John J. Mercuri
Faculty peer reviewed
The 111th Congress allocated $19 billion of the American Recovery and Reinvestment Act of 2009 toward the creation of an electronic health record (EHR) for each person in the United States by 2014.(1) The recent debate over EHRs has focused largely on the economic, logistical, and political consequences of implementing such a system; however, the country should also contemplate the ethical ramifications of EHRs. Addressing these concerns requires the application of ethical principles such as autonomy, justice, beneficence/non-maleficence, and privacy and confidentiality.
Positively, autonomy means allowing “individuals to make their own choices and develop their own lives in the context of a particular society and in dialogue with that society;” negatively, “autonomy means that one human person, precisely as a human person, does not have authority and should not have power over another human person.”(2)(p29) Any type of EHR system must maintain respect for patient autonomy, and decisions must be made about the access, content, and ownership of the records.
People are shifting many daily activities to the Internet, and the growth of social networking websites has given people the ability to control and define their online presence.(3) Mandl, Szolovits, and Kohane note that autonomous patients will expect to access their EHRs with relative ease, and many patients might desire a level of control over their records’ content. Such a high level of patient autonomy conflicts directly with the medical and legal utility of a health record. For this reason, patients should be restricted from modifying or deleting any of the content entered by health care professionals; however, it should be acceptable for autonomous patients to view, annotate, or challenge the record with relative ease.4 This type of access might actually result in a higher quality document because patients will act as proofreaders of their own health histories.
The ownership of EHRs must also respect patient autonomy. Autonomous patients will argue that they are the rightful owners of the intimate information contained in their EHR. As with other types of electronic media, however, the companies that create EHR software or maintain the data storage servers might claim ownership of the data.(4) Similarly, individual health care providers and hospitals might argue for ownership of the information. These obvious conflicts between economic and personal value, professional and patient autonomy, and business interests must be rectified both ethically and legally before EHRs are implemented widely across the health care system.(5)
Justice is commonly defined as “fairness.”(6) With respect to health care, justice refers to society’s “duty to provide its members with access to an adequate level of health care that fulfills basic needs.”(2)(p245) EHR systems are most beneficial when they are user-friendly, fully integrated, easily searchable, and built with well-designed hardware and software.(7,8) Such EHRs have the potential to help the health care system provide higher quality care to a larger number of people, thus making the system more equitable through improved efficiency and effectiveness. On the other hand, EHRs also have the potential to create new injustices. A so-called digital divide already exists between different socioeconomic groups, with greater computer and Internet access and usage among people of higher socioeconomic status.(9) EHRs might exacerbate this preexisting technology gap, thereby hindering patients of lower socioeconomic status from gaining the full benefits of an accessible EHR system.
These two principles are literally defined as “do good” and “avoid evil,” respectively. Applied broadly, however, these definitions are so vague that they are practically useless.(2)(p57) Thus, this essay will discuss beneficence in relation to using the data stored in the EHR system and non-maleficence in relation to protecting the data.
A large, interconnected system of EHRs will contain a massive amount of raw data, and great potential will exist to conduct groundbreaking biomedical and public health research. Such research will do good not only to the health of individual patients, but also to the health of society as a whole. Therefore, as new EHR systems are designed, patients should be given the ability to release information from their EHRs to scientists and researchers.(4,10,11) Likewise, approved researchers should be given permission to easily access and analyze data that is made public. Developing a large, research-compatible system of EHRs will be costly and legally challenging; however, the long-term benefits will be more valuable than the initial costs.(12)
The integrated data storage of an EHR system also creates several potential harms, as described by Mandl, Szolovits, and Kohane. First, temporary outages of the EHR system will, at a minimum, hinder the work of health care professionals or, worse, cause significant patient morbidity or mortality. However, total system failures and the loss of patient data present an even greater danger than temporary outages. Since the loss of health data is unacceptable in any circumstance, all data must have multiple back-ups that can be quickly and easily recovered. Second, a foolproof security system for electronic data has never been developed. Medical records contain some of the most sensitive information about an individual. If EHR systems cannot maintain the highest level of data security, patients could suffer a variety of harms.(4)
Privacy and Confidentiality
“Confidentiality is concerned with keeping secrets… A professional secret is knowledge that, if revealed, will harm not only the professional’s client, but will do serious harm to the profession and to the society that depends on that profession for important services.”(2)(p117-119)
The confidentiality of a patient’s medical information is sacred in the health care profession. Mandl, Szolovits, and Kohane note that health records contain intimate information that, if revealed, could result in anything from minor embarrassment to the loss of insurance or employment. The maintenance of strict confidentiality creates an environment that facilitates the privileged and unrestricted sharing of sensitive information between a physician and a patient. Any breach of privacy will irreparably damage this unique doctor-patient relationship. In the absence of confidentiality, patients might not fully disclose important facts; even worse, patients might avoid medical care entirely. (4)
Unfortunately, as mentioned earlier, privacy might conflict with the beneficence of an integrated EHR system. EHRs will certainly be most secure if patient data were the patient’s private property; however, good public policy can both protect privacy and provide a level of openness that will benefit the public health most fully.(9,13,14) For example, in order to protect simultaneously both patient privacy and autonomy, Mandl, Szolovits, and Kohane propose not only enabling patients to make decisions about how much of their EHRs they wish to make public to scientists and researchers, but also enabling them to give certain health care providers different levels of access to their EHRs. Although allowing patients to set the access level of various health care providers will certainly respect their confidentiality, it might inadvertently harm their medical care by preventing providers from accessing the information they need.(4) Ultimately, patients will have to balance this risk with their desire for privacy.
This essay has briefly surveyed how the ethical principles of autonomy, justice, beneficence/non-maleficence, and privacy and confidentiality apply to a large, integrated system of EHRs. Clearly, the ethical consequences of such a system should be part of the current public debate over health care reform.
John Mercuri is a 3rd year medical student at NYU Medical School.
Faculty peer reviewed and commentary below by Andrew Wallach MD, NYU Division of General Internal Medicine.
John Mercuri effectively argues the importance of applying ethical standards to the current debate on EHRs. Patient ownership of their data, in terms of both content and privacy, is key. As electronic patient records (albeit stripped of their protected health information) are sought by pharmaceutical and insurance companies, policy-makers, and researchers, there is great potential for both financial and personal harm to individuals if the data are not fully protected. Further, inherent conflicts of interest arise when the same companies that maintain electronic patient data also sell the much sought-after information from their data warehouses, a practice that happens today. Clearly, there are numerous benefits to EHRs; however, we are reminded by Mr. Mercuri of the importance of including these ethical considerations in the current debate.
1. American Recovery and Reinvestment Act of 2009. HR 1, 111th Congress, 1st Session, Title XIII. <www.rules.house.gov/111/LegText/111_hr1_text.pdf>. Enacted 2009. Accessed September 13, 2009.
2. Garrett TM, Baillie HW, Garrett RM. Health Care Ethics: Principles and Problems. 4th ed. New Jersey: Prentice Hall; 2001.
3. Google Trends. <www.google.com/trends>. Accessed September 13, 2009.
4. Mandl KD, Szolovits P, Kohane IS. Public standards and patients’ control: how to keep electronic medical records accessible but private. BMJ. 2001;322(7281):283-287.
5. Hall MA, Schulman KA. Ownership of medical information. JAMA. 2009;301(12):1282-1284.
6. Oxford English Dictionary. 2nd ed. s.v. “Justice.” <http://dictionary.oed.com/cgi/entry/50124865?query_type=word&queryword=justice&first=1&max_to_show=10&sort_type=alpha&result_place=1&search_id=7n0T-MBTDrE-12380&hilite=50124865>. Published 1989. Accessed September 13, 2009.
7. D’Avolio LW. Electronic medical records at a crossroads: impetus for change or missed opportunity? JAMA. 2009;302(10):1109-1111.
8. Sittig DF, Singh H. Eight rights of safe electronic health record use. JAMA. 2009;302(10):1111-1113.
9. Kontos EZ, Bennett GG, Viswanath K. Barriers and facilitators to home computer and internet use among urban novice computer users of low socioeconomic position. J Med Internet Res. 2007;9(4). <http://www.jmir.org/2007/4/e31/v9i4e31>. Accessed September 13, 2009.
10. Meier B. Panel Suggests Medical Priorities for U.S. New York Times. Published 30 June 2009. <http://www.nytimes.com/2009/07/01/health/policy/01compare.html?_r=1&hp>. Accessed September 13, 2009.
11. Lee LM, Gostin LO. Ethical collection, storage, and use of public health data: a proposal for a national privacy protection. JAMA. 2009;302(1):83-84.
12. Duncan JR, Evens RG. Using information to optimize medical outcomes. JAMA. 2009;301(22):2383-2385.
13. Rodwin MA. The case for public ownership of patient data. JAMA. 2009;301(22):86-88.
14. Gostin LO, Nass S. Reforming the HIPAA Privacy Rule: safeguarding privacy and promoting research. JAMA. 2009;301(13):1373-1375.