- © 2008 Canadian Medical Association
By custom, the medical record has been stored as a paper file in the physician's office. The keeper of the record has been the physician — a banality in which lie 2 deeper concepts: one of ownership and one of access. Lately, it has come to be understood that the physician and the patient own the information in the record jointly and that each is entitled to control the access by third parties, though normally for different reasons. But now, driven by need and abetted by technology, much about the medical record is changing, raising new questions about how ownership and access are affected.
In the beginning, the record was simply a retrospective account of what transpired at each encounter between the physician and the patient. At the subsequent visit, it served as an aide-mémoire. Over time, one or more threads would run through it, more or less synthesized into a linear account of any particular illness. Soon though, hospital discharge summaries, attempts at treatment and, later on, laboratory test results were added in. Practice partners added interim notes, consultation letters began to arrive, followed by paramedical opinions, insurance reports and so on. Then specialization led to distinct records being kept in separate offices.
Soon, communication between holders of records became irregular. Bits of information came to be acquired in many places at different times, without a consistent means to unify them into a coherent whole. Information was being gained, but knowledge was being lost. Eventually, no one blind man could probe and adequately describe the proverbial elephant.
Obviously, the only way to restore coherence is by moving from the paper record to electronic storage and linkage. The essential quality of the electronic record is that it can allow all significant information to be accessible in one place at the same time. It can be searchable. It can possess a kind of algorithmic intelligence. If well designed and efficient, it can be organized and user-friendly.
There is a clinical need — one might say imperative — to proceed. Patient safety is the principal reason. For example, an electronic record could inform a physician not to prescribe a drug that is contraindicated by the patient's history. Emergency visits are another standout circumstance where access to the complete record will avoid harm, to say nothing of time and money.
The question, then, is who shall keep the records and who shall own them? Although the keeper is likely to change to encompass a virtual network of health care providers, ownership should remain with the patient.1 But ownership here means the ability to grant privilege to others to contribute to or gain access to the information. It does not mean the patient can change the record (although there could be a place for him or her to add comments).
Who will have the ability to make or alter an entry? Are we each about to become holders of our own somatic Wikipedia? What about retention of copies? These are difficult questions to answer, but it is far from obvious that the guarantor of our privacy should be the default one we tend to have now — a third-party public insurer.
Other than financing this system, concern about privacy and access seem to be among the major reasons why we still do not have electronic records generally available in this country. To be sure, the ethical and legal framework is complex and difficult, and patients have legitimate fears that their records could fall into the wrong hands. As a recent episode of lost data on 20 million people in the United Kingdom showed, governments can be horribly careless with the data that are entrusted to them.
Nevertheless, we at CMAJ believe that the benefits of electronic medical records clearly outweigh the risks. It has become clinically counterproductive to allow the risks to continue to delay the necessary development and implementation of technologies. Disease happens by chance; privacy laws happen by design — and by redesign, as need be. This is not to belittle the importance of privacy, but if we can handle the myriad privacy concerns involved in electronic banking, what is holding up electronic medical records?
If we agree that the patient owns and grants privileges and access to the record, then the electronic privacy rules will follow, to ensure that medical records enjoy the same level of protection as our financial and personal transactions. Perhaps it is time for members of the public to write to their elected political representatives and demand progress on electronic medical records, so that they can have access to a safer, more effective health care system. We have the e-technology; all we need is the e-will.
Footnotes
-
With the Editorial-Writing Team (Paul C. Hébert MD MHSc, Matthew B. Stanbrook MD PhD, Barbara Sibbald BJ, Noni MacDonald MD MSc and Amir Attaran LLB DPhil)