How Does Technology Impact Maintaining Confidentiality of Medical Records Stored at Multiple Healthcare Agencies?

Page content

The Impact of Technologically Facilitated Multi-agency Care on Patient Privacy

In the golden age, which probably never existed, your information was safe with your personal physician. Not least because it was recorded on a paper form which was filed away in a locked filing cabinet and never looked at again.

Computers allow us to retrieve and share information much more easily, for better or for worse. Increasingly, patient care is becoming a multi-agency activity, involving several health agencies, social care agencies and, increasingly, voluntary agencies. This requires us to address the distinction between legitimate information sharing and a privacy breach.

There is a tension between providing the best possible information, especially in a multi-agency situation to facilitate the best possible care and the need to respect confidentiality and the need for privacy

In the U.K, the Data Protection Act 1998, medical purposes include but are wider than healthcare purposes. They include preventative medicine, medical research, financial audit and management of healthcare services. The Health and Social Care Act or 2001 explicitly broadened the definition to include social care.

Experience shows that there are different attitudes to information collecting.

In the U.K. healthcare sector, generally there is a view that the more information collected the better, since this provides a richer picture of the health of the patient. Particularly in primary care, a wide range of factors may influence the health of the patient, and the immediate symptoms and stated reason for consulting the doctor may not be the most significant factors. This has sometimes had a negative influence on GP information systems, which have tended to become ‘sinks’ for information, with little thought as to when the information may be retrieved and in what form.

By contrast, social workers tend to be much more minimalist in their information collection, preferring to emphasise that only relevant and targeted information, which is linked to specific courses of action, is collected. This has been explained in terms of the fear of litigation. This derives from cases where following a failure of care, it can be shown that information was available and not acted on.

Health care workers may find social care agencies less than grateful for a drip feed of inconclusive pieces of information relating to problems with children at risk or mental health patients housed in the community.

System usage must therefore be defined within agreed protocols, where it is clearly defined at what point action is required on the part of an individual professional or manager. However, it is recognised that even this may not be enough to ‘sell’ the system if a culture of fear exists.

Attitudes to Confidentiality

There are also different attitudes to confidentiality.

Although health data is appropriately regarded as ‘sensitive’, the information in most child health records is not as sensitive as that relating to children being classified as ‘at risk’. Much child health data is routine, e.g. recording the occurrence of childhood diseases. These data carry no stigma.

The very act of recording that a child may be at risk is extremely sensitive and changes the nature and context of all information regarding that child. For example, a child arriving at the Accident & Emergency with a fracture, with no history or label attached, is likely to receive only sympathetic treatment. The knowledge that this child has been deemed to be ‘at risk’ changes the nature of the information from a simple clinical diagnosis with consequences limited to treatment of the injury to potentially crucial evidence of significant abuse.

Thus, professional and parental attitudes to the information are likely to be fundamentally different. There is no significant need for excessive confidentiality over an incident such as a fracture arising from a genuine accident, unless there is a belief that the injury is caused by deliberate harm.

In most circumstances, it is professionally acceptable for all members of a team involved in the healthcare of a patient to have access to all relevant information. However, the number of professionals involved in the process of care for a child deemed to be at risk may be considerable, and the degree of their involvement may vary significantly. Therefore it is appropriate to define a hierarchical model of access to sensitive information on a ‘need to know’ basis. For example, teachers and police officers may be involved in the process but need to have only partial knowledge. Within a school, there may be further differentiation between teachers designated to deal with child abuse cases, teachers with direct pastoral responsibility, such as form or year tutors, and class teachers.

Policy has increasingly treated social care as part of healthcare. However, this does not cover other agencies e.g. voluntary agencies or the police. Whilst the police have no general right of access to health records in the UK, there are a number of statutes which require disclosure to them and some that permit disclosure. These have the effect of making disclosure a legitimate function in the circumstances they cover. In the absence of a requirement to disclose there must be either explicit patient consent or a robust public interest justification. What is or isn’t in the public interest is ultimately decided by the courts. Where disclosure is justified it should be limited to the minimum necessary to meet the need and patients should be informed of the disclosure unless it would defeat the purpose of the investigation, allow a potential criminal to escape or put staff or others at risk.

Once again, technology is the facilitator: use or abuse is down to the actions and judgements of human beings.

Further Reading

Data Protection Act (1998) Chapter 29, The Stationery Office, London

Gillies AC (2006) The Clinicians Guide for Surviving IT, Radcliffe Publishing, Abingdon

Gillies AC (2008) The legal and ethical changes in the NHS landscape accompanying the policy shift from paper-based health records to electronic health records, Studies in Ethics, Law and Technology, vol 1 no 2 article no 4

This post is part of the series: Protecting Patient Privacy

As the use of information technology becomes more prevalent in the strorage of patient records, the task of maintaining patient privacy becomes more complex. This series explores the issues, and argues that technology is as much a part of the solution as the problem.

  1. The Duty of Care for Patients’ Information
  2. Maintaining the Confidentiality of Patient Records
  3. Patient Privacy in Technologically Facilitated Multi-Agency Care
  4. How to Manage the Risks to Patient Information