Jusletter IT

Rules for Liability and Evidence Blocking Innovative Information Technologies in Healthcare

  • Author: Filip Křepelka
  • Category: Articles
  • Region: Czech Republic
  • Field of law: Data Protection
  • Collection: Conference Proceedings IRIS 2017
  • Citation: Filip Křepelka, Rules for Liability and Evidence Blocking Innovative Information Technologies in Healthcare, in: Jusletter IT 23 February 2017
The paper addresses challenges related to application of new information technologies in healthcare. Medical confidentiality is principle of law and ethics. Nowadays, electronic records are used for internal data management. Nevertheless, paper excerpts are further used for communication with patients and among providers because projects integrating medical records faced opposition due to fears of compromising privacy. Data resulting from examinations boost medical records. However, providers can be reluctant to retain all available data if courts can use them as evidence for malpractice.

Table of contents

  • 1. Introduction
  • 2. Summarizing rules on medical confidentiality and records
  • 2.1. Medical confidentiality
  • 2.2. Medical records
  • 2.3. Confidentiality related to medical records
  • 3. Technologies of medical records
  • 3.1. Medical records on paper
  • 3.2. Transition to electronic information systems
  • 3.3. Risks related to electronic medical records
  • 3.4. Obstacles to total abandonment of paper
  • 4. Access of patients to their medical records
  • 4.1. Evolution of access to medical records
  • 4.2. Non-standard and secret records
  • 5. New information in healthcare
  • 5.1. Health information technologies
  • 5.2. Basic and extended medical information
  • 5.3. Reluctance to collect and retain extended information
  • 5.4. Intentional recording of communication
  • 6. Closing remarks
  • 7. References 

1.

Introduction ^

[1]
Patients have wide access to their medical records and other information collected on them. Inadequate evaluation of this information contributes to incrimination of healthcare providers and their physicians, nurses and other practitioners. This tendency can hinder use of new information technologies useful for improvement of safety and efficacy of medical treatment.

2.

Summarizing rules on medical confidentiality and records ^

2.1.

Medical confidentiality ^

[2]

Medical confidentiality is necessary for establishing the trust between patient and physician. Mentioned already in the Hippocratic Oath,1 it is a principle of medical ethics. It has become a standard rule of national medical and healthcare legislation. It can be interpreted as specification of privacy stipulated as fundamental right in constitutions and in international conventions, including the Oviedo Convention of the Council of Europe addressing biology and medicine.2

2.2.

Medical records ^

[3]
Medical records (health records, medical charts, or medical documentation in English texts including translation of equivalents from other languages) are systematic documentation related to health and care for of particular patients. Primarily, they serve the delivery of good care. However, they are also evidence of good practice and shortcomings.
[4]
Entries in medical records are written by physicians, nurses and their assistants. Beginning with patients’ medical history (anamnesis), they summarize findings, examinations, conclusions (diagnosis) and forecast (prognosis), recommendations and proposals, realized treatments and their results.
[5]
Every literate patient has realized specialties of medical records. Frequently used abbreviations reveal the pragmatic approach of physicians under time pressure. Widespread resort to Latin words confirms shared terminology.
[6]
Entries are short sentences, even messages consisting of few words accompanied with figures summarizing results of consultations, examinations, and treatments. Charts, depictions, schemes, photographs (for example, x-ray images) accompany this core of medical records.
[7]

For decades, the keeping of medical records was addressed with professional standards. Law accepted them. Comparative approach reveals variably detailed legal standards of medical records – a new general one in Germany3 and excessively detailed in Czechia.4

[8]
Nonetheless, law expects good keeping of medical records. Shortcomings are often deemed as evidence for failure of the physician and/or provider.
[9]

Data related to financing of medical treatment – both calculations for privately paid care or for institutions of public financing shall be regarded as medical records in broader sense, despite their separated assembling.

2.3.

Confidentiality related to medical records ^

[10]
Medical confidentiality covers both information known to physicians, nurses or other professionals and information retained. Medical records must thus be kept secret. Providers must adopt adequate measures against disclosure.
[11]
Nevertheless, medical records must also serve their purposes. Firstly, they must provide an overview of healthcare. Therefore, keeping of medical records is mandatory for a prescribed period of years, takeover by new provider or authorities must be secured and discarding controlled.
[12]
Detailed legal provisions specify access to medical records. Competent physicians, nurses, administrators of provider and insurance funds or authorities administering public financing of public financing are generally allowed to access them. On the contrary, authorities and courts can seek information in them in specified situations.

3.

Technologies of medical records ^

3.1.

Medical records on paper ^

[13]
Medical records were kept on paper during entire 20th century. Forms were routinely used for entries. Standards developed for maintenance of medical records. Assistance was available to individual physicians. Hospitals developed impressive techniques of management of medical records.
[14]
Communication between providers is mostly assured by patients obtaining excerpts from medical records related to particular consultations and treatments. Applications for treatment by other providers and reports for them are also handed to them. An excellent example of such document prepared in everyday medical practice is a paper prescription of pharmaceutical products. Documents are delivered by mail only if the patient was deemed unreliable.

3.2.

Transition to electronic information systems ^

[15]
Certainly, healthcare and medical research resorted to automatized computation of big data files available during subsequent decades of 20th century similarly as in other fields of science, technology and administration.
[16]
Information management based on personal computers has become routine since the beginning of millennium in most branches of economy, government and society. Healthcare formed no exception. Medical records gradually moved into computers. Easy keeping (less space needed), instant accessibility especially for multiple users (all concerned departments in hospital), advanced analysis and eventual post-evaluation of data for various purposes are advantages of replacement paper with electronics in case of any records.

3.3.

Risks related to electronic medical records ^

[17]
However, the mentioned advantages are accompanied by risks.
[18]
Burglary to premises where medical records are stored is difficult and risky and was thus surely sporadic. Hacking is easier. Fears of disclosure are increased in healthcare due to a high appreciation of confidentiality. WikiLeaks, Lux- or Panama Leaks shows that banks, consultants or attorneys cannot guarantee privacy of their affluent clients despite engagement of private security agencies. Healthcare providers including individual practitioners hardly protect better their data against espionage. No «MedLeaks» shall be expected. The public would condemn it. Intrusion would thus be targeted and limited.
[19]
Additionally, data mining perceived often as misuse of medical records by hospitals, public/private insurers, pharmaceutical manufacturers, researchers or government agencies is feared.

3.4.

Obstacles to total abandonment of paper ^

[20]
Hospitals and most other institutional providers are technically capable to abolish paper from their internal information management. Networks of desktop computers and servers are sufficiently flexible, affordable and reliable.
[21]
Nevertheless, external communication is not entirely freed from paper documents. Practical and psychologic reasons can be traced behind it. Patients confirm their informed consent on forms with their signature. They get excerpts, reports and applications. Few providers serve their patients with online access to their medical records. Orders and scheduling is mostly done with phone, not with Internet. If compared with other manufacturers, providers of services and public institutions, healthcare is backward from this point of view.
[22]
Certainly, many patients – elderly people form majority of cases – do not demand online communication due to stress resulting from their illness. Many would be confused. Midlife and young patients or parents of children would welcome such an approach, because they are familiar with electronic communication in many other settings.
[23]
However, these generations are increasingly sensitive as regards confidentiality. Unsurprisingly, introduced systems enabling sharing of medical records among healthcare providers and patients face opposition. They repeatedly fail or are seriously compromised especially in countries where mistrust is widespread. Czechia provides excellent examples. IZIP (electronic medical records) launched by dominant public health insurance fund failed entirely. Electronic prescription of pharmaceuticals languishes.

4.

Access of patients to their medical records ^

4.1.

Evolution of access to medical records ^

[24]
Access of patients to their medical records developed gradually within the evolution of patients’ rights. It concretizes the right for full information about one’s individual health status.5 The emphasis on the right for information reflects a transition of bioethics from medical paternalism to autonomy. Access to medical records results also from general rules on data protection which emerged with introduction of electronic communication.6
[25]
Patients’ access to medical records has an impact on their keeping. Hospital managers highlight the necessity of accurate information. Expressive formulations shall be avoided despite their eventual relevance. Physicians learn how to formulate entries. However, petty manipulations are unofficially highlighted for turning away complaints and actions.
[26]
Additionally, several psychiatrists mention that they ceased to write reflections (described occasionally as essays) about their patients which can be feasible for correct diagnosis of psychiatric disease because it could be accessed by their patients.7

4.2.

Non-standard and secret records ^

[27]

In the past, patients had little access to their medical records. Many patients did hardly realize their existence despite excerpts handed to them. Widespread use of Latin decreased patients’ capacity to understand. Standards of record-keeping were less detailed. We have little information about non-standard information in medical records8 and about additional records.

[28]
Nowadays, familiarity with medical records is higher. It can lead to establishing separate secret records or encrypted information in official medical records. Nevertheless, both practices would be perceived as inacceptable if not illegal. Unsurprisingly, incidence of this phenomenon is unknown.

5.

New information in healthcare ^

5.1.

Health information technologies ^

[29]
Numerous health information technologies have become routine during last two decades. Sophisticated screenings and interventions rely entirely on computation (among others, computed tomography, robotic surgery, adjusted distribution of pharmaceuticals, genetic decoding, or sample testing). Patients can be surveyed outside hospitals with technologies labelled as telemedicine or e-health.
[30]
Information technology departments and experts emerged in hospitals, clinics, manufacturers of pharmaceuticals and medical devices, pharmacies, laboratories, and medical research institutions. Delivery of medical information technologies is important market for information technology firms.

5.2.

Basic and extended medical information ^

[31]
Minimal content of electronic medical records follows standards for content of paper medical records. New medical technologies significantly enlarge the scope of information available. Firstly, huge data influx results from medical examinations and investigations can be collected automatically with technologies of telemedicine. Secondly, it is also easier to record selected intensive treatments with video cameras, especially surgical interventions. Thirdly, oral communication of patients and healthcare practitioners can be recorded with microphones.
[32]
Collection, retention and eventual evaluation of such records can contribute to safety and quality of treatment. Therefore, retention of such data is stipulated with legislation, for example, recording of radio communication related to emergency medical service.9 Specific documentation is mandatory in – among others – assisted reproduction or blood medicine. Collection and retention of additional data forms integral part of quality management.

5.3.

Reluctance to collect and retain extended information ^

[33]
Certainly, such records could provide evidence about failures which can result in liability. Additionally, they also reveal hesitation, fatigue, temporary chaos, minor shortcomings and emotions, including professionally hostility towards patients.
[34]

Certainly, wise judges know that policemen are not tender diplomats during dramatic situations which can claim their lives. Pressure on physicians and providers is comparable. Increased sensitiveness of public, media, and judges can result into inappropriate liability.10

[35]
Nobody wants to deliver evidence for self-incrimination. Inadequate evaluation of these recordings can easily result into reluctance to record and to retain these recordings. Such tendency is sinister. It can compromise improvement of safety and quality of healthcare.

5.4.

Intentional recording of communication ^

[36]
Recording of calls between client and provider is standard in communication through call centres. Clients are informed about it. However, it would be perceived as intrusive in other settings. Healthcare is no exception. Recording routine interventions and initial communication would be perceived as undermining of trust between physician and patient.
[37]

Overt recording by patients, proxies, guardians and other accompanying and aiding persons is tool for establishing evidence for alleged malpractice. Physicians, nurses and paramedics would surely perceive it as offensive. Similarly, recording done by providers and particular practitioners as defence against annoying and aggressive patients would anger other ones.

[38]
Covert recording is even more troublesome. Several jurisdictions prohibit it. Restriction can be also stipulated by provider. Certainly, covert recording could be suppressed with systematic denial of its use as evidence.

6.

Closing remarks ^

[39]
Unlimited patients’ access to information stored about them is inadequate. Physicians and other healthcare practitioners shall have similar opportunity to classify patients as other enterprises. Excessive recording of internal communication of healthcare practitioners breaches and compromises their trust towards patients.
[40]
Being university teacher, I can imagine disastrous impact of such approach in education. Teachers would fiercely object systematic recording, storage and dissemination of their lectures, oral exams and deliberation about pupils and students.

7.

References  ^

[41]

Most of the references stated below are further literature and therefor not directly cited in the article. 

Buchner, Benedikt,  Outsourcing in der Arztpraxis – zwischen Datenschutz und Schweigepflicht, Medizinrecht, 2013,  pp. 337–342.
Drda, Elgin/Fleisch, Gerald/Höftberger, Christian, Recht für Mediziner – Ein Leitfaden für Studium und Praxis, WUV Universitätsverlag, Wien 2003, pp. 55–57.
Greenberg, Alissa, Anesthetized Patient Accidentally Records Doctors Insulting Him During Surgery, Time, 24 June 2015, http://www.time.com/3933453/anesthesia-phone-voice-recorder-insults-tiffany-ingham/ (all Internetsources accessed on 10 January 2017). 

Fiekas, Frederik, Die mangelhafte Dokumentation – ein Plädoyer für Erfüllungs- und Schadensersatzansprüche des Patienten, Medizinrecht, 2016, pp. 32–36.  

Hippocrates of Cos, The Oath, Loeb Classical Library, 147: 298-299, doi: 10.4159/DLCL.hippocrates_cos-oathl. 1923. 

Janda, Constanze, Medizinrecht, UTB GmbH, 2nd Edition, Stuttgart 2016, p. 140. 

Kubiak, Rafal, Prawo medyczne (Medical Law), Wydawnictwo C.H. Beck, 2nd edition, Warszawa 2014, pp. 175–208 (dokumentacja medyczna – medical documentation), pp. 209–247 (tajemnica medyczna – medical confidentiality). 

Müller, Thomas/Schramek, Christoph, Aktuelle Verfassungsfragen der Gesundheitsreform: ELGA-G und Primärversorgungsgesetz, Zeitschrift für Gesundheitsrecht, 2016, pp. 40–42. 

Policar, Radek, Zdravotnická dokumentace v praxi (Medical documentation in practice), Grada Publishing, 1st Edition, Praha, 2010.  

Rynning, Elisabeth, Public trust and privacy in shared electronic health records, European Journal of Health Law, 2007, vol. 14, is. 2, pp. 105–112. 

Spencer, Karen/Sanders, Carolyn/Whitley, Edgar/Lund, David/Kaye, Jane/Dixon, William Gregory, Patient Perspectives on Sharing Anonymized Personal Health Data Using a Digital System for Dynamic Consent and Research Feedback: A Qualitative Study, Journal of Medical Internet Research, 2016, vol. 18, is. 4, pp. 1–11, doi:10.2196/jmir.5011. 

Spickhoff, Andreas, Medizinrecht – Beck’sche Kurzkommentare, 2. Auflage, C.H. Beck, München, 2014, pp. 451–454.  

Svejkovský, Jaroslav/Vojtek, Petr/Arnoštová Teska, Lenka, Zdravotnictví a právo (Healthcare and law), C.H. Beck, Praha 2016, pp. 259–261 (povinnost mlčenlivosti – duty to confidentiality), pp. 289–310 (zdravotnická dokumentace – medical records).  

Taupitz, Jochen, Der Entwurf einer europäischen Datenschutz-Grundverordnung – Gefahren für die medizinische Forschung, Medizinrecht, 2012, pp. 423–428 

  1. 1 «And whatsever I shall see or hear in the course of my profession (…), if it be what should not be published, abroad, I will never divulge, holding such things to be holy secrets.» Hippocrates of Cos, The Oath.
  2. 2 Convention for the Protection of Human Rights and Dignity of the Human Being with regard to the Application of Biology and Medicine – CETS No. 164 (1997), Art. 10 (1).
  3. 3 § 630f BGB – Dokumentation der Behandlung. For approaches to standards in Germany see Janda, Medizinrecht, p. 140.
  4. 4 §§ 52–78 zákon č. 372/2011 Sb., o zdravotních službách a podmínkách jejich poskytování (Act on medical services of conditions of provisions thereof) plus ministerial decree specifying details.
  5. 5 Art. 10(2) of the Oviedo Convention: Everyone is entitled to know any information collected about his or her health.
  6. 6 Art. 15 Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and the free movement of such data.
  7. 7 Professor Tomáš Kašpárek, Medical Faculty in Brno.
  8. 8 Quality of treatment of women in labor in hospitals and perinatal care including home birth is controversial issue in Czechia. There was debate about remark četla (she has read journals and internet resources) in medical records indicating demanding and troublesome women in labor.
  9. 9 Judge of the first instance interpreted harshly conversation between physician of medical emergency service of the South Moravian Region and colleagues in hospital discussing entitlement of the former to coerce transportation of newborn delivered at home to hospital as illicit «legal consultation».
  10. 10 Greenberg, Anesthetized Patient Accidentally Records Doctors Insulting Him During Surgery.