Privacy, Patients and Healthcare - where the rubber hits the road

If you want to really sit at the bleeding edge of personal privacy, spend some time thinking about storing and sharing personal health records for entire population. That's what Scotland's National Health Service embarked on and succeeded in delivering.

Dr Libby Morris is a GP who has been working with electronic health records for the last decade from her practice in Scotland. As well as working as a GP, Dr Morris also works from the Scottish government as the lead clinical advisor in eHealth.

Scotland's NHS operates independently of England's so it's quite small - about 1000 practices and 170 hospitals and nearly 700 community pharmacists - according to Dr Morris. This made the project manageable and not massive in scope. There's a single ambulance system.

"It's a nice size," Dr Morris told delegates at the IAPPANZ Summit. "We've only got two clinical systems which are used by all of the practices. One system, which is used by the ambulance, and approximately three that are used by secondary carers. So, it is possible to have integrated records if you can sort out information properly".

Another advantage the project had was that GPs had been using electronic systems for about 20 years - the only paper records still being held were archival and no longer being added to. Medical practices are connected to pharmacies so prescription data was already shared. Paper-based information is routinely scanned and electronically stored.

Almost every other element from outpatients programs to maternity services use electronic record keeping although there was a significant challenge as many of those systems were connected.

"The Emergency Care Summary was a particular project that was designed specifically for patients who needed out of hours care," explained Dr Morris.

In Scotland, everyone has a designated GP - unlike Australia where we can visit whatever doctor we want. So, while most of an individual's healthcare is managed by a single GP emergency care might be handled by someone completely different. That meant, even though the patient might know some of their medical history, the treating physician would not have a complete medical picture.

"We devised, what we called, an Emergency Care Summary," explained Dr Morris.

"It was very specific. It was to provide a medical summary for patients when they were not in their GPs surgery. It was designed to improve the care and safety of patients. And it was coming from the general practice records".

The issue of whether patients needed to give specific consent for the data to be shared was one that the Scottish NHS mused over for some time. At the end, common sense prevailed.

"People have strong feelings about consent. But it was about changing the culture. Twenty years ago, general practice was absolutely paranoid about their own records, about patient information. Secondary care were, maybe, a little bit lax so changing culture was really important. Putting specific consent to look at the records wasn't a big thing. It wasn't about signing consent forms or making a big fuss. It was simply that if someone turns up in the ED or national triage system, ask them a quick question - 'Do you mind if I look at your records?'. It was just good manners really," explained Dr Morris.

Patients are able to opt in and out from that consent and there are strong controls and reporting around access to records so an audit trail could be established to know who looked at particular records and how much time they spent looking at that data. As the data was being copied from their GP to the hospital or other facility, if consent was withdrawn, the data is deleted with the original retained by the registered GP.

The system has been extremely successful with use increasing every year and an extended to secondary carers such as hospital pharmacists. Costs have been well managed with independent audits from the EU revealing a very positive return on the investment. Patient access is now being developed.

Although the project's initial focus was on patient care, the Scottish NHS is now looking at how that data can be used for secondary applications such as informing new services, research and plan new initiatives.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Tags privacyInformation TechnologyehealthpatientsCSO AustraliaIAPPANZ SummitEnex TestLab #iappANZGP emergencyDr Libby MorrisScotland's National Health

Show Comments