April 6, 2012

Tom Sullivan, M.D.

The 411 on Privacy

Why do we hear so much about privacy in the media today?
Have not all the issues been settled?
The simple answer is “no”. Not all the issues have been settled nor will there ever be universal bright lines that make the topics of privacy, confidentiality and security simple to understand and easy to implement.
As I compose this article, the largest, wealthiest and most successful advertising company in history is in the process of implementing its most recent policy on the privacy of consumer information, consolidating about 60 different practices for many of its products. Yes, Google is in the news once again, and their consolidation of privacy policies is attracting significant attention all around the globe. This is not the first time that Google has run into issues related to privacy and confidentiality. There are some experts who opine that the demise of Google Health was brought about in part by the difficulty of resolving the conflicts between a profitable advertising program and the appropriate use of individually identifiable health information data on a massive scale.

Privacy in the realm of healthcare has always been a contentious issue. In the late 1990s, a major milestone for the nation’s healthcare system was the federal promulgation of the HIPAA rules surrounding privacy and security. The HHS Secretary at that time was forced to do this by law, since Congress had failed after many years of debate and public hearings to pass a comprehensive privacy law and to create a universal healthcare identifier.
As is common in other areas of a contemporary society very much driven by the powerful desire for convenience and the accessibility of information “anywhere, anytime and on any device”, the heart of the dilemma in the healthcare arena is the balance between the benefits of sharing clinical information easily at multiple points of care and where it is needed most including in lifesaving and emergency situations versus the risk of allowing certain personal information to fall into the wrong hands.
We, the clinicians and senior management at DrFirst, have had many discussions over the years relating to achieving the proper balance surrounding the sharing of clinical information securely and rapidly with only those individuals who have a “need to know”. Specifically, we have been recently encouraging clinicians to associate a diagnosis with each drug that resides in Rcopia, our electronic prescribing system. Since the appropriate dose and administration of a medication may vary significantly depending on the diagnosis, it is often helpful for the pharmacist who is receiving the prescription to also know the diagnosis and thus help check for possible instruction errors before the patient starts taking the drug.
The protection of Privacy and Confidentiality starts with regularly updated policies addressing the issues from every provider and vendor of healthcare products and services along with appropriate notification of those policies to patients. There must also be a system of monitoring real world results and implementing timely corrective actions where needed.

About Tom Sullivan, M.D.

Thomas E. Sullivan, M.D is a board-certified specialist in cardiology and internal medicine with over 40 years of clinical practice. He currently works for DrFirst and sees patients part-time in Massachusetts. His expertise in the application of information technology to health care has helped to create an international standard (ASTM) for the exchange of medical record information called the Continuity of Care Record (CCR). With AMA, he was founding chair of their e-Medicine Advisory Committee, worked with the Physician Consortium for Performance Improvement, represented the AMA and helped create the Physician EHR Coalition and is past chair of the AMA Council on Medical Service.