Skip to main content
BMC Medical Informatics and Decision Making logoLink to BMC Medical Informatics and Decision Making
. 2001 Apr 25;1:1. doi: 10.1186/1472-6947-1-1

The health care information directive

Ross EG Upshur 1,, Vivek Goel 2
PMCID: PMC32178  PMID: 11331535

Abstract

Background

Developments in information technology promise to revolutionise the delivery of health care by providing access to data in a timely and efficient way. Information technology also raises several important concerns about the confidentiality and privacy of health data. New and existing legislation in Europe and North America may make access to patient level data difficult with consequent impact on research and health surveillance. Although research is being conducted on technical solutions to protect the privacy of personal health information, there is very little research on ways to improve individuals power over their health information. This paper proposes a health care information directive, analogous to an advance directive, to facilitate choices regarding health information disclosure.

Results and Discussion

A health care information directive is described which creates a decision matrix that combines the ethical appropriateness of the use of personal health information with the sensitivity of the data. It creates a range of possibilities with in which individuals can choose to contribute health information with or without consent, or not to contribute information at all.

Conclusion

The health care information directive may increase individuals understanding of the uses of health information and increase their willingness to contribute certain kinds of health information. Further refinement and evaluation of the directive is required.

Introduction

As health care enters the 21st Century, information technology (IT) is assuming greater importance for clinical care and health delivery systems. IT promises rapid access to the health information required for clinical decisions and management of the health care system, leading to improved health outcomes and more efficient use of resources. Efforts to integrate information technology into health care continue to rise at a rapid rate. In many settings and for many types of services, such information systems are indispensable for health care.

The widespread dissemination of information technology raises several problems. While one of the most heralded areas of health information technology is the electronic patient record, they also draw the most concern [1]. Since medical records are highly personal, many fear loss of confidentiality and privacy [2]. Fair information principles, ethical codes and studies of patient's preferences all support the importance of preserving confidentiality and privacy [3-5].

The uses of health information extend beyond the clinical domain [6]. Health services research, disease registries, and population epidemiology rely on data collected and archived in administrative databases. Such data reservoirs can be linked and are a rich source of knowledge on patterns of health care. The advent of electronic health records could greatly enhance the quality, availability and timeliness of such data sources. Studies based on these records are integral for providing feedback to clinicians and administrators as well as to health care consumers. For example, such studies form the basis of initiatives, based on public demand, for greater accountability in the health care system through the use of report cards.

While such initiatives require access to personal health information, privacy protection initiatives have also become part of public policy, hindering such efforts. Recent legislative initiatives in Canada such as the federal government's Bill C-6 and the province of Ontario's Bill 159 promise to have an impact on the use of health information for health administration, research and clinical care. In Minnesota, a change in the legislation concerning the access to health records required health providers to notify all patients in writing that records could be released for research purposes and to obtain a written authorization for the use of medical records for research [7]. In the United Kingdom, the Data Protection Act of 1998 (assumed force of law, March 2000) placed restrictions on the processing of health information and enhanced privacy conditions [8]. Such initiatives are commendable in that the privacy of individual information is of paramount importance.

These legislative initiatives, though, may have unfortunate adverse consequences. Depending on the stringency of the legislation, many research and audit functions such as health services research and cancer registries may be at risk. It is unclear how informed both the population and legislators are concerning the uses of health information. The media has consistently emphasized the Orwellian dimensions of large databases [9]. There is evidence from the literature that strict consent laws can introduce a potentially crippling authorization bias [10-13]. Authorization bias occurs when patients who release personal health information for health research differ from those who do not in important characteristics relevant to the interpretation of health data. Such a bias, applied at a population level results in an inaccurate estimate of the health status of the population.

Recent articles have underlined the challenges of keeping health records both accessible and private [14,15]. These studies have largely confined attention to systems level interventions focused on technical methods of health data protection. To our knowledge, little has been done to develop tools to improve patient knowledge and understanding of health information, its uses and the manner in which it is protected. It is unclear how systems initiatives alone will increase patient understanding of health information uses, or empower them in their choices with respect to health information usage.

Innovative models, therefore, are required to meet the demands of the information age. Research on patient decision aids suggests that they improve knowledge, reduce decisional conflict and stimulate patients to be more active in decision-making [16]. We suggest that an intervention analogous to a decision aid could be developed to enable health consumers to more appropriately specify the level of sharing they wish to have for their personal health information. The advance directive, used in end of life care, is a type of decision aid that can provide a template for such an aid, which we propose to call a 'health care information directive' [17].

Results

Table 1 shows the proposed health information directive. The health information directive seeks to integrate sensitivity of data with ethical validity of use. It presents the permutations and combinations of sensitivity and usage in a matrix that forms a table, similar to an advance directive. The goal of the health information directive is to allow individuals to make informed choices regarding how their health information can be used. Currently, models of consent for the use of health information derive from consent for clinical interventions. These are discrete and time limited. However, health information, particularly those items that are stored in electronic databases exist almost timelessly and have a multitude of uses. It may be impossible to determine all possible uses in advance, but it is possible for individuals to define the range of possible usages of their health information and to specify the form of data acceptable to them.

Table 1.

Schema for a health information directive

Personal Health Registration De-identified Aggregated
Information Information Data Statistical
Patient care (access by caregivers, such as
physicians, nurses, physiotherapists, etc., next of
kin, advocate, legal representatives)

Continuity of care between Health Care
Providers and Administrative levels
Reminders for follow-ups and screening tests,
etc.

Payment (hospital/fee for service)

Administrative management (institutional and
governmental/provincial)

Continuous Quality Improvement, peer review

Research
Epidemiological Study
Disease Registries

Hospital fund raising (mail-outs)

Deriving profit from data as a research product
Marketing

Row Headings adapted from: Ethical And Legal Issues In Electronic Health Information Systems: Report of the University of Toronto Joint Centre for Bioethics Working Group. 20 April 1998 Prepared by: Michelle A. Mullen, M.H.P., Ph.D. and James Lavery, M.Sc. Column Headings adapted from Saskatchewan Consultation on Privacy and Health Information. Reprinted with permission of the authors.

The row headings of the health information directive move from "most essential to most discretionary" uses, based on Mullen and Laverey. They state:

To illustrate, the following uses of electronically stored patient data might be placed along a continuum to reflect ethical validity in access or use (acknowledging that the placement of these various interests is debated by different players), where the informing criterion is the proximity of the potential user to the data generator (patient) and their potential benefit/harm in the disclosure of information [18].

The column headings illustrate the types of data from most identifiable to most anonymous. The matrix forms a range of options from most sensitive to least sensitive types of data with most necessary to most discretionary uses of information. Definitions of the column headings immediately follow the table.

Individuals can then, as in advance directives, block out which uses and types of data they do not wish to contribute. They may also specify the range of issues for which they are willing to contribute data, but only with explicit informed consent. There will be some areas that must be blocked out because no discretion is permitted, such as for accounting purposes.

Clearly, the health information directive will require a significant educational effort. It is unlikely to succeed as a stand-alone intervention. Educational programs will be necessary to supplement the decision aid. Computer-based educational modules or videodiscs could be employed to this end.

Discussion

The health information directive has face validity as it integrates the important elements of health information that have been discussed in the literature. From an ethical perspective, the directive increases patient autonomy, facilitates patient control over information, fosters openness and transparency and respects several of the ethical principles articulated by Kluge [19]. Whether an information directive would increase or decrease authorization for the use of health care information remains unknown and the topic for a future empirical study. It may exert a differential effect by increasing the use of some forms of information while reducing the access for other uses. The legal status of such documents is presently unclear, but it is hoped that bringing the concept forward for discussion may stimulate legal scholarship on this topic. How should the directives best be distributed and administered? As the health care field becomes increasingly based on information technology, it should not be difficult for individuals to be able access the directives either on the Internet or on intranets. These issues, as well as the acceptability of the directive to patients, and the educational component that will need to accompany it, will be further refined and evaluated empirically.

The empirical evaluation and refinement will consist of the following steps. Following the process outlined by Berry and Singer for Cancer Specific Advance directives, key informant interviews will be conducted with stakeholders involved in ethics, law and electronic privacy issues such as Privacy Commissioners [20]. This process will create a directive with both face and content validity. Focus groups with lay volunteers will provide input from the consumer perspective. Educational materials will be developed and refined. The directive will then be evaluated in a randomised study to determine whether the directive can increase individual's sense of empowerment and security over their health information.

Pre-publication history

The pre-publication history for this paper can be accessed here:

http://www.biomedcentral.com/content/backmatter/1472-6947-1-1-b1.pdf

Supplementary Material

Definitions

This file contains definitions on personal health information, registry information, de-identified individual information and statistical and aggregate information.

Definitions (20KB, doc)

Contributor Information

Ross EG Upshur, Email: rupshur@idirect.com.

Vivek Goel, Email: vivek.goel@utoronto.ca.

Funding Acknowledgements

Dr. Upshur is supported by a Research Scholar Award from the Department of Family and Community Medicine, University of Toronto and a New Investigator Award from The Canadian Institutes of Health Research. This project was supported by HEALNet (Health Evidence Application and Linkage Network) a member of the Networks of Centres of Exellence Program which is a unique partnership among Canadian Universities, Industry Canada and the federal Research granting councils.

References

  1. Hodges J. Legal issues concerning electronic health information:privacy, quality and liability. JAMA. 1999;282:1466–1471. doi: 10.1001/jama.282.15.1466. [DOI] [PubMed] [Google Scholar]
  2. Advocacy and Communication, Canadian Medical Association Canadians highly value the privacy and confidentiality of their health information. Available: (accessed 2000 November 9) http://www.cma.ca/advocacy/news/1999/11-29.htm
  3. Organization for Economic Co-operation and Development. Guidelines on the protection of privacy and transborder flows of personal data. Paris: The organization, 1981.
  4. Gostin L, Hadley J. Health services research: public benefits, personal privacy and proprietary interests. Ann Intern Med. 1998;129:833–5. doi: 10.7326/0003-4819-129-10-199811150-00017. [DOI] [PubMed] [Google Scholar]
  5. Policy and Planning Division, Saskatchewan Health. Consultation Paper on Protection of Personal Health. Available: www.gov.sk.ca/health/phiq/response/use.htm (accessed 2001 April 16, 2001)
  6. Knox G. Confidential medical records and epidemiological research. BMJ. 1992;304:727–8. doi: 10.1136/bmj.304.6829.727. [DOI] [PMC free article] [PubMed] [Google Scholar]
  7. Melton LJ III. The threat to medical-records research. New Eng J Med. 1997;337:1466–9. doi: 10.1056/NEJM199711133372012. [DOI] [PubMed] [Google Scholar]
  8. Al-Shahi R, Warlow C. Using patient-identifiable data for observational researchy and audit. BMJ. 2000;321:1031–1032. doi: 10.1136/bmj.321.7268.1031. http://bmj.com/cgi/content/full/321/7268/1031?ijkey=sfjlNqTeVL5 accessed April 16, 2001 [DOI] [PMC free article] [PubMed] [Google Scholar]
  9. GarfinkleSamson. Database Nation: The Death of Privacy in the 21st Century. Chapter 6. To Know Your Future. Accessed. 2001. http://www.oreilly.com/catalog/dbnationp/chapter/ch06.html
  10. Yawn B. The impact of requiring patient authorization for use of data in medical records research. The Journal of Family Practice. 1998;47:361–365. [PubMed] [Google Scholar]
  11. Jacobsen S. Potential effect of authorization bias on medical record research. Mayo Clinic Proceedings. 1999;74:330–338. doi: 10.4065/74.4.330. [DOI] [PubMed] [Google Scholar]
  12. McCarthy D. Medical records and privacy: empirical effects of legislation. Health Services Research. 1999;34:417–425. [PMC free article] [PubMed] [Google Scholar]
  13. Woolf S, Rptemich S, Johnson R, Marsland DW. Selection bias from requiring patients to give consent to examine data for health services research. Arch Fam Med. 2000;9:1111–1118. doi: 10.1001/archfami.9.10.1111. [DOI] [PubMed] [Google Scholar]
  14. Scheonberg R, Safran C. Internet based repository of medical records that retains patient confidentiality. BMJ. 2000;321:1199–1203. doi: 10.1136/bmj.321.7270.1199. [DOI] [PMC free article] [PubMed] [Google Scholar]
  15. Mandl K, Szolovits P, Kohane IS. Public standards and patient's control: how to keep electronic medical records accessible but private. BMJ. 2001;322:283–7. doi: 10.1136/bmj.322.7281.283. [DOI] [PMC free article] [PubMed] [Google Scholar]
  16. O'Connor AM, Rostom A, Fiset V, Tetroe J, Entwhistle V, Llewellyn-Thomas H. Decision aids for patients facing health treatment or screening decisions: systematic review. BMJ. 1999;319:731–4. doi: 10.1136/bmj.319.7212.731. [DOI] [PMC free article] [PubMed] [Google Scholar]
  17. Singer PA. Disease-specific advance directives. Lancet. 1994;344:594–596. doi: 10.1016/S0140-6736(94)91971-2. [DOI] [PubMed] [Google Scholar]
  18. Mullen M, Lavery J. Ethical and legal issues in electronic health information systems: Report of the University of Toronto Joint Centre for Bioethics Working Group.20 April 1998. 2001. http://www.utoronto.ca/Clinical/health_information.htm
  19. Kluge EH. Professional codes for electronic HC record protection: ethical, economic and structural issues. Int J Med Inf. 2000;60:85–96. doi: 10.1016/S1386-5056(00)00107-6. [DOI] [PubMed] [Google Scholar]
  20. Berry S, Singer PA. The cancer specific advance directive, Cancer. 1998. pp. 1570–1577. [DOI] [PubMed]

Associated Data

This section collects any data citations, data availability statements, or supplementary materials included in this article.

Supplementary Materials

Definitions

This file contains definitions on personal health information, registry information, de-identified individual information and statistical and aggregate information.

Definitions (20KB, doc)

Articles from BMC Medical Informatics and Decision Making are provided here courtesy of BMC

RESOURCES