Who will access your medical electronic health record (EHR)?

The answer to who has access to, let alone actually owns our medical records is not as straightforward as you might at first think. It seems inevitable that medical records will increasingly be managed by the patient, but the patient and their data are part of a huge, inter-connected and complex web with multiple proprietorial claims.

Electronic medical record (EHR) or medical record (EMR)?

According to the way in which health records are collected, collated, shared and stored there are a number of different terminologies for the electronic health record (EHR). For example, an EMR (electronic medical record) generally refers to those health records stored within an individual surgery or practice system and are generally non-portable. Whereas, the EHR may contain data and records from multiple doctors. The EHR should be transportable to wherever the patient goes and the patient can share the information (on a strict consent basis) with their chosen healthcare providers. The key point is that total health goes beyond just collecting a patient's clinical data, and therefore something more sophisticated than simple data storage is required.

The advantage of an EHR over an EMR is that it can provide clinicians with access to a far wider range of dynamic patient data. However, this also comes with a potential increase in risk to security, especially if more 'user interaction' is involved. EHRs are being increasingly connected to digitally generated health data collected from multiple new sources including:

Each connection point is an access portal that potentially creates vulnerabilities.

Security of medical data is becoming an absolutely critical factor, not just because of the need to protect highly sensitive and personal information, but also because it is becoming an increasingly valuable target for hackers. The permanence of electronic records coupled with increased accessibility means these data are increasingly available for mining (and subsequent repackaging), by organisations and individuals to create marketing opportunities as well as to directly produce revenue.

Welcome my son to the health machine

As the EHR is the core element for most digital healthcare systems it is a key target for development and therefore evolving extremely rapidly in order to meet the ever-expansive health and commercial needs of suppliers and companies. The increasing pay-off between security and need for access across multiple interfaces (and therefore potential hacking points) is a major cause for concern. Furthermore, EHRs are no-longer just the domain of doctors, practices and hospitals, they are now also becoming the core IT function deployed across cities and even whole countries. Up until recently the relative complexity of EHRs meant that they were closed systems under the control, responsibility and ownership of the IT developer or IT vendor who supplied the medical or other organising facility (e.g. government).

The new generation of EHRs are being initially developed by largely non-profit organisations who are vendor-neutral and open source. The current biggest example of this is openEHR, and now also 'core coPHR', the latter putting far more emphasis on the patient's own involvement, especially with the inclusion and rapidly growing application of medical wearables.

'openEHR' is described as a technology for e-health, consisting of open specifications, clinical models and software that can be used to create standards, and build information and interoperability solutions for healthcare as well as for other purposes. 

EHR central deployment across Moscow

The deployment of openEHR across Moscow has involved the integration of the Medical Information and Analytical System (IMIAS) project to centralise electronic health records for the entire city. This includes all primary health centres as well as the city hospitals onto a single platform. They say that IMIAS, "provides patients with convenient alternatives for medical appointments, relieves doctors of the burden of paperwork and allows the authorities to supervise the provision of medical care". Former Glasgow GP, Dr Ian McNicoll who helped to head the installation describes the application of this technology as "innovation at the post-modern level".

Layer upon layer

To add to the complexity, one of the latest developments in an effort to improve security is the inclusion of blockchain technology. With the aim of producing an interactive medical ecosystem, one such organisation MedicalChain aim to use blockchain to "put the patient in control of their medical data". They say that the new ecosystem will give patients the "power to share" the single, most comprehensive version of their record, with every organisation in their medical network. This means that legacy, siloed patient records will no longer create inefficiencies and inaccuracies across the breadth of the healthcare system. The claim is that blockchain technology will securely manage health records "for a collaborative, smart approach to healthcare".

Diagnostic search and control apps

    More recently of course there have  been initiatives to collect information on the presence and clinical development of COVID-19 infection and many new data gathering apps and websites are now available.

    But who actually owns all this data? Who are all the people who have access? And does the patient record belong to the patient?

    Who owns our medical records?

    In the past all our medical records and other sensitive information such as test results and operations were on sheets of paper in beige manilla folders, filed on shelves by our trusted doctor in one secure place. The big difference with digital data is that it is more permanent and more accessibility than paper documents. It is also normally part of a much bigger mass database providing potential access to thousands, if not millions of patient records. One argument therefore is that the right of ownership rests with the person or organisation responsible for the security. In other words, the data is held by another party on your behalf in loco parentis. However, handing over ownership to another paternalistic party on this basis comes with risks in its own right unless strict and enforceable terms are agreed. How do you control the flow of that data for use or restrict it to preserve privacy, and the responsibility to avoid harmful leaks?

    Just how private do you think your medical information is?

    The problem is largely one of policy, policy implementation, governance and (international) law. The concern is that despite the efforts of initiatives including GDPR the policies are insufficient to protect from invasive activity and abuse. According to an article in The BMJ, "The boundaries of digital data rights and responsibilities are wide and fuzzy. Although individuals may be classified as data subjects, the information about them may be simultaneously “owned” by different individuals, organisations, governments, as well as by society".

    .. the patient also went onto develop..

    The opinion piece goes onto use the following example, "the famous painting “Girl with a Pearl Earring” had a very clear data subject, but by recording the information in oils with his own interpretation, Johannes Vermeer owned and held intellectual property rights on the work of art he created. A more modern example is how our very personal purchasing habits are used by Amazon to create a suggested wish list for others—“People who bought this also bought….”

    The authors go on to point out that data companies facilitate access to medical databases for research studies published to advance public health. The media can then broadcast those scientific results. At every stage in this scenario, individuals, organisations, and society invest time and resources and have degrees of “ownership” in the resulting data. 

    Everyone naturally wants and expects privacy and data protection and believe that this is achievable through some form of control of their data. However, in reality this is actually an impossible objective due to the scale of the task and the number of players involved.

    Even if the medical insights derived from data have public benefit, it is possibly naive to think that freely given medical data will not be used for commercial gain. The answer to who actually owns the medical records does not actually seem to be as straightforward as you might at first think, and it seems that this is yet another area where the science has overtaken the policy. 

    The basic unit of genetic material carried on chromosomes. Full medical glossary
    Invasion by organisms that may be harmful, for example bacteria or parasites. Full medical glossary
    Myocardial infarction. Death of a segment of heart muscle, which follows interruption of its blood supply. Full medical glossary