April 23, 1999

Digital age spurs patient confidentiality ethics debate

Digital age spurs patient confidentiality ethics debate


Ann Olsen and Dr. William Stead acted out a scene depicting the potential misuse of electronic patient records. (photo by Donna Jones Bailey)

Vanderbilt University staff and faculty recently got plugged in to the ethical questions surrounding the issue of electronic patient records.

In a program entitled "Brave News World of Electronic Records: Whose Business is it Anyway?" at the Ethics Spring Grand Rounds, VUMC personnel were treated to four vignettes performed by faculty that illustrated different situations in which patient confidentiality might be compromised.

The program was moderated by Stuart G. Finder, Ph.D., assistant professor of Medical Ethics, and included Dr. Ellen Wright Clayton, associate professor of Pediatrics and Law; Dr. John S. Sergent, chief medical officer of the Vanderbilt Medical Group; Dr. William W. Stead, associate vice chancellor for Health Affairs; and Ann Olsen, director of Information Management Planning.

"We at the medical center encourage patients to tell us the most private things in their lives so that we can use that information in their treatment," Clayton said. "One of the things that makes that possible is that the patient knows that the information they give is not transmitted to other people."

The medical community, and particularly teaching hospitals, has long struggled with the question of who should have access to a patient's medical record. Some of those issues within that question include whether it is appropriate for students to look at information for the purpose of learning; how hospitals can prevent people from accessing information; and whether a patient can refuse to be included in demographic research projects that might use their medical record.

The recently developed Information Security Confidentiality and Privacy (ISCP) Committee has begun to form answers to some of these difficult questions.

The presentation at the Ethics Spring Grand Rounds was meant not only to inform medical center personnel what the policies of the medical center mean, but also to stimulate discussion about what sanctions should be imposed if people break the rules.

"In some ways electronic records could provide a greater amount of security for patient records since it would be possible to limit access to certain parts of the medical record," said Clayton.

"In order to take advantage of this new medium we must first decide what is an appropriate use of that information and what is not."

To illustrate the situations that can arise when records are stored electronically, the panelists performed several skits for the audience.

The first of these vignettes, called "The Palm Pilot," featured Sergent as a physician who lost a portable computer that contained confidential patient information.

"Some people might think that this is much the same as losing a piece of paper with patient information on it. The thing we have to think about in this case is the order of magnitude when you lose an electronic record. The palm pilot machine has the ability to store a lot of information that you would not lose if you were carrying it around as a piece of paper," said Stead.

One way for physicians to check patient information without worrying about having the information fall into the wrong hands is to use the MARS system at home.

The Informatics Center now has the technology to give physicians a smart card that lets them dial into the MARS system from their home computer. If used correctly the system will minimize many of the security concerns connected with patient confidentiality.

The second vignette, "The Doctor Who Knows Too Much," featured Clayton as a physician who had peeked into the file of her colleague's wife to review her blood alcohol level, injuries, and medications.

"Looking at other people's records out of curiosity is one of the major problems at hospitals everywhere. Just because you have access to a system does not mean you can look at any information you want to," said Clayton.

One way to discourage this type of invasion of privacy is already in place at VUMC. In the MARS system, every time a physician accesses a file it leaves an electronic fingerprint that the Informatics Center can audit at a later date to ensure that only the people who need it have accessed the information.

As a more active deterrent, the Informatics Center may soon implement a system in which users must explain why they need to access the file before it will open. In this new system physicians who access a patient's file for the first time will be prompted to enter their role in the patient's care, such as attending physician, anesthesiologist, or nurse.

"We hope this kind of system will be a deterrent to people who just want to look at charts for curiosity. I don't anticipate that there will be a category for that," said Olsen.

In the third skit, "The Database," Olsen played a researcher who created a database containing all the liver disease cases from MARS without seeking the approval of the Institutional Review Board.

"There are many other uses for patient medical records, including uses in research, business plans, or patient management. There needs to be some oversight to discuss what is an appropriate use of medical records," said Olsen.

The ISCP will be charged with establishing standards and practices for the use of electronic information and overseeing information security programs.

The committee will begin to form subcommittees and make information management policies later this year.

In the last vignette, "The Audit," Sergent played an information manager who discovers a physician who had accessed a record for no apparent reason. The skit was meant to stimulate discussion about what should be done to people who access records illegally.

"There is not currently a punishment that fits this kind of inappropriate behavior, but we need to figure out what it should be. Some of the options that have been mentioned have been revocation of MARS' passwords, suspension, or simple reprimand," said Stead.