This is Web4Health's cache of
Web4Health's cache is the snapshot that we took of the page when we added it to Web4Health.
The page may have changed since that time, so this cached copy may be out-of-date.

Web4Health is not affiliated with the authors of this page nor responsible for its content.

                          FEATURE ARTICLE

       "Electronic Health Information : A boon and a curse!"
                          By Crystal Sharp

The Internet has dramatically changed the way health data can be
collected, collated, stored, analyzed, distributed and accessed,
across the world, as easily as manipulating a file on one's own
computer. Using the Internet, individuals can take an active part in
their own healthcare using research, telehealth consulting, and
knowledge sharing. A Pew Internet and American Life Study estimated
that 55% of the Internet-user population have turned to Internet
sources to seek health information.

Most of an individual's health related data is still collected by
physicians. However, much of such intimate information is also held in
clinics and medical centres, pharmacies, private sector managed care
providers, blood supply systems, academic and other non-profit
research centres, manufactures of pharmaceuticals, and commercial data
vendors. Data flow is often at very high volume within and among many
of these organizations.

Such availability and accessibility of comprehensive health data is
useful to patients - who may need access to care in multiple locations
or by different health care providers. Health care providers use it in
their calculations of reimbursements, and to coordinate diagnoses and
treatment. Insurers use it for settling claims, in utilization
reviews, and in underwriting and coverage decisions. Knowledge of
medical history and usage of services and medications is, of
course, extremely helpful to drug companies and other commercial

While such information availability and accessibility clearly benefits
the individual and society at large, there is understandable concern
about invasion of privacy and possible repercussions from use and
abuse of identifiable data. The Pew Internet and American Life Study
The Online Health Care Revolution - 'How the Web Helps Americans Take
Better Care of Themselves' - found that 80 per cent of Internet health
enquirers were of the opinion that anonymity was very important in
their quest for health information on the Web. That is interesting
because Internet users provide, often unknowingly, a great deal of
data about themselves just by browsing for health data on the Web. 89
per cent of respondents were concerned about web sites selling or
giving away information about what they did online.

While there is a current trend towards keeping health records online,
63% of Internet users oppose the idea of keeping medical records
online, even at a secure password-protected site, because they fear
other people will see those records. A survey of over fifty countries
by the Electronic Privacy Center (EPIC) and Privacy International,
found there to be a worldwide recognition of privacy as a fundamental
human right.  Nearly all industrialized countries support
comprehensive privacy and data protection acts, and nearly fifty
countries and jurisdictions have, or are in the process of enacting
such laws.

In the past year, over a dozen countries have enacted new
laws or updated previous acts. Legislation generally aims to protect
individual privacy, while preserving research access to personal data
for the benefit of society for public health or "national security"
reasons. Striking the right balance is an elusive goal, as is
evidenced by debates on the topic worldwide. While it is desirable
that data be non-identifiable, there are legitimate reasons why
researchers need to be able to identify subjects (legitimacy of the
research, to examine linkages, to relate results to race, gender or
family traits).

Individual concerns relate to how the knowledge of sickness or mental
health problems would affect their insurance rates, their place in
society, their personal relationships or their jobs. Most legislation
for research on human subjects now requires informed consent from the
individuals involved. That concept of informed consent itself is
fraught with complications. For instance it is debatable whether a
child or a mentally incapacitated individual is adequately informed to
be able to consent. Research that is based on retrospectively
collected records may never be allowed to commence if subjects cannot
be located for their consent.

Researchers have legitimate concerns that the completeness and
validity in sampling and systematic bias in research results is of
concern if potential research subjects can opt out. The question of
data ownership is another legally complex issue. A review article
'Privacy, Confidentiality and Electronic Medical Records', observed
that "ownership of a medical record is at best a limited right that is
primarily custodial in nature, and information contained in the record
is often characterized as the patient's property. All parties who are
entrusted with health data, both the movers and the users, should
reasonably be considered as stewards of that data, and may be held
liable for irresponsible acts and breaches of confidentiality." Adding
fuel to the already heated debate, is the issue of the international
flow of data.

Personally identifiable health research data are exchanged
internationally every day by governments, pharmaceutical firms and
others. Uniform international standards for protecting privacy,
confidentiality and security are being developed, but there is no
universally accepted standard yet. While many organizations are aware
of privacy concerns and have privacy policies and practices,
identifiable personal information is still accessible.  Consumer
Reports (August 2000) reported that state agencies doing public health
research were able to routinely locate the same person in disparate
databases by simply matching up data elements of age, gender, race,
ZIP code, and diagnosis, even though hospital discharge records were
supposed to have been stripped of "personal identifiers"!

A California Health Care Foundation examining the privacy practices of
21 of the most popular health care sites found that some violated
their own written privacy guidelines - often, by sending personal
information to third parties without the knowledge or consent of site
visitors. Sometimes, even when an organization has a privacy policy,
violations occur due to poorly understood or communicated
institutional policy, use of different computer hardware and software
platforms that make up a system of access, and inadequate controls
that compromise the security of records.

Complicating the entire issue, are new technologies that emerge
regularly to stay ahead of current legislation.  A whole new industry
is being built around surveillance, encryption, data linking, privacy
enhancing, privacy preserving and other technologies. The Economist
(May 1, 2000) observed that "... unless society collectively turns
away from the benefits that technology can offer ... privacy debates
are likely to become ever more intense ..." That is so true -
electronic access to health information is a boon, but we might have
to compromise with some loss of privacy if we wish to enjoy the