The enactment of an electronic guideline and decision support function is of greatest clinical value when it is linked to the circumstances and needs of an individual patient. Guidelines therefore need to be linked to the EHR. An appropriately linked guideline system would, for example, enable a clinical system to:
• accept a random blood glucose of 4.2 mmol/l and pass it directly to the EHR;
• warn the clinician when entering a blood glucose of 7.4 mmol/l, invoking a textual message or
initiating a protocol depending upon whether the patient is diabetic;
• reject a blood glucose of 74 mmol/l as a typing error.
(Tierney, Overhage et al. 1995) identify several issues that needed to be addressed if guidelines are to be consistently used with EHRs, including the recognition of co-morbidity and concurrent medication, and the need to indicate the clinical importance of a recommendation. (van der Lei and Musen 1995) draw attention to the need for decision support systems to accommodate the underlying terminology system of the medical record system they interoperate with, rather than incorporating their own controlled vocabulary for domain knowledge.
Chapter 5: Published contributions to the FHR Design If decision support and EHR systems are to interoperate safely the metadata defining clinical data elements needs to be held in common, including the permitted data value ranges and the units or terminology systems to be used. The clinical use of a decision support system needs itself to be documented within the EHR, including the origin, name, version and step of the guideline influencing or generating a particular entry, and a copy of any message or recommendation provided to the user.
Decision support systems also need to be much more interoperable than at present, so that a tailored guideline can “follow the patient” as well as their EHR might soon do so.
5.11.
Ethical and Legal Issues
GEHR Ethical and legal requirements
Many of the ethical issues in adopting EHRs arise from its purposes: the definition below was proposed by the GEHR project (Ingram D, Southgate L et al. 1993).
• The primary purpose of the patient record is to benefit the patient by providing a record of
care that supports present and future care by the same or other clinicians.
• The secondary purpose is to provide a medico-legal record of the care provided and hence
support and demonstrate the competence of clinicians.
The foundations of the relationship between a clinician and a patient are the delivery of clinical care to the highest possible standard and the respect for patient autonomy. This inevitably means that the right to informed consent and the right to confidentiality are important moral principles for a 'good' health record system. Patients should exercise as much choice over the content and movement of their health records as is consistent with good clinical care and the lack of serious harm to others. Records should be created, processed and managed in ways that optimally guarantee the confidentiality of their contents and legitimate control by patients in how they are used. It is well recognised that there are few indications for withholding information from patients (Fisher and Britten 1993), (Data Protection Act 1998 1998). The communication of health record information to third parties should take place only with patient consent unless emergency circumstances dictate that implied consent can safely be assumed.
Clinical rights to access an EHR should be on the grounds of direct care provision, with appropriate explicit or implied consent. These rights are normally applied to a clinical team involved in the provision of care to patients, but frequently also extend to non-clinical personnel directly supporting the care providers, such as medical secretaries. The definition of this extended team is unfortunately not consistent and nor usually publicly known for each enterprise. Access for continued professional learning by the care teams involved in direct care, and internal or external
Chapter 5: Published contributions to the FHR Design quality assurance, are widely considered to be acceptable practice, although access for research and for teaching beyond the immediate care team are now regarded as requiring explicit informed consent.
The EHR must be a legally acceptable: admissible as evidence in legal proceedings, as well as authorising the validity of prescriptions and other orders. The EHR has to be durable, and the systems interpreting the EHR need to be accurate and safe. The responsible clinician making a recording must accept that he or she is thereby accountable for the care given. Information created or received by a clinical information system must therefore only be considered part of the EHR when an accountable clinician has authenticated it. Some components of clinical competence are closely related to the role of clinicians in the societies in which they practice. The EHR should allow the clinician to express information, ideas and justification for actions fully and without restriction. The health record must not impose the values of one society on the clinical practice of another, although it should promote ways of learning about different styles of clinical practice. The health record must be capable of evolution as society develops and defines new aspects of the common core of practice.
Other contributions on ethical issues
Kluge argues that the advent of advanced patient record systems should be accompanied by a change from paternalistic health care attitudes to a patient autonomous approach (Kluge 1993). He states that the global integration of patient healthcare information is creating a record that functions as the patient analogue in medical decision making space: it affects what is done to the patient and how others relate to the patient (Kluge 1995).
(Kluge 1998) also introduces the concept of a Health Information Professional (HIP) who might include information managers and IT staff at a healthcare enterprise. He proposes that HIPs have duties:
• to protect a patient's right to privacy and confidentiality; • to control access;
• to correct errors if requested by the patient;
• to ensure data are only collected when necessary and suitably de-identified when appropriate; • to ensure the integrity and availability of EHR data;
• to foster a security culture within their enterprise.
The “Tavistock Group“ (a multi-national working group) is developing a code of ethics for healthcare systems (Smith, Hiatt et al. 1999). (Collste, Shahsavar et al. 1999) suggest that ethical principles should also underpin the design of decision support systems.
Chapter 5: Published contributions to the FHR Design (Gaunt 2000) describes the challenge of balancing the differing record access requirements of a wide range of personnel including healthcare professionals, data controllers, data subjects, health insurers, government departments and professional bodies. He argues that the technical measures that can be taken to enable a security policy are probably not the most challenging dimension, but rather that of developing and implementing a workable policy. He cites as impediments to change:
• the attitude and sometimes ignorance of healthcare staff towards security measures they should
personally take;
• the conflicting demands on time and financial resources between ensuring information is
available and adequately protecting it;
• inadequate technical systems, and inconsistent security policies between organisations that share EHR data.
Other practical challenges include the accreditable training of thousands of staff within any one enterprise, and managing their turnover. He cites the growing use of the fax to communicate information between hospitals and GPs as an example of an easy and "successful" but woefully insecure approach.
Anderson emphasises the major public concern about the protection of EHR information, in particular if this is available in a distributed form such as the Internet (Anderson 2000b). He concludes that systematic US public policy is needed (even post-HIPAA), and suggest that US endeavours lack cohesion and are unnecessarily different from the approaches and legislation in Europe.
These ethical considerations for health records have an important bearing on the requirements for the FHR information architecture: the medico-legal requirements listed in Section 6.4 form a significant proportion of the overall set.