In February, the Australian Government announced that by 1 July, each of the country's citizens would be assigned a 16-digit health number, forming the core of a planned electronic patient-records system. A year earlier, US President Barack Obama earmarked $2bn in the Stimulus Bill to aid states in setting up healthcare data centres.
It seemed that after years of false starts, such as Britain's widely criticised National Programme for IT, e-health was about to take off. But at the same time as these moves, other programmes were stalling. In January, the German Government announced a halt to the introduction of smart cards for its citizens, citing privacy concerns. The Australian press was quick to raise similar concerns, questioning the decision to create a two-speed system with protection for at-risk individuals, a group that includes politicians and celebrities.
A study by the EU presidency claimed that effective use of IT in healthcare could free up nine million bed days and save €3.7bn every year. But for patients who often do not bear healthcare costs directly, the savings are intangible, whereas the shock of lost data hitting the headlines is not. Privacy and security remain the overriding concerns.
Even governments, which do stand to benefit directly, are struggling to control healthcare spending in the short term and find the upfront costs of effective data-management technology off-putting.
Enforcing data protection
Mick Gorrill of the British Information Commissioner's Office (ICO) has responsibility for enforcing the country's data protection laws. His office recorded 240 information security breaches in the National Health Service (NHS) between November 2007 and January 2010. By encouraging clinicians and practice managers to take responsibility for their actions, Gorrill thinks the vast majority of these could have been avoided without the need for expensive solutions. In many cases, he argues, simple encryption would have mitigated the damage.
In one high-profile case, a GP lost 30,000 patient records stored on a USB stick. "We make the analogy that one record is worth £1," he says.
"If you had £30,000 in cash and you lost it, would you forget you'd lost it? Would you leave it in the boot of your car? Would you leave it in a locker in the gym? Clinicians need to understand that, in terms of reputational damage, medical records are valuable items."
The difficulty, argues Paul Briault at security company RSA, is that truly ensuring privacy relies on structural approaches to information management rather than quick fixes. "The ICO stamped down on some things and a data handling review came out focusing very much on encryption," he explains.
"People saw that encrypting everything would be a solution and that all their worries would go away. Unfortunately, that means no one is fixing the underlying problem or really examining the processes that are in place."
The obvious problem is that more sophisticated technology brings with it higher capital costs. While Briault acknowledges this, he believes it is the wrong way of looking at the situation. "What hasn't been realised is the value point," he says. "It might be that spending £1m on a comprehensive system is a better route to go down than spending £100,000 on a point solution that means you bury your head in the sand in the hope that nothing happens.
"There are probably some security officers within healthcare who cross their fingers every morning and hope that nothing gets lost."
Out the loop
The main problem with encryption is that it allows information to be taken out of the controlled system in the first place. Alan Gillies, professor of information management at the University of Central Lancashire, UK, and an expert on health data, explains that under current systems the electronic protection stops at the hospital or practice wall. When clinicians want to work at home, they have no other option than to download the information. In many cases, less sophisticated technology than that being offered by companies such as RSA could still provide greater security.
"Virtual private networks are a way of extending the security that exists in the practice," Gillies explains. "If someone is using a mobile device outside the practice, it should be a way of logging-in to a system remotely, not a data-storage device. The information stays within those four walls and the clinician is just accessing it."
If Gorrill compares records on a USB drive with cash, then online systems are more like a credit card.
Conflict of interests
What undermines the arguments of the experts is the attitude of users themselves. At a conference on NHS information security hosted by Capita in London at the end of January, it was clear that the rigour with which the audience of data managers approached the issues was not always shared by medical practitioners. Gorrill faced a number of questions essentially on how to say "no" to clinicians asking for inappropriate access to information in the belief that it would make their jobs easier.
Briault argues that in cases where outdated technology is used, the concerns of providers are legitimate. "There's a balance between protecting information from threats and making sure that the processes clinicians go through allow them to do their job," he explains. "If the technology is constrictive they start looking for workarounds."
Historically, patients have trusted their doctors with extensive information but Gillies points to studies that show when new technology has been introduced, clinicians' commitment to confidentiality has faltered. "They don't automatically see that the same values should be carried over," he says. "It's not that they're not committed to patient care, it's because they're not aware of what the implications are or they don't understand how to use the
Gillies adds that the experience of switching to electronic records can be disconcerting for many doctors. "Professionals who have been experts in what they do for 20 to 25 years are being told they need new skills to carry on being competent," he says. "That's something that needs handling with a degree of sensitivity. Otherwise, there will be a fairly negative reaction."
The ICO plays an educational role in supplementing its work as an enforcement body in an attempt to overcome this problem. An important step is ensuring the next generation of doctors are provided with sufficient training to use electronic systems and have a good understanding of maintaining the privacy of digital records.
The risk is that under-resourced medical schools pass on bad habits due to poor implementation of technology. At one university in northern England, for example, a lack of smart cards means students are often forced to share, accessing records using one another's accounts.
Gillies has experienced the problems first hand. "There are junior doctors keen to have training in those sorts of areas," he says, "but we have difficulties actually getting them released from their clinical duties by their consultants because they don't see it as a priority."
The demands of clinicians have also put strain on the digital architecture required to support electronic health records.
A report published in January by consulting company Forrester highlighted how the rapid pace of development in end-user technology – the PDAs and other devices used by doctors doing their rounds – has not been supported by similar investment in servers and networking. The researchers conducted in-depth interviews with 102 healthcare IT managers in the US – 75% reported server failures in the past two years and 66% of these believed they had impacted on care provision. Half of all those surveyed were not confident that their systems had the ability to meet future demands.
It is these kinds of figures that give clinicians reasons to be sceptical of digitisation of records and serve to feed public anxiety. Gillies recognises that there have been problems in the past, but thinks that investment and reform has, in the UK at least, brought benefits. Regional health bodies now have responsibility for backing up data and creating a layer of governance above the individual GP practices.
For data experts who are generally confident about the reliability of the technology, a greater challenge is in developing standards for data entry to ensure that records are accurate and can be transmitted between different regions.
The most widely adopted standard is the Systematised Nomenclature of Medicine Clinical Terms – SNOMED CT. A collaboration between the College of American Pathologists and the NHS, the system is administered by the International Health Terminology Standards Development Organisation, a Danish charity.
Although international standards have been developed, Gillies believes there are still problems implementing them at a local level. The data entry methods work by storing records as a series of codes and there is very little scope to add contextual information. In a paper-based system, doctors' training and experience allow them to interpret notes. Digital systems do not afford this luxury.
"With the national programme there's potential to share information across the country, so every clinician has to use the same code to mean the same thing and that's a hugely complex issue," he explains. "There have been fairly spectacular examples of local conventions leading to some interesting results when they are taken out of context."
A positive outlook
Despite the challenges, data experts are enthusiastic about the opportunities electronic patient records present. Gorrill believes that in the UK a cultural change is taking hold and clinicians' understanding of the importance of data security is growing. He makes the comparison with police officers who over time developed very strict attitudes and behaviour. "Most organisations want to comply and keep information secure," he says. "There has been a marked improvement and public perceptions are good."
For all their focus on the role of technology, Briault and Gillies agree that people form the foundation of the system. "The technology is not the panacea it's often presented as," Gillies says. "It does have the potential to do far more than it's currently doing, but it's the processes around it and the skills people have which will determine the number of embarrassing security failures and the extent it will benefit patients."
Briault adds that intelligent use of software can make major differences. "There are solutions out there that align with how clinicians need to work," he says. "That's in terms of access and authentication, information protection and minimising other threats such as fraud."
Considering the problems away from the frontlines, it can be easy to smooth over the problems hospitals and primary care units face on a day-to-day basis. The extensive training required in the medical community and the need to firmly win public confidence will be a long-term process.
However, the technology exists to make electronic patient records work and there is great potential for cost savings and ability to better co-ordinate treatment. By planning for the long term, data managers and clinicians have the opportunity to implement systems that transform the way care is provided.