New report makes privacy recommendations around secondary use of health records

It’s possible your health records are being used at this moment without your consent.

Health records are a valuable source of information for health research, population health monitoring, quality improvement and as evidence to inform management of our health system.

Ontario’s Information and Privacy Commissioner notes, in a new report released March 2nd, that such information is often used and disclosed to researchers in a form in which patients are identifiable. This is because the original health provider lacks the resources or capacity to “de-identify” the records before making it available, especially when the documents are paper-based. Even when data from electronic health records (EHRs) are de-identified, some researchers have found it is sometimes possible to re-identify individuals from the anonymous data.

Ontario’s Personal Health Information Protection Act (2004) permits certain secondary uses of information contained in these records without consent from the individual.

Ann Cavoukian, Ontario’s Information and Privacy Commissioner, and Richard Alvarez, President of Canada Health Infoway, argue that the “architecture” of new EHRs should be set up to facilitate “privacy by design,” including automatic de-identification of individuals for whom the records belong.

While electronic systems have not been infallible to breaches of privacy, they argue for other measures to reassure the public their records are as safe as possible from unauthorized use.

Among them is a zero tolerance policy requiring the immediate dismissal of employees found to be improperly accessing or sharing health records. In Ontario between two and four employees are dismissed annually for breaching privacy rules. After the policy was introduced, the report states, breaches were reduced from 11 to two in the following year.

With such a policy also comes the requirement for training so that employees and others working in a healthcare environment are aware of their obligations and security provisions surrounding these records.

Unlike paper copies, an EHR can be set up to leave behind a signature of who has accessed the record and when. Applications such as commercial breach protection and fraud management software are available to enhance the security of the record.

“These tools can detect unauthorized use and disclosure by recording patterns of user access and activity in EHRs, monitoring and analysing user behavior for patterns that may indicate misuse, and generating alerts or reports in order to contain unauthorized activity and to trigger further auditing,” the report states.

The authors also call for increased accountability from the custodians of the data, especially as EHRs become more portable.

That includes the question of who notifies individuals that have had their record’s privacy breached.

Other recommendations include the use of risk assessment processes, data disclosure agreements, patient notification and other security safeguards to minimize risk.

Canada Infoway is anticipating that a consent function will be built into the EHR, allowing individuals to decide whether their information can be used for secondary reasons.

While the presence of large data pools may make patients apprehensive about the security of their EHR, the authors believe electronic records, especially in secondary use, may “help to minimize the risk of unauthorized access since it will be relatively easy to de-identify electronic personal health information prior to its use for secondary purposes.”

According to EKOS research, 84 per cent of Canadians support the use of EHRs in health research if the information is de-identified. That number drops to 54 per cent without de-identification. If consent is provided in advance, 66 per cent would support use of identified records in the research process. Respondents suggest they were more inclined to accept sharing of this information with groups such as governments, researchers, healthcare organizations and statistical organizations. Support drops when it comes to sharing such information with the private sector.

Cavoukian and Alvarez underline the value of secondary use of records, noting both the Kirby and Romanow reports acknowledged use of such records improves our understanding of the social determinants of health; improves  clinical practice guidelines; identifies cost efficiencies, facilitates health promotion and disease prevention; assesses needs for planning purposes and is used to educate the public about proactive steps to improve overall health.

Less one think paper records are secure, the report gives examples of breaches involving such documents, including more than 180,000 records recently found in a Regina recycling bin – the largest privacy breach in that province’s history. In Ontario there have been smaller breaches, including records found scattered on the streets and those abandoned when a walk-in medical practice was closed.

Canada Health Infoway is a federally funded not-for-profit corporation that coordinates the development and deployment of EHRs across Canada.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s