Say you end up in the emergency room. It’s not connected to your doctor’s office and you don’t have a list of the medications you’re on.
But because your doctor keeps your medical records electronically, and because his system is connected to a larger network, the emergency room doctor can tap into the network and pull up your records. He can find out what medications you take, what you’re allergic to, and any conditions that might affect your treatment.
That’s the sort of system health care providers, policymakers and government agencies across the country are trying to build. In Connecticut, a quasi-public agency called the Health Information Technology Exchange of Connecticut, or HITE-CT, is working to develop the infrastructure for records to flow between providers electronically.
(The system is officially known as a health information exchange, not to be confused with the health insurance exchange, the marketplace for buying coverage being created as part of federal health reform.)
Getting such a system to work will require more health care providers to begin using electronic records. There are challenges in developing the right technology to allow the various systems to share information.
But those involved in the process say the most complicated part is answering the policy questions that go along with the exchange of health records.
Like this: Should people have to give permission for their records to be shared through the exchange? Or should their records be accessible to other providers through the exchange unless the patient opts out?
The question has provoked passionate debates.
Under the policy HITE-CT developed, health records would be included in the exchange and made available to other health care providers unless a patient takes action to prevent his or her information from being shared. The patient’s records would still be included in the exchange, but would not be accessible to other providers.
But after some members of the HITE-CT board objected to the opt-out policy, the board decided to review it.
And lawmakers are trying to require a different process. A proposed bill, which passed the legislature’s Human Services Committee, would require patients to provide consent before their electronic records can be released.
Advocates of each approach say they support the goals of sharing information electronically, such as ensuring that health care providers have access to the information needed to treat a patient and avoid unnecessarily duplicating tests. They agree that it’s important to get as many people to participate in the exchange as possible.
But they disagree on how to achieve it.
Many health care providers say that the best way to ensure that people participate in the health information exchange is to automatically include and share their records, unless the patient opts out. Requiring patients to sign off on exchanging information could add barriers and cost to a system that needs streamlining and less expense, they say.
John Lynch, executive director of the Connecticut Center for Primary Care and a member of the HITE-CT board work group that developed the current policy, pointed to research on organ donor rates. In countries where people must sign up to be organ donors–an opt-in system–only a small percentage take action to become donors. But in countries where people are automatically considered donors unless they ask not to be–an opt-out system–an even smaller percentage chooses not to be.
“What happens to the health care information exchange if 85, 90 percent of people just didn’t choose and never opted in?” Lynch said. “It destroys any hope of all the efficiencies and quality improvement.”
Lynch also pointed to limitations in existing electronic health record software that he said do not have mechanisms to record a patient signing off to have his or her records shared. It could be added, but that would take time and expense, he said.
Others say it’s critical that patients make informed decisions about whether their medical records are exchanged electronically, and warn that anything that undermines public trust in information sharing could lead people not to participate.
Ellen Andrews, executive director of the Connecticut Health Policy Project and a member of the HITE-CT board, questioned whether patients would be educated about the exchange if their consent is not required, and how they would react if they learned about it later.
If patients don’t know about the system and a breach results in information being released accidentally, “there will be a justifiable public outcry” that will harm the health information exchange, she said.
The exchange would still be subject to laws that prohibit sharing some sensitive health information without patient consent, including records dealing with HIV, substance abuse and mental health. But Alicia Woodsby, public policy director for the National Alliance on Mental Illness Connecticut, said it would likely be unfeasible for health care providers to delete references to those conditions before sharing information in the exchange. In testimony supporting the bill, she raised concerns that ultimately, the exchange authority could seek to remove those protections.
Confusion over proposal
Debate over the bill has been complicated by disagreement over what it would require.
As written, the bill would prohibit health care institutions that keep electronic medical records from releasing patient information without written consent from the patient or the patient’s authorized representative.
Several people and groups who oppose the bill, including state Department of Social Services Commissioner Michael Starkowski, the Connecticut Hospital Association, and the Connecticut Association of Not-for-profit Providers For the Aging, warned that it could require health care providers to get a patient’s consent every time they share information, creating significant barriers for the health care system.
Critics of the bill said it would go beyond the Health Insurance Portability and Accountability Act, or HIPAA, which protects patient information but still allows doctors to share information with other doctors for consultations or other treatment, or for payment and health care operations, without patient consent.
“Exchange happens today,” Lynch said. “This could kill health care as it exists today.”
But the co-chairmen of the Human Services Committee, where the bill originated, said it is not meant to require patients to provide consent every time information is shared.
Rep. Peter A. Tercyak, D-New Britain, said the idea is to have people sign a consent form with a provider once to allow information to be shared by that provider going forward.
“You sign it once, they’re going to talk forever,” he said.
Tercyak noted that some patients pay doctors out-of-pocket or fill prescriptions at pharmacies they don’t otherwise frequent to keep their insurance company and local pharmacist from knowing they have a particular condition, such as erectile dysfunction. The bill would allow patients to keep records from certain providers from being shared, he said.
Sen. Anthony J. Musto, D-Trumbull, called the objections to the bill “overblown.”
“It seems like good policy to allow people to have more control over their medical information,” he said.
Requiring people to take action to keep their information from being shared would present problems, Musto said.
“The obvious problem with an opt out system is that people have to know that they have the ability to opt out, and I’m not quite sure how that would work unless their doctors told them,” he said. “Otherwise they’d have their health information shared routinely. Some people may simply not want that.”
Education, more policies needed
Those on both sides agree that educating patients about the exchange will be critical, no matter what the consent policy is.
“We know that what is likely to be most important about the effective development of a Connecticut HIE is extensive patient education,” said Kim Hostetler, vice president for administration and communications at the Connecticut Hospital Association. The association prefers an opt-out policy because it could lead to higher participation rates, strengthening the information exchange.
Patients already sign notices of privacy policies related to HIPAA in doctor’s offices, and providers who share information in an electronic exchange should update their notices to reflect that, Lynch said. But most people don’t read the forms, he noted, and simply slipping in another form to give permission for the exchange won’t educate the patient.
The state already has a pilot program that includes some community health centers and hospitals, and requires patients to opt-in to have their records shared.
The intent of the policy was to have patients give consent once and have it remain in effect unless they changed their mind, said Andrews, who is on the board of the group the pilot.
One of the organizations in the pilot, Community Health Center, Inc., which has sites across the state, spent more than a year working on policies for consent and ultimately developed a system to make sure patients were educated about the exchange of medical records, said Shanti Carter, health applications director. The health centers have had electronic medical records for about five years, so patients were familiar with them, she said.
More than 8,000 patients have signed up for the system. A handful have declined, Carter said.
For patients who opt in, the consent form gets scanned into the electronic record and the chart gets flagged to indicate that the record can be shared. Patients can opt out at any time.
Other providers in the pilot have had more issues with the consent system. Many have software without a built-in mechanism to let providers know a patient gave consent, so doctors can’t tell if the person they’re seeing opted in. They ask the patient for permission at every visit.
Many doctors have concerns about who will be accountable for the records, maintaining their confidentiality, security and privacy when it leaves their offices, said Matthew Katz, executive vice president of the Connecticut State Medical Society.
“Some physicians are so concerned that’s one of the reasons they’re not getting an [electronic medical record],” he said, although he noted that the group supports the health information exchange.
Handling sensitive information is a major concern, he said. Most of the electronic record systems can provide limited access to information–so the billing department doesn’t see clinical notes, for example–but don’t provide a way to redact information about mental health issues.
HITE-CT is relatively new and has not had time to develop many of the policies that will be important to the exchange, Lynch said, including policies for monitoring to ensure that records are used appropriately, addressing inappropriate use of the data and educating providers and consumers about the process.
“There’s a whole slew of policies yet to be developed,” he said. “We want to give the appropriate process there where a patient can be assured what’s going on, have a consent opportunity. We’re talking about an opt out as opposed to putting these barriers in.”