eHealth: The good, bad and ugly

E-health: good, bad, ugly

We’ve come a long way with technology in general practice. Technology should make our lives easier. However, in health-IT a good idea can easily go bad. But the opportunities are mind-boggling and we’ve got exciting years ahead of us.

Let’s have a look at the good, bad and ugly in eHealth, including cyber insurance, liability issues, telehealth, mobile apps, social media and of course the PCEHR.


The PCEHR has gone ugly. Sidelining doctors and clinical leads didn’t do the project any good. A basic requirement of a successful project is effective stakeholder management. Healthcare evolves around GPs, and if the main stakeholders are not on board for 200%, the project will fail. Meanwhile, the government has started data-mining our patient’s eHealth records. A colleague recently said on an IT forum:

I demand legislation that simply states something like: Information stored in the PCEHR can exclusively be accessed by health professionals directly involved in the patient’s treatment and exempt from access by any other third-party including by means of subpoena

I’m not holding my breath here but it’s a clear message, shared by many GPs. By failing to listen to doctors the PCEHR will be added to the already impressive global scrap heap of major health IT fiascos.

But the good news is: there are alternatives. Instead of wasting more tax dollars, we should adopt one of the already fully functioning, cheaper Australian shared record systems, like RecordPoint from Extensia.


Video consultations between rural patients and specialists save time and travel costs. But some patients would benefit more from Telehealth access to their GP. The RACGP budget submission to fund Telehealth for people living with a chronic disease was a great suggestion.

Initiatives like Telederm where GPs can get send a picture of a skin condition to a dermatologist and get advice, are worth their weight in gold. And eventually we really have to agree on a simple, but professional alternative to Skype that cannot be accessed by (foreign) governments or other third parties.

Social media & mobile apps

Whether we like it or not, social media is slowly becoming part of mainstream healthcare. We’ve figured out how to use social media wisely. More and more GP conferences now include workshops and session about how to sign up for Twitter, linkedIn or WordPress.

Registrars use Facebook and Twitter for e-learning. A new launching pad has been created to assist GPs interested in the professional use of social media.

Mobile and sensor-based technologies enable our patients to monitor just about anything, and with a push of a button this data could come our way – from blood pressures to continuous holter monitor results. GPs will have to figure out a way to deal with this data. This will be a challenge, but ignoring it will not make it go away.

Security & legal issues

When we introduced free WIFI for patients in our practice we discovered security risks that had to be mitigated first. The explosion in cyber crime fueled by cloud computing results in more data breaches, and GP practices are not exempt as we’ve seen not long ago in Queensland.

Technology in health care always creates liability. Recent national concerns about e-dispensing alerts and the doctor’s duty of care are a good example. New national privacy legislation will include mandatory breach notification. This means GP practices have to report all data breach events, even the minor ones, and failure to do so will incur high penalties.

AHPRA didn’t want to stay behind and introduced a social media policy, as well as a revised Code of conduct, revised Guidelines for advertising and revised Guidelines for mandatory notifications – which now include social media clauses.

The problem with regulations like this is that it further increases liability for doctors, already operating in a highly regulated industry. We don’t need more regulation. Risks are: less innovation and progress, a defensive attitude by doctors, higher legal and insurance costs, increased AHPRA fees and eventually higher costs for patients.


It’s not surprising that cyber insurance is going to be the next hot topic. Cyber insurance should cover us against threats like cyber extortion, identity theft, crisis management, business interruption and disaster recovery. The PCEHR already has it’s own legal pitfalls. My indemnity insurance now provides cover in case of:

  • PCEHR privacy breaches.
  • Allegations of negligence for failing to detect critical patient information contained within the PCEHR.
  • Loss or corruption of electronic documents or data.
  • Intellectual property disputes.

The insurance policy does not cover fines and civil penalties related to the PCEHR – another reason why our practice will not sign up. IT security upgrades of practice systems as well as connected home and mobile devices will be unavoidable, and GPs and practice managers may have to do some upskilling to get their heads around this.

This article has previously been published in AMA(WA)’s Medicus Magazine, June 2013.

One thought on “eHealth: The good, bad and ugly

  1. Edwin, good overview of the various areas of eHealth.

    One key area is the last point and insurance. I work specifically in this area of risk mitigation and assessment of vulnerability. GP’s and the health care industry at this stage do not realise that this area of risk is significant and the cost of a data breach can basically bankrupt a practice, mainly driven by the hidden costs like loss of income, brand reputation and trust and the potential of a class action.

    Fund litigators such as Slater and Gordon are waiting in the wings to commence these actions when the law is enacted in March 2014. The math is very simple – 10,000 affected records at $141 per record ($1,410,000) and on average around $1,000 per litigant (based on US and Canadian studies) for compensation ($10,000,000). So if you have a practice of 10,000 patients, and don’t have $12 Million dollars to cover a data breach, then mitigate risk and take out cyber insurance.

    A key point for GP’s – these data breach incidents are not just related to actually been hacked, a lost laptop that is unencrypted, can do the same damage as a hacker sitting in Eastern Europe.


I'd love to hear from you! Please leave a comment:

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.