Nobody gave much thought about patient medical records till a few years back.
The concept of patient data or medical data ownership didn’t even exist. Of course, patients could access the lab results and reports, and doctors used them for devising treatment plans. Some keep with the provider, and seldom anyone made any claims or received any of them.
Things are Changing with Technology and Care Model
It has become essential and mandatory to maintain comprehensive medical records, often in electronic EHR systems. The digitalization of data and sharing across platforms like the internet has brought new concerns about the safety and security of health information.
Things are also changing with patients becoming more informed with ready access to information on the web. Innovative models of care like the value-based care model have increased importance on medical records where performance is related to earnings.
There is an increasing trend of discomfort and vulnerability among the stakeholders in the healthcare industry- who should be responsible for the ownership and privacy of patient data?
Physicians believe it’s their property because they have created it and are responsible for treating the patient. The patients have ownership of their records since it involves them and their privacy. The providers and every stakeholder in healthcare can claim ownership as they have played their part and deserve the right to use it without compromising identifying information about patients.
So who should actually be responsible for it and own it?
The Problems of Data Breaches and Privacy Threats
The electronic EHR systems utilizing software as a service (SAAS) or free cloud storage are engaged in sharing and selling data to third parties for a considerable sum of money. The technology like the application program interface (APIs) used has created room for vulnerabilities not just for patients but even for physicians.
It is natural for anyone to feel concerned about hacks and cyber attacks on company databases. We risk losing the privacy of our personal information and facing severe consequences like identity theft.
In May 2017, the Bronx Lebanon Hospital Center in New York faced a data breach that compromised the records of a minimum of 7,000 patients. It revealed the patient's diagnosis, HIV status, and other information like domestic violence or acts of sexual abuse reports.
Yet it is not an isolated incident-
· Henry Ford Health System encountered an attack on patient records which compromised data of 18,470 people
· Augusta University Medical Center faced two phishing attacks in one year
· The records of 106,000 patients were breached at Mid-Michigan Physicians Imaging Center
All the attacks and breaches took place in 2017 alone!
We have a Big Problem in Our Hands
The same technologies we have created to make our work effective and easy are being turned and used against us for profit and other ulterior motives.
Every stakeholder in healthcare has the right to have access and use the data they contributed in creating. Still, it has to be ensured that they are used legitimately and positively without jeopardizing privacy and security.
The Movie Industry Analogy: A Fair Distribution of Benefits
The movie industry has an adequate distribution of benefits among the directors, actors, producers, studios, and other stakeholders. Each one gets the fair share of incentives and benefit for the part that they have contributed.
Can this be effectively used for healthcare?
You may say the two industries differ, but entitlement and privacy are universal concepts and extend to anything and everything like health, social norms and beliefs, political and sexual orientation, religion.
If we follow the movie industry analogy, everyone can be entitled to the part of the data under their scope of creation- be it physicians, patients, or providers.
Need of Ownership for Physicians
Physicians interact with patients to create medical data and notes which should be under their control. They should also use the data for assessment, creating a plan of action, and clinical decision-making.
Allowing doctors full access to medical records also improved patient satisfaction, patient education, and patient safety, promoting better clinical outcomes, according to a pilot study.
Patients should have their Rights.
Patients are the foundation of medical records, so it makes sense that they should own them.
Healthcare costs are rising, making it difficult for patients to afford them. Having access to complete medical records will enable them to make informed decisions and choose their providers.
Patients also find it challenging to transfer their data from one provider to another, even in the age of electronic HER system and cloud computing. It still takes months for patients to transfer actual data among providers within the same state.
It has also been found that sharing doctor notes with patients impacted their outcomes positively.
Ownership of Data by other Stakeholders
Other stakeholders like laboratories should have the right to examine, measure, or create data, just like in the film industry. They should also be rewarded for the value they contributed, leaving them free to use it for research and other purposes, maintaining all security and privacy measures.
The Time to Act is Now!
The benefit of medical records should be shared based on the value of contribution if any other arrangement or model is not in use. We can bring a change by involving, engaging, and educating all stakeholders- doctors, patients, and providers and keeping them at the center of reward and decision making.
Only by giving proper ownership and reducing liability for corporate entities can we ensure information security, lower expenses, increase the quality of care, address citizens' expectations, and promote efficient practices.