Robert Rowley, MD
Twitter: @RRowleyMD
The Office of the National Coordinator for Health IT (ONC) recently released guidelines to address the question of consent when it comes to electronic health information exchange (eHIE) – “meaningful consent.” This is a helpful effort, and underscores the difficulty of obtaining, documenting, and implementing consent in the modern ever-more-complex world of electronic health information.
The general backdrop to all of this might be best summarized like this. Doctors and hospitals (care providers) create medical records about patients, as patients seek health care. This data, which used to be written in paper charts contained in each office’s chart racks, is now more commonly contained in Electronic Health Records (EHR) systems. However, like the old paper charts, the data for each EHR remains largely segregated into the practices who created them. That data is “owned” by the practitioner who created them (you “own” your own work) – yet, since the data is about a patient, the patient also “owns” access to their data, and gets to decide with whom that data can be shared.
In order for a given clinician to be able to share their notes and records with another clinician, the patient must give permission. That data cannot be shared without such consent. Practically speaking, the general consent for treatment, which is part of the registration documentation that every patient signs upon their first visit to a doctor’s office, allows the sharing of pertinent clinical information with others when it is for the purpose of delivering care, or for paying bills.
The dilemma of HIEs
As more physicians and hospitals transition from paper to EHRs (in 2013, more than 50% of ambulatory practices, and more than 70% of hospitals were using EHRs), the fragmentation of a patient’s health story is evident. It has always been there, but perhaps was not so clear when everything was on paper.
Much of the effort to connect different EHR systems together has been through the building of Health Information Exchanges (HIEs), which are hubs that can provide a single point of contact for access to many different sources of records about a patient. The value of an HIE, therefore, is a function of the number of subscribers to their hub. There is a struggling emergence of HIEs, with some of them being organized by a hospital or academic institution for connectivity to local community doctors, and some of them being more regional (and needing to address a business model that can keep them afloat).
But all of the HIEs are built on the presumption that EHRs are the main type of connection. Not patients directly. The approach is provider-centric, and patients – who need to provide consent somehow – are not really in the HIE loop. It is this conundrum that the ONC’s guidance is intending to address.
A patient-centered approach
A new approach to unified health data is emerging, and requires re-thinking health information exchange. Rather than being a hub that directly connects healthcare providers (and somehow has to include consent in their transactions), a patient-centered approach puts the patient in the center of the model, and each of the caretaking physicians (regardless of the EHRs they use) as spokes around it.
This approach is facilitated by a universal patient portal, connecting to each of the caretaking clinicians. This is the place where the patient can decide “spoke-by-spoke” which clinician’s data can be shared and which should not. From the clinician side, all of the data uploaded into the universal record from one’s own practice is visible (you can see your own data), as well as the data from all the other practices that the patient has designated as “sharable.” The implication, of course, is that all shared data that is uploaded to the central universal patient record is tagged with its source.
We have yet to see a large scale implementation of such an approach. However, this new way of conceptualizing health data across different care settings is starting to make headway. Newly emerging products will soon appear in the health IT marketplace that are built around this model, and will resolve the kind of consent dilemmas that vex traditional provider-centered eHIE efforts.