The delivery of safe healthcare relies on the availability of the right information in the right place at the right time. This mantra has been repeated for years, yet the availability of the right information when and where it is needed still poses a major challenge to healthcare providers.
In part, the problem lies with the use of paper based health information. It is not easily accessible or transferable, and the risk of losing paper based information is high. Storage is increasingly expensive and aggregation for any useful purpose is extremely difficult. However, there is a perception that paper is more secure because it is tangible and can be kept under lock and key. The security and privacy risks to changing how we collect, store and share health information are valid, but not insurmountable. The benefits of a fundamental shift away from the use of paper based systems are such that tackling any potential privacy issues is imperative. Health information has intrinsic value, particularly detailed longitudinal health records and it is for this reason that it is important that it is adequately protected while still allowing for the improvements to the provision of care that it enables.
The use of electronic systems for the collection, storage and transfer of health information is key to tearing down some of the current barriers to safe and efficient healthcare. Enabling the flow of health information, Health Information Exchange (HIE), across institutional, sectoral and geographical boundaries can vastly improve accessibility, improve efficiency and reduce duplication of effort in terms of collecting information and also repeat testing at different locations. It also allows for chronic disease management to be shifted away from secondary and tertiary level care into home care and primary care settings. In contrast to paper based information, electronic information storage is becoming increasingly less expensive and can be anonymised for research and development purposes of benefit. This all contributes to a safer and more patient-centred experience for individuals seeking healthcare. HIE through electronic means, not only helps with the availability of information for the delivery of healthcare, it also allows the gathering of aggregate data to inform population health initiatives and assist decision makers in defining policy and appropriately allocating funds.
In order to achieve a patient-centred system of healthcare delivery, it is vital that the tools of delivery in terms of information, are clinician-centred to ensure that clinicians have access to the information they need to provide good quality, fully informed healthcare. Regardless of the system chosen, the effectiveness of security and privacy controls are heavily dependent on the intended uses of health information collected electronically. At the planning stages, all potential use cases for collecting, storing and sharing of health information should be documented so that privacy controls can be built around each. This may sound onerous, but undertaking a structured Privacy Impact Assessment (PIA), at the planning stages of any major information related project such as the purchase of an Electronic Medical record (EMR) system can help ensure that the privacy of individuals is fully protected in accordance with the Data Protection Acts. It still allowing the benefits of moving away from a paper based system mention above. This also aids in the process of gathering concise requirements of any system prior to purchase.
A detailed handbook on how to conduct a comprehensive PIA, specifically relating to health information projects has been developed by the Health Information and Quality Authority in Ireland and is available on their website for download and use. www.hiqa.ie/publications/guidance-privacy-impact-assessment-health-and-social-care
Clare Harney Quality Manager at Sláinte Healthcare
A native of Dublin, Clare joined Sláinte Healthcare in 2014 as Quality Manager. Her previous role as Health Information Project Manager for HIQA (Health Information and Quality Authority Ireland) focused on researching and developing health information standards, guidance and recommendations. She was also seconded to the Department of Health in 2013 as an advisor to aid the development of legislation for the introduction of health identifiers in Ireland. Prior to this, she gained experience working for many years in both the public and private health sectors. Her current responsibilities include managing quality and risk management processes and procedures across Sláinte Healthcare.