Should Patients Have To Opt Out of Electronic Records?
Electronic Health Records
The potential benefits of sharing patient electronic records within health systems are broadly agreed, but concerns remain over patient consent and security. Experts in this week's BMJ discuss how patients should consent to use of electronic records in the NHS and how the data can be kept secure.
There are two broad schools of thought. The first (the opt-out model) is for the public to be informed of the NHS care records service and to be given a chance to opt out if they do not want their clinical records shared within the NHS. The second model is for no sharing to occur until people have expressed their desire to share their clinical records within the NHS (the opt-in model).
Nigel Watson, Chief Executive of Wessex Local Medical Committees, has experienced an opt-out approach and believes that this is the way forward.
He cites existing opt-out schemes that have been widely accepted by health professionals and the public, and points out that the health service in Alberta, Canada, changed from the opt-in position to an opt-out one in 2003 after consultation with both patients and clinicians.
In his own area of Hampshire and the Isle of Wight, only 1150 out of the 1.3 million patients have decided not to have their records included in the repository.
In terms of security, access to a patient record in the repository requires a user name and password, he adds. User names are only issued to staff with confidentiality clauses in their employment contracts, and before accessing the patient record the user is asked to confirm that the patient has given consent.
He believes an opt-out model should be used for the NHS care record service, as it allows patients to benefit from earlier availability of information, reduces the workload on hard pressed services, and cuts the bureaucracy for both practices and patients.
However, he stresses the need for a large publicity campaign six months before the start of the service, telling patients what is going to happen, the potential benefits and dangers, and most importantly how they can opt out of having their records shared.
But Dr John Halamka, Chief Information Officer at Harvard Medical School, argues that opting in is the only way to ensure confidentiality.
He discusses regional data sharing in the US and believes that patients are best served by prospectively seeking their permission to include data in the regional index. This approach acknowledges patient control and ownership of medical information.
Both opt-in and opt-out approaches have risks and benefits, he says. The key disadvantage of an opt-in system is that records populate the regional index slowly, making adoption of data sharing slow. Another is that a clinician may prescribe a drug that has an important interaction with the patient's undisclosed mental health prescriptions.
With the opt-out approach, historical records could be used to populate the regional index rapidly, but if the index is compromised, information about all institutions, including mental health providers, could be leaked. This could cause much anxiety and may affect patient confidence in the system, since they did not prospectively approve participation.
"We have only one opportunity to build a healthcare information superhighway that patients and providers can trust. We should let the patients decide if they want to drive on it," he concludes.
Two editorials also published in this issue discuss the ethics of shared electronic patient records and the need for rigorous evaluation and regulation.