Particularly since once the now-obtained information would become part of the current provider’s files and records, which might be hacked, data-mined, or otherwise shared without the patient’s informed consent.
Such measures are needed in a highly connected world, said Mark Rothstein, a member of the committee, which spent about 15 months crafting the recommendations letter.
“People are suddenly going to find there’s no way to compartmentalize the sensitive things in their health histories from the nonsensitive things in their health histories,†said Rothstein, a lawyer who also is director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine.
“Someone who is treating you for a broken leg doesn’t need to know you had an abortion 20 years ago.â€
Rothstein said another worry he has about highly detailed electronic patient histories is the prospect of patients being rejected by employers or insurance companies because now-scattered details of their health histories would be more easily available.
Overhage, however, said he had concerns about giving patients the power to exclude certain aspects of their health histories from their records. He said doctors might need access to such information to make important decisions about care.
“Giving them the power?” It is their right, and we should not pretend that the patient has to justify withholding information that they want to withhold. The only justification for “breaking the glass” that I can think of might be a public health emergency type of situation. It is the providers who should have to justify invading the patient’s right to privacy, and we should all forcefully reject any notion that the patient has to justify withholding private information.
“I worry about how many will be harmed versus how many people will be protected by having this information protected,†he said.
And that is precisely the kind of paternalistic physician-as-God crap that I deplore. Physicians don’t make treatment decisions, even if they have a difficult time accepting that. They make treatment recommendations. The patient makes the decision, unless the patient is incompetent.
Local physicians also are weighing how to best protect patient privacy.
Dr. Ben Park, chief executive of the physician practice American Health Network, said he sees a need for physicians and hospitals to be able to exchange patient data among different computer systems.
However, Park said, “It creates this point of vulnerability from a privacy standpoint.†He said his practice has begun surveying patients about whether they want their information shared with an outside health information exchange.
Park recently spoke with a woman who, during a visit to her gynecologist, heard her doctor remark about the results in the Indiana Health Information Exchange system from a previous test, ordered by another doctor, for a suspected lung disease. Although she did not have the disease, the recorded result did not make that clear, Park said.
That’s not really a privacy issue as much as a control and accuracy issue.
Overhage said IHIE gets its information from the patient’s own providers.
And we know providers never make mistakes in entering information in patient records, right? And what happens when it comes to entering information about family history of a particular problem? Do you now violate the family members’ privacy as well by documenting in a to-be-shared file that family members have mental health diagnoses?
He emphasized that the system is “almost paranoid†when it comes to security. The patient information is encrypted, and there are tight constraints on how health-care providers may access it, he said.
Yet the word “privacy†does not appear anywhere in its 17-page 2007 annual report. “I think it’s a given in the work we do,†Overhage said.
No, it is distinctly not a “given.” It needs to be addressed directly and effectively, because the truth is that hackers are ahead of the game, and no one can really assure patients that their electronic or networked records will not be accessed or acquired.
He said society must find ways to balance the benefits of providing doctors with greater access to people’s personal information with protection of patients’ privacy.
“You can go to extremes, and I think we need to find the right pathway forward. We do have to marry the development of the privacy policies and the technology going forward,†Overhage said. “We need to use this information to improve the quality of care that patients get.â€
Then first deal with the privacy issue. Until you do, the rest is meaningless, as people will not sign on and will not feel safe having their most intimate health details included in any such shared exchange.