In 2008 I was asked to present at a Leeds Health Masterclass organised by the head of Health Informatics at Leeds Uni, Owen Johnson. Back in the glory days of the highly successful National Programme for IT ;), the presentation was ostensibly a review of the Spine solution, which was provided at the time by BT. I focussed on a number of current challenges facing Healthcare ICT and tried to address how we might overcome them. One of these challenges was how we could allow patients to express their consent to share their patient records.
Even in that ancient time many of us had realised that as the storing and sharing of electronic patient records increased the complexity and overhead of expressing patient’s consent would also increase. Indeed, it would become unwieldy. Sure enough working out how to manage a patient’s consent preferences became a major hurdle to sharing their information.
Typically, ensuring the proper use of patient records involves increasing the number of locks on the record but this approach often restricts access for legitimate as well as illegitimate purposes. Consent is just such a lock and the more that such restrictions are placed on a record, the harder it becomes for professionals trying to access the record. Furthermore, the reality is that patients will never be able to express consent to precisely the permutations of access that they would prefer.
As a result the solution I was keen to promote was to make far greater use of the audit trail of access to the patient records.
If we are able to expose a summarised audit trail to patients – probably via a patient portal – patients will gain great confidence because they will understand where and why their records are being used.
They will then feel able to consent to greater levels of sharing. I believe that the vast majority of patients won’t mind their data being used to benefit the NHS, rather it is the fear or suspicion that they won’t be able to see when and where it is being that will make them reluctant.
In addition, if only a small proportion of patients are keeping track of accesses to their record, this will provide a strong incentive to care professionals to behave responsibly. Illegitimate access to a record is then likely to be spotted and will result in serious penalties such that even a small chance of being caught will discourage unnecessary access. So rather than rely on ever increasing locks to prevent access, instead we can balance the use of some locks with the presence of suitable alarms in the form of an audit trail exposed to the patient. Such an approach may also help reduce the burden on Caldicott guardians.
Another beneficial side effect is that such an audit trail contains implicit relationships about the patient. These relationships can then be utlised by care professionals to get information about who else is engaged with the patient. This will contribute to multi-disciplinary working as well as the identification of vulnerable patients.
Accordingly when the Calidicott 2 review began I was keen to give my 2 pence worth and communicated to the review team my view about the importance of considering audit. I doubt I was the only person emphasising this option to the team but reassuringly the review does describe the importance of audit.
“The Review Panel concludes that a full and meaningful audit trail, which details anyone and everyone who has accessed an individual’s electronic personal confidential data, should be made available in a suitable form to patients via their health and social care records”
Perhaps my only criticism is that they didn’t appear to have fully conveyed the potential benefits of the approach.
Finding a way to describe the potential multitude of patient consent permutations is finally being tackled both at the national level by the HSCIC and locally in numerous new interoperability initiatives. Interestingly a number of local initiatives are already choosing to expose the record access audit in this manner. HSCIC are also considering it as part of the solution. Of course a major part of the puzzle is the creation of patient portals and with that the challenge of authenticating the patient. Both topics are worthy of discussion so I will attempt to address them here in the next few weeks. In the meantime I will be excited to see the details of how some of these local initiatives decide to share the audit trail.