Designing a System for Patients Controlling Providers’ Access to their Electronic Health Records: Organizational and Technical Challenges

Jeremy C. Leventhal, Jonathan A. Cummins, Peter Schwartz, Douglas Martin, William M. Tierney

Research output: Contribution to journalArticle

14 Citations (Scopus)

Abstract

BACKGROUND: Electronic health records (EHRs) are proliferating, and financial incentives encourage their use. Applying Fair Information Practice principles to EHRs necessitates balancing patients’ rights to control their personal information with providers’ data needs to deliver safe, high-quality care. We describe the technical and organizational challenges faced in capturing patients’ preferences for patient-controlled EHR access and applying those preferences to an existing EHR.

METHODS: We established an online system for capturing patients’ preferences for who could view their EHRs (listing all participating clinic providers individually and categorically—physicians, nurses, other staff) and what data to redact (none, all, or by specific categories of sensitive data or patient age). We then modified existing data-viewing software serving a state-wide health information exchange and a large urban health system and its primary care clinics to allow patients’ preferences to guide data displays to providers.

RESULTS: Patients could allow or restrict data displays to all clinicians and staff in a demonstration primary care clinic, categories of providers (physicians, nurses, others), or individual providers. They could also restrict access to all EHR data or any or all of five categories of sensitive data (mental and reproductive health, sexually transmitted diseases, HIV/AIDS, and substance abuse) and for specific patient ages. The EHR viewer displayed data via reports, data flowsheets, and coded and free text data displayed by Google-like searches. Unless patients recorded restrictions, by default all requested data were displayed to all providers. Data patients wanted restricted were not displayed, with no indication they were redacted. Technical barriers prevented redacting restricted information in free textnotes. The program allowed providers to hit a “Break the Glass” button to override patients’ restrictions, recording the date, time, and next screen viewed. Establishing patient-control over EHR data displays was complex and required ethical, clinical, database, and programming expertise and difficult choices to overcome technical and health system constraints.

CONCLUSIONS: Assessing patients’ preferences for access to their EHRs and applying them in clinical practice requires wide-ranging technical, clinical, and bioethical expertise, to make tough choices to overcome significant technical and organization challenges.

Original languageEnglish
Pages (from-to)17-24
Number of pages8
JournalJournal of General Internal Medicine
Volume30
Issue number1
DOIs
StatePublished - 2014

Fingerprint

Electronic Health Records
Patient Preference
Data Display
Primary Health Care
Nurses
Online Systems
Urban Health
Quality of Health Care
Reproductive Health
Patient Rights
Sexually Transmitted Diseases
Substance-Related Disorders
Glass
Motivation
Mental Health
Acquired Immunodeficiency Syndrome
Software
HIV
Databases
Physicians

Keywords

  • electronic health records
  • fair information practices
  • patient preferences

ASJC Scopus subject areas

  • Internal Medicine

Cite this

Designing a System for Patients Controlling Providers’ Access to their Electronic Health Records : Organizational and Technical Challenges. / Leventhal, Jeremy C.; Cummins, Jonathan A.; Schwartz, Peter; Martin, Douglas; Tierney, William M.

In: Journal of General Internal Medicine, Vol. 30, No. 1, 2014, p. 17-24.

Research output: Contribution to journalArticle

@article{6344eae802d0438490b9a82ab9f9aaca,
title = "Designing a System for Patients Controlling Providers’ Access to their Electronic Health Records: Organizational and Technical Challenges",
abstract = "BACKGROUND: Electronic health records (EHRs) are proliferating, and financial incentives encourage their use. Applying Fair Information Practice principles to EHRs necessitates balancing patients’ rights to control their personal information with providers’ data needs to deliver safe, high-quality care. We describe the technical and organizational challenges faced in capturing patients’ preferences for patient-controlled EHR access and applying those preferences to an existing EHR.METHODS: We established an online system for capturing patients’ preferences for who could view their EHRs (listing all participating clinic providers individually and categorically—physicians, nurses, other staff) and what data to redact (none, all, or by specific categories of sensitive data or patient age). We then modified existing data-viewing software serving a state-wide health information exchange and a large urban health system and its primary care clinics to allow patients’ preferences to guide data displays to providers.RESULTS: Patients could allow or restrict data displays to all clinicians and staff in a demonstration primary care clinic, categories of providers (physicians, nurses, others), or individual providers. They could also restrict access to all EHR data or any or all of five categories of sensitive data (mental and reproductive health, sexually transmitted diseases, HIV/AIDS, and substance abuse) and for specific patient ages. The EHR viewer displayed data via reports, data flowsheets, and coded and free text data displayed by Google-like searches. Unless patients recorded restrictions, by default all requested data were displayed to all providers. Data patients wanted restricted were not displayed, with no indication they were redacted. Technical barriers prevented redacting restricted information in free textnotes. The program allowed providers to hit a “Break the Glass” button to override patients’ restrictions, recording the date, time, and next screen viewed. Establishing patient-control over EHR data displays was complex and required ethical, clinical, database, and programming expertise and difficult choices to overcome technical and health system constraints.CONCLUSIONS: Assessing patients’ preferences for access to their EHRs and applying them in clinical practice requires wide-ranging technical, clinical, and bioethical expertise, to make tough choices to overcome significant technical and organization challenges.",
keywords = "electronic health records, fair information practices, patient preferences",
author = "Leventhal, {Jeremy C.} and Cummins, {Jonathan A.} and Peter Schwartz and Douglas Martin and Tierney, {William M.}",
year = "2014",
doi = "10.1007/s11606-014-3055-y",
language = "English",
volume = "30",
pages = "17--24",
journal = "Journal of General Internal Medicine",
issn = "0884-8734",
publisher = "Springer New York",
number = "1",

}

TY - JOUR

T1 - Designing a System for Patients Controlling Providers’ Access to their Electronic Health Records

T2 - Organizational and Technical Challenges

AU - Leventhal, Jeremy C.

AU - Cummins, Jonathan A.

AU - Schwartz, Peter

AU - Martin, Douglas

AU - Tierney, William M.

PY - 2014

Y1 - 2014

N2 - BACKGROUND: Electronic health records (EHRs) are proliferating, and financial incentives encourage their use. Applying Fair Information Practice principles to EHRs necessitates balancing patients’ rights to control their personal information with providers’ data needs to deliver safe, high-quality care. We describe the technical and organizational challenges faced in capturing patients’ preferences for patient-controlled EHR access and applying those preferences to an existing EHR.METHODS: We established an online system for capturing patients’ preferences for who could view their EHRs (listing all participating clinic providers individually and categorically—physicians, nurses, other staff) and what data to redact (none, all, or by specific categories of sensitive data or patient age). We then modified existing data-viewing software serving a state-wide health information exchange and a large urban health system and its primary care clinics to allow patients’ preferences to guide data displays to providers.RESULTS: Patients could allow or restrict data displays to all clinicians and staff in a demonstration primary care clinic, categories of providers (physicians, nurses, others), or individual providers. They could also restrict access to all EHR data or any or all of five categories of sensitive data (mental and reproductive health, sexually transmitted diseases, HIV/AIDS, and substance abuse) and for specific patient ages. The EHR viewer displayed data via reports, data flowsheets, and coded and free text data displayed by Google-like searches. Unless patients recorded restrictions, by default all requested data were displayed to all providers. Data patients wanted restricted were not displayed, with no indication they were redacted. Technical barriers prevented redacting restricted information in free textnotes. The program allowed providers to hit a “Break the Glass” button to override patients’ restrictions, recording the date, time, and next screen viewed. Establishing patient-control over EHR data displays was complex and required ethical, clinical, database, and programming expertise and difficult choices to overcome technical and health system constraints.CONCLUSIONS: Assessing patients’ preferences for access to their EHRs and applying them in clinical practice requires wide-ranging technical, clinical, and bioethical expertise, to make tough choices to overcome significant technical and organization challenges.

AB - BACKGROUND: Electronic health records (EHRs) are proliferating, and financial incentives encourage their use. Applying Fair Information Practice principles to EHRs necessitates balancing patients’ rights to control their personal information with providers’ data needs to deliver safe, high-quality care. We describe the technical and organizational challenges faced in capturing patients’ preferences for patient-controlled EHR access and applying those preferences to an existing EHR.METHODS: We established an online system for capturing patients’ preferences for who could view their EHRs (listing all participating clinic providers individually and categorically—physicians, nurses, other staff) and what data to redact (none, all, or by specific categories of sensitive data or patient age). We then modified existing data-viewing software serving a state-wide health information exchange and a large urban health system and its primary care clinics to allow patients’ preferences to guide data displays to providers.RESULTS: Patients could allow or restrict data displays to all clinicians and staff in a demonstration primary care clinic, categories of providers (physicians, nurses, others), or individual providers. They could also restrict access to all EHR data or any or all of five categories of sensitive data (mental and reproductive health, sexually transmitted diseases, HIV/AIDS, and substance abuse) and for specific patient ages. The EHR viewer displayed data via reports, data flowsheets, and coded and free text data displayed by Google-like searches. Unless patients recorded restrictions, by default all requested data were displayed to all providers. Data patients wanted restricted were not displayed, with no indication they were redacted. Technical barriers prevented redacting restricted information in free textnotes. The program allowed providers to hit a “Break the Glass” button to override patients’ restrictions, recording the date, time, and next screen viewed. Establishing patient-control over EHR data displays was complex and required ethical, clinical, database, and programming expertise and difficult choices to overcome technical and health system constraints.CONCLUSIONS: Assessing patients’ preferences for access to their EHRs and applying them in clinical practice requires wide-ranging technical, clinical, and bioethical expertise, to make tough choices to overcome significant technical and organization challenges.

KW - electronic health records

KW - fair information practices

KW - patient preferences

UR - http://www.scopus.com/inward/record.url?scp=84925502079&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84925502079&partnerID=8YFLogxK

U2 - 10.1007/s11606-014-3055-y

DO - 10.1007/s11606-014-3055-y

M3 - Article

C2 - 25480722

AN - SCOPUS:84925502079

VL - 30

SP - 17

EP - 24

JO - Journal of General Internal Medicine

JF - Journal of General Internal Medicine

SN - 0884-8734

IS - 1

ER -