Bill Gates once said “your most unhappy customers are your greatest source of learning”.
It seems the Australian Government has understood this message, as it is now considering major legislative changes to the personally controlled electronic health record (PCEHR) system.
This is good news. Doctors and patients are often confused about the rules regarding the collection, use and disclosure of information on a PCEHR.
An example of ambiguities includes doctors being advised not to use PCEHR data when providing third-party reports. But what happens to PCEHR information that, over time, has been incorporated in local databases? And are doctors allowed to access a PCEHR in the patient’s absence?
What’s the purpose?
This lack of clarity reflects a bigger problem — the absence of a clearly articulated and shared goal underpinning the national e-health system.
In the absence of an agreed purpose, rules and systems can become arbitrary or misguided, restrictive and lacking in consistency. Doctors, patients and policymakers first need to agree on the main purpose of the PCEHR.
Ultimately it is a tool intended to improve the provision of care: patients disclose their personal data to doctors and, in return, receive more effective and personalised care. I would be happy if the data were used for other purposes such as disease surveillance or even feedback on my clinical management but, in the end, it is the patient’s record and they must have a say in it.
A proper consent procedure is essential for any use of PCEHR data outside individual patient care. It appears the PCEHR system operator is currently authorised to collect information in individual PCEHRs for law enforcement, health provider indemnity insurance cover, research and public health purposes, and as required or authorised by law.
This should be more transparent with a better explanation of what it means for both patients and clinicians.
Patients should also understand the pros and cons of setting advanced access controls, especially now an opt-out system is on the cards. Adequate support will be required for specific groups including the elderly, people with a disability or mental illness, and some 14–17-year-olds.
The right to be forgotten
At the moment, PCEHR data are required to be held for up to 130 years. An interesting concept to consider is the “right to be forgotten”, which has been introduced in the European Union Court of Justice to give people the right to remove data from search engines under specific circumstances.
This concept is applicable to e-health. Patients, for example those with a mental health diagnosis early in life, may want to have part or all of their PCEHR record erased at some point (not just deactivated) to avoid stigmatisation or other repercussions — rather like the expunging of juvenile criminal records to give young people a fresh start.
Liabilities & incentives
Removing the need for participation agreements seems like a good idea. The Department of Health proposes that the liability provisions in the agreements be disposed of, rather than transferred to the legislation.
It is unclear what this would mean for the liability of doctors and health care organisations.
It seems new incentives will be paid to doctors who upload records to the PCEHR on behalf of patients with care plans. Although this will be welcomed by most doctors, it excludes other patients who don’t have a care plan but who would also benefit from a PCEHR.
Linking payments for chronic disease management to the uploading of documents is complicated. If it is introduced without other improvements to the PCEHR system, it could create more resentment among doctors and may lead to poor-quality uploads
What happens if patients do opt out of the PCEHR? Will their doctors be paid less to look after them?
And what if a patient who would benefit from a PCEHR declines to have a care plan, or the doctor provides chronic care without creating care plan documents or health assessments? In that case, there would be no incentive for the doctor to upload data to the PCEHR.
An upload incentive across the board would avoid these issues.
More criminal penalties?
The government is also considering introducing more criminal penalties, including jail terms, additional to the monetary civil penalties that already exist for data breaches. If we want to increase participation and engagement by doctors, I’m not sure that more penalties will help.
The challenge is to make e-health an integral part of health care, and align its purposes and values with usual clinical practice.
Training & education
Astronomer Carl Sagan said: “We live in a society exquisitely dependent on science and technology, in which hardly anyone knows anything about science and technology.” If e-health is to succeed we need to invest in information and communication technology skills. We must train the next generation of e-health designers, builders, managers and users to ensure our e-health system is safe and effective.
This article has previously been published in MJA Insight. Many thanks to Ms Jen Morris, Dr Karen Price and Dr Michael Tam for their valuable feedback and suggestions on the draft of this article.