Thursday, June 4, 2009

Myths Will Wait--What's a PHR?

Today's column was supposed to be "The Seven Myths of Healthcare Technology; 2. Technology Can Do Healthcare." However, this evening was the opening reception for the Government Health Information Technology (GHIT) Conference in Washington, DC (June 4, 5 at the Ronald Reagan Center). It was hosted at the Canadian Embassy and there were senior representatives of some of the leading organizations in GHIT. It was a good time; There was talk--and rumour. And news.
The word was that there is an urgent push on the Hill to modify the HIT legislation to include Personal Health Record (PHR) with the Electronic Health Record. This led to an impromptu roundtable of core people from HIMSS and the GHIT conference to consider the question;

"Why a PHR? What Would It Be? How Would It Work?

There were different ideas of "Why." A regulatory thinker felt a PHR to be nothing more than a comfort to paranoid citizens who want to "control" their personal information, but that it could never be used as a trustworthy resource by a provider. A sociological view saw the PHR as an opportunity to gather massive amounts of statistical data to drive cultural, epidemiological and other study data--all identity-scrubbed, of course. Others saw it as a traveler's safety, providing accurate information for use in a critical-care situation.
The group came to see it as having value in each of these ways, but requiring two types of data; Mandatory information written and managed by authorized providers (drug interaction/allergies, for example) and optional data which the patient could modify or erase as they wish (treatment for a wart).
This dichotomy would have specific requirements. Among the many discussed, were;
Data requirements to qualify as a PHA (what information MUST be in the record to qualify as a PHA)
Standards of encoding
Clearly defined, documented and controlled workflows for access, addition, modification and deletion of data.
Security and privacy considerations
Most importantly, a standard storage, transportation and access method
This storage method must have access control; For instance, a method to "sign" for "consent to view" by the patient.
A physically secure method to "sign" for "access to write" by providers.

One method posited for serving these requirements was a smartcard. Specifically, a smart-Social Security-card. As a number is issued at birth (or immigration), data collection can begin shorty after the card is issued, ensuring that even children have a PHA to carry into adulthood.This would, however, have to be a very smart card. It would require two physical sections; one secured against patient access and the other enabled for patient access. These securities would have to be "countersigned" biometrically, perhaps in combination with passcode. There were some high-level workflows discussed as well.
A patient enters a new facility and meets a new provider. They present their smartSScard and swipe a fingerprint reader to authorize read-only access to their data.
Following on treatment, the provider wants to add data to the record. Some may be defined as "mandatory." For example, a new drug allergy is discovered. The provider must also identify biometrically, with crosscheck at a centralized, government record. This data would then be written to the "secured" side of the smartchip.
Some of the data may not be mandatory; Perhaps, notes of elective plastic surgery. These would be written to the "optional" side of the smartchip. All of the data would still be entered into and maintained in the regular medical record.
This is only one workflow. There are still questions; How would a PHR be used when traveling? Would an international standard be developed? How could providers from outside the system add data? If the data is pertinent to critical care, how to access the data when the patient is unresponsive? How could data be added without the specialized equipment needed to access the card, contact external databases and read biometric data? What, if any liabilities could arise from use of PHR data? How would PHR data be validated with the EHR?

Lots of questions. Lots of ideas. The PHR/EHR discussions are picking up, and at GHIT there should be quite a few as they come into play with the panel discussion of remote and rural communities......

Let us know what you think....

No comments: