Sharing raw patient information presents potentially serious risks
MedicAlert® warns of dangers.
Relying on unmoderated, raw patient health information acquired from health providers’ practice management systems may
present serious and unintended risks for both health practitioners and their patients, says the chief executive of
MedicAlert® Foundation NZ, Murray Lord.
Although the type of information being shared by Health IT Systems is restricted, practice management systems contain
information dating back some two decades to when these systems were first implemented, Mr Lord said.
“Some information was entered well before the prospect of it being shared came into being, furthermore health
practitioners are not information technology or data entry experts.
“They are very professional and committed to patient safety and privacy, but they are also often time poor and under
considerable workload pressures, so it is naive to think they are not afflicted by the same human condition we are all
affected by. No one is perfect.
“Even the most experienced data entry operators make unintended mistakes. Information to be shared, needs to be
moderated by the patient, providing a portal and ‘hoping’ this will happen is not good practice.”
Mr Lord said that in MedicAlert®’s experience, this problem does not just go away either, it requires ongoing attention
and follow-up.
He said that newly proposed Government funded Call Centre systems and services, while making perfectly good sense
ideologically, could also expose patients to potentially very embarrassing experiences, which can lead to considerable
anxiety, distrust and upset. In addition, other risks continue to be discovered by MedicAlert®, which it collaboratively
works directly with health providers to fix, following patient moderation.
Risks buried deep within such systems is information:
Which has since been discovered to no longer apply, but has not yet been removed.
That is entered into incorrect fields.
That should be marked private, but is not.
Which has self-made codes or no codes, so may not pass reliably from one system to the next, or could pass across
incorrectly.
That is simply missing for reasons not necessarily the fault of the health practitioner, but must be identified and
fixed.
Mr Lord said some patients can be a little blasé about their personal health information. This changes when a person
enrols with MedicAlert® Foundation and they get to see their vital shared health information, often for the first time.
They realise how sensitive their information is.
Patients provide informed consent for MedicAlert® to electronically acquire their raw health information from their
doctor.
MedicAlert® then proactively works with the patient to moderate the accuracy and completeness of their information,
contacting the health practitioner’s practice when necessary to ensure matters of concern are addressed.
“The sooner health providers start utilising MedicAlert®’s electronic referral functionality in their PMS system for ‘at
risk’ patients, the sooner any issues which may exist, can be discovered and rectified.
“Most people would have no idea about the complexities involved in getting this information correct. MedicAlert®’s
services have a direct benefit to both patients and health providers and strengthen trust and confidence in the health
system,” Mr Lord said.
The Foundation’s systems also add another layer of privacy risk mitigation which has been found to be most important.
MedicAlert® has invested over one million dollars on specialised IT system functionalities, which now enable it to
systematically mitigate such risks, but not all can be fixed without a human eye passing over it.
Mr Lord said: “Patients must be fully informed about the information that is to be shared. Failing to respect this or
take account of these matters could expose patients to avoidable health, safety and privacy risks and in doing so,
expose highly competent and experienced health practitioners to unnecessary, costly and avoidable complaints that could
harm their reputations.”
When a patient agrees to share their vital health information, MedicAlert® strongly recommends they utilise an
independent service, such as MedicAlert®, to moderate their information and protect themselves from such risks.
MedicAlert® enables 24/7 nationwide and international patient and emergency services access to vital health information
for patients. They also provide access to that information in an emergency situation, to help protect the individual’s
health, welfare, safety and rights.
The Foundation has considerable experience in handling vital patient information, for the purpose of protecting Health
Consumers from avoidable harm.
ends