Ethics of Health Information System in Australia - Report Example

Ethics of Health Information System in Australia 2009 Introduction Information ethics is important in any field of study that uses personal data for administrative and service quality purpose. Health information, more than any other field, becomes critical in that respect as not only administrative and service quality depends on the type and mode of maintenance of such information but issues regarding privacy of personal information and chances of fraud are intricately related with this. Population-wide health identifiers have been introduced through the Medicare Card which is used by health insurance companies. Although the identifier card is given for the purpose of reimbursement of healthcare costs, it is also used for other purposes like for example opening a bank account (Barraclough and Gardner). The privacy of health information in Australia is regulated by a number of Federal and State laws. In the more recent years, the prospective transformation of health information maintenance from the Medicare card to Smart Card has generated substantial debate over privacy, regulatory and ethical issues. The most critical issue in the case of code of ethics has been the use of health information for the purpose of research aimed towards advancement of medical sciences. Except the Australian Capital Territory, all state legislations allow disclosure of health information for the purpose of research. While there is no specific privacy code in Western Australia, South Australia and the Commonwealth legislation deals with the code of use of health information (Ray et al, 2008). In this context, it is deemed relevant to study case studies on code of ethics from other information systems, like the computer and library information systems as well as record management systems. In this paper, I will relate the stakeholder map of the healthcare system in Australia to the essentials of service quality for which the information system is found to be essential and then compare the Federal Australian Privacy Act with the code of ethics of alternative information systems. Stakeholder map of the Australian healthcare system An organization has a number of stakeholders that it affects and is affected by their behavior as well. It has extensive duties to stakeholders like employees, customers, suppliers, communities, government and so on. Typically, managerial responsibility of most organizations is driven by the goal of maximizing shareholders’ value. But in the presence of various stakeholders interacting in diverse ways, it becomes difficult to meet the goals effectively if the other stakeholders are not addressed at, resulting in paradoxes of the organizations aims (Heath and Norman, 2004). The stakeholder theory was first suggested by Freeman (1984), who defined a stakeholder of an organization as “any group or individual who can affect or is affected by the achievement of the organization’s objectives” (quoted in Jonker, 2004). The organization needs to manage the stakeholders effectively for a collective development process through proper identification of stakeholders, set up processes to organize relationships with the stakeholders as well as the transactions with them. The stakeholder map, which details the two-way cause and effect between stakeholders and the organization is not static but may change over time with changes in the business as well as the political and social structure (Donaldson and Preston, 1995). Healthcare professionals and the pharmaceutical industry have different stakeholders – while doctors are primarily concerned with patient care, the industry has commercial motives in creating shareholder value. Hence, despite the obvious similarity of interests, there are huge conflicts between the two sets of interests. Not only do such relationships between doctors and the industry influence prescription writing, even the path towards drug formulation and innovation may be unduly influenced. These concerns have been voiced in the medical fraternity in almost all countries, resulting in voluntary self-control as in Australia (Kerridge et al, 2005). The health information system of a country is usually developed to improve the service quality of the main customers, that is, patients. Service quality has been defined as “the relationship between what customers desire from a service and what they perceive that they receive” (Mackay and Crompton, 1990, cited in Prabaharan, n.d). While manufacturing quality can be easily measured in terms of defects, it is difficult to measure service quality (Crosby, 1979, cited in Prabaharan, n.d). Among the few studies on quality that have been done on the service industry, Carson et al (1997) attempted to explain how service organization, service provider and customer interrelationships influence service quality. Alternatively, service quality has been analyzed in a hierarchical model in three phases – 1) perception of service quality, 2) five dimensions including physical aspect, reliability, personal interaction, problem solving, and policy and 3) derivative of the second dimension (Dabholkar et al, 1996 cited in Prabaharan, n.d). Colier and Bienstock (2006) expanded the service quality model to include e-commerce and web interaction (Prabaharan, n.d). In all of these aspects, it is essential that health professionals have access to personal health information of the patients accurately and timely so that proper intervention may be initiated. The maintenance of computerized health information and smart cards are means towards this end. But in the process, there are concerns of excessively high costs of information systems, reliability of information in these systems in the absence of proper checks in regular updates of information and the possibility of frauds for the purpose of financial social benefits associated with healthcare expenses. The Proposed Access Card The Access Card is proposed in Australia as a repository of health information along with the Individual Patient Identifier (IPI) (Barraclough and Gardner). Each card would have on its surface identifying information and a digital photograph while the approved reader would have access to the information stored in a two-part electronic chip. While the first part of the chip would be controlled by the Commonwealth, the second part would be under the control of the cardowner. The first part would be required for emergency procedures while the second part for the use of others who have interest in the cardowners health status. The purpose of the Access Card, which is a leading edge technological innovation, is not to develop a health information system but to improve the service quality of health information and to minimize frauds in health and welfare benefit frauds, which is estimated to be in the range of $1-4 billion per annum in Australia (Barraclough and Gardner). However, the proposal has brought in focus the conflicts of various societal values. The information in the Access Card is thought to infringe upon the privacy rights as non-health workers including public servants and welfare agencies would get access to the information, including medications. There are apprehensions that the Access Card would result in some sort of Foucaultian surveillance in which patients, particularly the elderly, are subject to privacy infringement for the benefit of insurance and welfare organizations. As Access Cards would be held by a large majority of the population, it would in effect become a substitute for the national Identity Card even though the government has made it clear that citizens would not necessarily carry it always and would not be demanded to show it involuntarily. Yet, the ownership of the card would not entail ownership of the information ingrained into it. Since the card could be used for a variety of purposes, it would go much beyond its original administrative purpose. Besides the social and ethical problems with the Access Card, there are technological and economic costs associated with it. Incorporating all health information of individuals would be immensely complex and would require high levels of technological prowess. Besides the privacy and data leakage problems, it would also require high maintenance and operating functions and hence costs. There is a high chance of inadequate and inconsistent health information that would impact on the healthcare outcomes. This is particularly problematic when there are conflicting records arising from new set of data incorporated. Such problems cropped up during the trial run of the Access Card at the Coordinated Care project run by the Southern Health in Victoria (Barraclough and Gardner). There are high clinical risks arising from inadequate or outdate information carried in the cards. In that case, patients would live with a false sense of security over their health risks. Depending upon what information patients decide to incorporate in the card, there are risks that the cards carry fragmented records as well. The government policy has made it clear that the Access Card is not intended to represent the entire health record, bringing forth the issue what information is to be carried and what not to carry. Ideally, the health record in the Access Card would incorporate disease status, like diabetes or epilepsy, organ transplant status, allergic reactions, current medications and prescriptions and the next of kin to be informed. While it is to the benefit to have disease alerts on the Access Card for the doctors when approached in emergencies, the card may also make the patient reticent about the health outcomes. Besides, there may be sensitive information like drug use, HIV, sexually transmitted or other diseases that the patients do not want to diverge to anyone other than their treating doctors. Disclosing such information on the card would entail labeling not only socially but also medically when previous medications are assumed on the basis of disease disclosures even when the patient is not under the same course of medication. In the absence of such information on the Access Card, the emergency doctors would be at a disadvantage when approached along with the Access Card. On the other hand, genuine alert information can be beneficial, for example, information of unwillingness to blood transfusion. Hence, while a robust system of health information is beneficial for emergency healthcare services, it is an elaborate system that have socio-legal implications. The entire concept would, at the end, be dependent on the customers carrying the Access Card physically and remembering the PIN, without which the entire project would become ineffective. The high-risk project would be funded by the taxpayers and the ultimate beneficiary would be the commercial organizations with little benefit to the customers of healthcare services. Hence, the Access Card is to the benefit of one set of stakeholders, that is the insurance companies, but not for the customers of healthcare services, who are the main payers for the high-cost product. In the recent years, there is an increasing concentration towards maintenance of electronic records of health information in Australia through the country-wide system of Health Connect. The system is aimed to improve the flow of information between healthcare providers and organizations in order to improve service quality. The Access Card is proposed a step ahead of this. But, a policy of deciding on the data inputs for the cards, handling of the needs of card holders through the access card and developing unique identifiers, needed for example in the case of Aboriginals who use one name socially within the community and another for the purpose of general communication has not yet been sorted out. So far, the Access Card has failed in the attempt to meet the requirements of national health data requirements. There is no uniformity in the government policies of various states. Genetic Information Genetic information has been under focus globally, including in Australia, as a huge amount of information is available through genetic studies and DNA analysis. Genetic information provides information related to the physical and mental disposition of people as well as probabilities of diseases and ailments. It is possible to generate genetic information from bodily samples that people may be subjected to in the course of treatment. Generating genetic information from bodily samples is illegal without patient consent generally but patients may be compelled to give bodily samples for the purpose of criminal investigations, which is regulated by the judico-legal framework in Australia. Besides, genetic sampling may also be done in circumstances when the bodily samples are not taken for medical purposes, like for instance from haircuts, leg waxing, manicure, sweating on gymnasium equipment and so on (Doyle and Bagaric). Genetic information has huge benefits for medical research and criminal investigations. It is also being increasingly used for family disputes and deciding on parentage. But there are huge privacy risks from genetic information. Although genetic information cannot predict diseases with certainty, such information has to potential to show the mutation occurring that may lead to such diseases. This may lead to labeling even though only a small proportion of people with such mutation is likely to face the disease in reality. The Federal Privacy Act does not extend to genetic information as genetic samples by itself do not amount to information. Only the newborn screening card, for which spots of blood are taken on blotting paper that also carries the child’s name and date of birth, is under the purview of the Privacy Act. Electronic Health Records Electronic health record management include storage and retrieval of health information, result and order management, decision support, patient support, communication and population management (Win). While a breakdown of the electronic health information system would have disastrous results on health outcomes, breaches of security may also have an extremely adverse effect. Hence, security of health information systems is vital for confidentiality, integrity and availability of healthcare services. Consent for using the health information is the key to maintaining confidentiality between service providers and patients. It is unethical to use health information on the basis of implied consent. Health information should not be disclosed without consent and should not be used for any other purpose than that originally intended for. The Privacy Act of 1988 laid out the parameters of privacy regime for healthcare. This was followed by legislations by different states (Win). There may be a general consent for the use of health information and also a specific consent for a particular purpose. While it is recognized that health information is critical for the purpose of scholarly research, the imposition of regulation on keeping patient identity for the purpose of ethical use of information may at time undermine the research. The overriding importance given to anonymity and the lack of ethics in surveillance may undermine the urgency of using health information for the prevention of outbreaks of epidemics or the requirement of vaccines. The most common authentication mechanism that are used for electronic health records are the identifiers along with passwords along with the implementation of a firewall. However, electronic health records are integrated across healthcare organizations leading to the possibility of data leakage without consent. In that case, role-based consent mechanism will need to be evolved to maintain confidentiality of patients, leading to each healthcare worker adopting multiple roles. Alternatively, a national consent mechanism, with for example digital signature or with electronic security agents, is being developed in Australia to make the process simpler. Password checking alone may not be sufficient to maintain security. Case Studies from other fields of studies Library information and computer systems have similar issues on security and confidentiality that may be used in order to develop a code of ethics for health information. The Center for Applied Philosophy and Public Ethics (CAPPE) has compared the codes of ethics of various professional organizations in maintaining the information systems. The broad values that are laid out for the purpose of ethics in information systems are: 'Priorities', 'Competence', 'Honesty', 'Social Implications', 'Professional Development' and 'Information Technology Profession' (Ferguson et al). Apparently, the values are broad ranging and cover the entire spectrum of the profession of information system. The Code’s subsequent implication for the purpose of health information is laid out as follows: 1) protection and promotion of health safety of the client base, 2) respect people’s privacy, 3) respect employees, 4) understand the perceptions of the stakeholders of the system, 5) attempt to increase the satisfaction of the stakeholders, and finally 6) there should not be any breach of ethics among those who are associated with the system. The specific codes of ethics that were arrived at on the basis of codes prevalent in other practices are as follows: 1) consent of employees who are associated with the health information on adherence to the code of ethics, 2) web design consultancy to incorporate elaborate security measures. The code of ethics places the interest of the community above that of the individual for which confidentiality of other’s information has to be respected. The social implications of this is that the purpose of the health information is to improve the quality of life of the client base through improved service quality This should not infringe on other social implications in terms of loss of confidentiality. Conclusion Maintenance of health information in the form of electronic health records, genetic information and the proposed access card is aimed at improving healthcare services and enhancing medical research. However, this raises serious privacy, confidentiality and security issues when the purpose of collection of information is not specified and patient consent is not available universally. Further, the access cards are proposed not simply for the purpose of healthcare services but for the purpose of limiting possibilities of frauds in welfare benefits. In that case, the objective becomes hazy and the stakeholder map for health information biased. Works Cited Heath, Joseph and Wayne Norman (2004). Stakeholder Theory, Corporate Governance and Public Management: What can the History of State-run Enterprises Teach Us in post-Enron Era, Journal of Business Ethics, 53, http://www.creum.umontreal.ca/IMG/pdf/Heath_Norman_final_preproof.pdf Kerridge, Ian Michael Lowe, John McPhee (2007) Ethics and law for the health professions. 2nd Edition. Prabaharan, B et al, Service Quality on Tourism: Application of Structural Equation Modeling, http://dspace.iimk.ac.in/bitstream/2259/550/1/143-150+prabhaharan.pdf Carson, P.P, et al, Balance Theory Applied to Service Quality: A Focus on the Organization, Provider, and Consumer Triad, Journal of Business Psychology, Vol 12, No 2, 1997 Ray, Lovett, A review of Australian health privacy regulation regarding the use and disclosure of identified data to conduct data linkage, Australian and New Zealand Journal of Public Health, Vol 32, No 3, June 2008 Barraclough, Simon and Heather Gardner, Analyzing Health Policy: A Problem-Oriented Approach, Elsevier Australia, 2008 Doyle, Carolyn and Mirko Bagaric, Privacy Law in Australia, The Federation Press, 2005 Win, Khin Than, A review of security of electronic health records, http://nhmrc.gov.au/publications/synopses/_files/nh53.pdf Fergussin, Stuart et al, Case studies and codes of ethics: the relevance of the ACS experience to ALIA, The Australian Library Journal, April 2005, http://alianet.alia.org.au/publishing/alj/54.3/full.text/salmond.html Read More

Healthcare professionals and the pharmaceutical industry have different stakeholders – while doctors are primarily concerned with patient care, the industry has commercial motives in creating shareholder value. Hence, despite the obvious similarity of interests, there are huge conflicts between the two sets of interests. Not only do such relationships between doctors and the industry influence prescription writing, even the path towards drug formulation and innovation may be unduly influenced.

These concerns have been voiced in the medical fraternity in almost all countries, resulting in voluntary self-control as in Australia (Kerridge et al, 2005). The health information system of a country is usually developed to improve the service quality of the main customers, that is, patients. Service quality has been defined as “the relationship between what customers desire from a service and what they perceive that they receive” (Mackay and Crompton, 1990, cited in Prabaharan, n.d). While manufacturing quality can be easily measured in terms of defects, it is difficult to measure service quality (Crosby, 1979, cited in Prabaharan, n.d). Among the few studies on quality that have been done on the service industry, Carson et al (1997) attempted to explain how service organization, service provider and customer interrelationships influence service quality.

Alternatively, service quality has been analyzed in a hierarchical model in three phases – 1) perception of service quality, 2) five dimensions including physical aspect, reliability, personal interaction, problem solving, and policy and 3) derivative of the second dimension (Dabholkar et al, 1996 cited in Prabaharan, n.d). Colier and Bienstock (2006) expanded the service quality model to include e-commerce and web interaction (Prabaharan, n.d). In all of these aspects, it is essential that health professionals have access to personal health information of the patients accurately and timely so that proper intervention may be initiated.

The maintenance of computerized health information and smart cards are means towards this end. But in the process, there are concerns of excessively high costs of information systems, reliability of information in these systems in the absence of proper checks in regular updates of information and the possibility of frauds for the purpose of financial social benefits associated with healthcare expenses. The Proposed Access Card The Access Card is proposed in Australia as a repository of health information along with the Individual Patient Identifier (IPI) (Barraclough and Gardner).

Each card would have on its surface identifying information and a digital photograph while the approved reader would have access to the information stored in a two-part electronic chip. While the first part of the chip would be controlled by the Commonwealth, the second part would be under the control of the cardowner. The first part would be required for emergency procedures while the second part for the use of others who have interest in the cardowners health status. The purpose of the Access Card, which is a leading edge technological innovation, is not to develop a health information system but to improve the service quality of health information and to minimize frauds in health and welfare benefit frauds, which is estimated to be in the range of $1-4 billion per annum in Australia (Barraclough and Gardner).

However, the proposal has brought in focus the conflicts of various societal values. The information in the Access Card is thought to infringe upon the privacy rights as non-health workers including public servants and welfare agencies would get access to the information, including medications. There are apprehensions that the Access Card would result in some sort of Foucaultian surveillance in which patients, particularly the elderly, are subject to privacy infringement for the benefit of insurance and welfare organizations.

As Access Cards would be held by a large majority of the population, it would in effect become a substitute for the national Identity Card even though the government has made it clear that citizens would not necessarily carry it always and would not be demanded to show it involuntarily.

Read More