The PCEHR: Moving forward

I can confirm that the Government is not going to build a massive data repository. We don’t believe it would deliver any additional benefits to clinicians or patients – and it creates unnecessary risks (~Nicola Roxon)

I’ve studied the PCEHR but I’m still not sure what the government has built and for what purposes. I was always under the impression that the PCEHR was designed to assist clinicians to improve patient care through better data flow. But this may not be the case.

The recent resignation of NEHTA’s top National Clinical Leads is an ominous sign. If the Department of Health does not start sharing ownership of the PCEHR soon and improve governance of the system, the PCEHR will fail. Here’s a quick rundown of the issues and how to move forward.

Legal issues

A first glance at the PCEHR Act 2012 seems to confirm that the PCEHR is built with clinicians in mind, as its four purposes are clinical in nature:

  • To help overcome fragmentation of health information
  • To improve the availability and quality of health information
  • To reduce the occurrence of adverse medical events and the duplication of treatment
  • To improve the coordination and quality of healthcare provided to consumers by different healthcare providers

So far so good. But the Act is 93 pages long and I could find at least five other ‘non-official’ purposes of the PCEHR spread out throughout the Act:

  • Law enforcement purposes
  • Health provider indemnity insurance cover purposes
  • Research
  • Public health purposes
  • Other purposes authorised by law

And this is where the concerns begin. These ‘non-official’ purposes are not directly related to the care doctors provide to their patients. In general, one would say that patients and clinicians have to give informed consent before their health information can be used for research or other purposes. It seems informed consent is missing here.

Contractual flaws

Combine this with certain clauses in the one-sided PCEHR participation agreement and you’ll forgive me for thinking that the government, contrary to Roxon’s reassuring words, has built a massive data repository:  Once clinicians sign the agreement, they grant the Department of Health and Ageing a perpetual, irrevocable, royalty-free and license-fee free, worldwide, non-exclusive license (including a right to sub-license) to use all material they have uploaded to the PCEHR.

Those who think that you can always opt out are mistaken. Even if health care organisations or practices cancel the participation agreement, seven of the fourteen clauses survive termination, including clauses regarding liability. It is good to know that the government will continue to use the information after cancellation by a clinician or consumer for up to 130 years.

Another concern is the fact that the Minister may make or change PCEHR rules without legislation, and the Department of Health can change the participation agreement at any time without the need for input from clinicians. We thought the After-Hours and PIP contracts by Medicare Locals were a disaster, but this agreement is possibly worse.

Other problems

By now it is obvious that Clinical Leads and professional organisations have not been involved in many important decisions. There is a range of other issues, which I won’t discuss here in detail, including technical software glitches and the absence of MBS item numbers. Under the PCEHR Act 2012, all clinicians are appear to be seen as employees, which could be a problem as many doctors may be employed as contractors for various reasons.

Moving forward

If the PCEHR can be used for data mining, legal purposes, insurance purposes etc, then that is fine, but, I would strongly advise the profession to stay clear from it. If however we agree, that the PCEHR is a clinical tool, then clinicians must be involved.

What we need first of all is an open, well-informed discussion about the purposes of the PCEHR. What are consumers and clinicians exactly saying yes to when they sign up? A proper, transparent, independent governance structure with specific executive authority should be formed. This PCEHR Board should include members from professional and consumer organisations and act as a watchdog over the PCEHR. Any changes to the rules require a consultative process with professional bodies including AMA and RACGP before the Board can sign off. The current PCEHR Advisory Committee and Council are not fulfilling these criteria at the moment.

Consumers should know exactly what happens with their data after they have visited a health care professional and who has access to their information. The purposes of the PCEHR must be clear and agreed upon by all stakeholders. Clinicians own the rights of the data they create and upload, there is no need to grant the government a perpetual irrevocable license to use this data.

The PCEHR Act 2012 and the participation contract must both be reviewed and made 100% acceptable to clinicians and 100% opt-out must be possible for clinicians and consumers at all times.

This will take time, but if we don’t start now there is no hope for the PCEHR.

This article has been published in Medicus, the journal of the AMA(WA)

7 online eSafety tips for doctors

It is good to see that social media and eHealth are becoming mainstream topics at national health conferences. At the recent GP Education & Training Conference in Perth (GPET13) I attended two workshops about our professional online presence.

The first one was about the benefits of social media and was attended by GP supervisors, registrars and students. The second one, sponsored by a medical defence organisation, warned about the dangers of the online world, and interestingly there were mainly GP supervisors in the room.

Before I continue I must declare that I was one of the presenters at the first workshop. But it was good to be reminded by professor Stephen Trumble about what can go wrong. His excellent presentation created a lively discussion. Here are seven random points I took home from the workshop:

Tip #1

Doctors should be careful when looking up patients online, eg via Google. In general this is only acceptable if doctors are acting in the interest of patients, for example when trying to find contact information in an emergency.

Tip #2

Privacy settings of Facebook and other social media tools may change or fail, therefore: do not trust these settings. Assume that everything posted online, even in private networks and groups, is public. I have blogged about the elevator test, which is one way to check if something is suitable before posting.

Tip #3

Taking pictures of patients or their body parts is fine as long as the patient has been made aware of the purpose and who will see the picture, has given consent prior to taking the picture and has been de-identified. When doctors publish the picture online, consent must be noted within the publication. If the picture is later used for other purposes, the patient must again give consent.

Tip #4

When doctors collect patient information on their mobile devices, eg when taking a picture with a smart phone or when using a transcription service, these devices must be protected from misuse, unauthorised access, alteration or disclosure. The simple passcode on iPhones is generally deemed insecure (but can be made more secure in the phone settings). If patient information is stored overseas on cloud systems, local security laws apply and they may not meet Australian standards.

Tip #5

Old smart phones, even if factory settings have been restored and the data erased, still contain information. This is of course also true for USB sticks, practice computers, photocopiers with a hard disc etc.

Tip #6

I have blogged about the issues with Skype in patient care. From the handout: “Skype is not recommended for telehealth consultations but has not been deemed ‘unsuitable’. There are privacy, confidentiality and quality issues and many doctors who start with Skype end up upgrading to commercial systems.”

Tip #7

Last but not least: email is not suitable to transfer patient information. Encrypted email is the preferred option.

It is sad that the eHealth practice incentive payments (PIP) by the government are only paid to practices taking part in the PCEHR. As a result costly software, system and security upgrades will not be a budget priority for many practices.

Sources:

  • Online communication for education: risks, responsibilities and rewards. Workshop by Prof Stephen Trumble, Ms Nicole Harvey. GPET 13 Conference, Perth
  • General professionalism online – handout by MDA National
  • Informed consent and Telehealth – handout by MDA National
  • Telehealth tips – handout by MDA National