Tuesday, September 22, 2015

Nowhere to hide

My wife came back from a physical therapist appointment the other day somewhat disconcerted that the PT had access to her entire medical record, most of which contains absolutely nothing relevant to her need for physical therapy.  The reason for this is that the health system where she gets care is an integrated behemoth offering services across the entire continuum of care, and all of those services are documented in a single ginormous electronic medical record.  

I was reminded of a similar issue that made it's way into the press a few years ago when a patient complained about her psychiatric records being available to other providers who were all part of a larger system and used the same electronic medical record.

There was nothing illegal about my wife's situation, since the PT is part of the same clinical entity as my wife's other providers.  And sharing records across the continuum of care is what the system is supposed to be striving for, isn't it?  Yet, it bugged my wife that the PT had unfettered access to all of her private health information without any clear medical reason for needing all of it.  Did the PT really need to see her problem list?  And all of her lab results?  I suspect that it would be more than just an irritant if she had sensitive information in her record.

To date the public discourse on privacy and interoperability has focused on exchange of records across legal entities, with much less attention given to record-sharing within a legal entity.  This issue is soon going to loom larger in the conversation, though, because consolidation in the provider market is rapidly accelerating, as noted in a recent Wall Street Journal article.  Which means that more and more patients will find themselves in integrated health delivery systems that give them more providers under one corporate roof but less ability to control what parts of their record get shared among those providers.

In a world of fragmented providers, the friction of interoperability has the benefit of protecting privacy; the "minimum necessary" approach of HIPAA, coupled with the limitations of systems to exchange more than just a CCDA snapshot, imposes inherent limits on the breadth, depth, and frequency of information exchange.  Consolidate all of those providers under one roof, however, and everyone pretty much has access to almost everything.  EHR systems do have role-based access, but with limited ability to "tag" and segregate data, and with fluidity of role definitions from one provider to another, most EHR systems have very limited ability to fine-tune which providers can see which information except in the most basic cases (e.g., psychotherapy notes).

As my wife and I discussed her concerns, we started to think about voting with our feet -- selectively seeking care outside of the health care system when we don't want a particular provider to have access to all medical record information.  We're lucky that we live in a medical mecca that is rich with high quality, competitive health care service choices.  Most people aren't so fortunate, however, and may increasingly find that all the work that's being done on "meaningful consent" will be outpaced by market forces.