Making sure the clinical data flowing through HIEs is seen only by those patients designate is a tricky problem. But according to the ONC, it’s a problem doctors need to take on and manage, according to recent guidance from the organization.
ONC’s logic is as follows:
As key agents of trust for patients, providers are responsible for maintaining the privacy and security of their patients’ health information. In turn, patients should not be surprised about or harmed by their provider’s collections, uses, or disclosures of their health information.
In other words, patients should be given a “meaningful choice” as to how information is shared, rather than simply signing broad treatment-related disclosures.
And as ONC sees it, the treating professional is responsible for educating patients enough to give them meaningful awareness of their options, including how information will be shared and with whom, as well as obtaining and tracking the patient’s choice.
This strikes me as a pretty ambitious expectation to have of doctors, who in most cases need to do little to explain information sharing to patients. Educating them on the broad range of places data could go, under which circumstances, and the extent to which patients can opt in or out of such sharing, strikes me as a very large task.
I’m not saying that I think ONC’s recommendation is an unwise one. In most cases, the doctor — who’s most likely to be the treating professional — is really the only person who’s in a position to do this kind of education. Not only is the doctor the person the patient trusts, they’re also in a position to review how well patients have understood on an ongoing basis.
All that being said, it’s still a pretty complex lesson to teach. I hope someone, perhaps ONC itself, develops online self-education for patients which a doctor can simply offer during the visit. Otherwise, I think the “meaningful choice” concept will be hard to pull off.