Blog

  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2006
  • 2005
  • 2004

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

When thinking about what we should be doing now, the mind goes in the future, and asks itself how will it be? How will the future look like? It seems like we like to imagine a future where the problems and errors involved with creating, moving and copying clinical data will be gone. Where medical providers will not have to waste hours re-creating charts which were already created by a different provider, or by re-taking exams just because they don't have access to previously taken exams. Where as a patient walks into the ER, the provider will have instantly access to the patient's entire medical history (unless the patient decides not to allow this). But today, most providers are holding on to the clinical data they collect. So how on earth could another institution instantly have access to it? There would have to be agreements, and networks would form, dividing some institutions from others, kind of like the way it is now: if you are part of network A, you can get access to data from that network only.

No, this can't work. Ethically speaking, the clinical data needs to be globally available, s.t. any provider can help any patient anywhere in the world. And such that any research project can have easy access to all of the clinical data of the entire planet.

Holding data hostage

I have heard some stories where a product vendor holds the doctor hostage: the doctor might not pay for the vendor's services any longer, and instead of simply interrupting the vendor's actual services, the vendor also decides not to allow access to the clinical data to the doctor. My initial reaction to that, has always been "hey, that's not ethical: the vendor's don't own that data, it's the practice's (or doctor's) data!"

But even that never felt quite right, or, let's say complete. Just like the fact that most orthodontic practices save their data on their local servers. Yes, that's useful in terms of privacy and making sure that data stays in house, however there's something missing.

So who owns this data, ethically speaking? That's a good question, which i'm certainly not the first one to address. For example George Washington University Hirsh Health Law and Policy Program has published a study called "Who Owns Medical Records: 50 State Comparison." considers the law and finds only New Hampshire to have a law assigning ownership medical records to the patient, while the rest of the USA either has no law or the law assigns ownership to the medical provider. In fact, the most obvious candidates would be:

  • patient? Well, the ethically it might seem sound, however most patients do a terrible job at managing their clinical data, and end up loosing or misplacing most of it. So it doesn't sound like a good idea to leave the master copy of such valuable data into the patient's hands. 
  • medical provider (doctor)? This is what i thought: the providers usually use software which could manage clinical data. But many software companies don't interoperate with each other, and have no interest in doing so. So again data would not be 100% available
  • how about vendor? (the company that developed the tecnology that physically manages and stores the data)? No, obviously not. We have just seen why not.

Once patient's clinical data has been sufficiently de-identified to protect the individual's privacy, data should be publicly and easily available to the entire human race. This will allow it to be maximally useful for research and patient care. Therefore I believe that patient's clinical data is a human heritage, not be owned by any individual. As soon as some clinical data has been collected, the patient should have the option of allowing it to be stored on some kind of network that will make a de-identified version of it available to qualified researchers and a full version available to any medical provider with an appropriate key.

How it would look like

  1. So the patient arrives, to see a doctor for the first time (ER, dentist, whatever, ). 
  2. The provider (i.e. doctor)'s front desk would ask for their digital ID 
  3. Kind of like a credit card today, or Apple Pay or other such mechanism, the patient interacts with the card reader, and enters his/her credentials (with OTP, fingerprint, or whatever).
  4. The system is now able to retrieve the patient's ID and digital key by combining their card with their authentication.
  5. With the digital key of the patient and the provider's own digital key, the system can:
    1. have access to the lookup table of "the network" with the provider's key. this gives access to de-identified records.
    2. search for and download the correct record using the patient's digital ID.
    3. decrypt identity information, using the patient's digital ID, and by so doing, obtaining the full record of the patient.

 

  • No labels