Patient access to general practice electronic health information and interaction with their health care team via patient portals
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Patient access to general practice
electronic health information and
interaction with their health care
team via patient portals
Guidance for PHOs
and general practices
The Royal New Zealand College of General Practitioners
Expert Advisory Group on Patient Portals
VERSION 1.0
DECEMBER 2014
The Royal New Zealand
College of General PractitionersPatient Portal Expert Advisory Group
Susan Wells (Chairperson)
Karl Cole
John Morgan
Maree Munro
Ashwin Patel
Matthew Stokes
Andrew Terris
Jo Fitzpatrick
Jeanette McKeogh – Project Sponsor
Joanna Parry – Project Administrator
2Preface
Patient access to electronic health records – A consumer view
Trust me, I’m a doctor.
And we do. Doctors and nurses feature in the 2014 Readers Digest top ten most trusted professions
in New Zealand and have been polling this way for many years. As the 2014 commentary states “we
place our lives in their hands. We trust them because of their ‘degree of training and dedication to
preserve our quality of life.’”
This paper provides guidance for health practitioners as they introduce access to electronic
information, and a new means of communication and interaction with health services, to their
consumers via a patient portal. It is timely to consider the impact of the introduction of a patient
portal into a clearly important and trusted relationship for many New Zealanders.
First, do no harm…
The possible harms are outlined in this paper: concerns over privacy and security; the challenges of
health literacy for a lay population; an increase in workload and demand on services for health
practitioners; and the possibility of increasing disparities in health as New Zealanders who would
most benefit are not able to access this new intervention. These are all legitimate concerns, some
better founded than others and they are all able to be addressed to some degree.
Consumers trust their health practitioners to see to the IT and technical aspects of privacy and
security. The safeguard from a consumer point of view will be found in the transparency of the
system – a clear briefing on where their information is stored, its potential uses to deliver quality
care for them and others like them, the ability to access their information at any time and most
importantly, the ability to see who else has accessed their information. This latter provision is both
the most contentious and the most important. It is not that consumers do not trust health
practitioners. They want to know who is on their care team and what role those people play. In fact,
many consumers are staggered to discover that the ability to share information amongst health
practitioners is not widely available. The Shared Care portal in Auckland has this facility and
enquiries to date have sought information rather than express outrage or accusation. It is sad that
the most publicised breaches of trust have been unauthorised access and use of consumer health
information. This provision addresses that issue.
Consumer health literacy is important. The paper reinforces the need for appropriately complex
medical terms to address clinical requirements. While that need remains, the much maligned Doctor
Google is testament to the fact that people are hungry for health information. Dr Google has no
quality controls and leads people down some very strange garden paths. The opportunity provided
by a patient portal is to link consumers to trusted sites and reliable consumer health information -
which is personally relevant to them and their health. This is likely to increase the quality of health
care relationships.
Consumers are aware of the pressures and limitations on their health practitioners. They commonly
express concerns about ‘wasting the doctor’s time’ or ‘not wanting to bother the doctor’. Consumers
are keenly aware of the time limits imposed on consultation times in primary care. A patient portal
3encourages the development of a partnership approach. Consumers can follow up and prepare for
consultations or gain a greater understanding of their medications, using accurately recorded
information rather than relying on memory and impressions of a doctor’s visit.
The digital divide is real but decreasing. Recent data (2012) reveals 80% of New Zealand households
have access to the internet and there are 4.9 million mobile phones for a population of 4.43 million.
(Statistics NZ 2012.) New Zealanders now own more mobile phones than there are people and
ownership crosses all population groups. Clearly part of the solution is to ensure access using mobile
technology.
The paper does not deal with the harms of NOT offering a patient portal to health consumers – the
harms of ‘business as usual.’ Most health consumers and particularly those with long term
conditions and/or heavy users of health services have patient stories on ‘business as usual.’
For many consumers, business as usual is:
Old fashioned – appointments need to be made during business hours.
Inconvenient– the need to attend appointments during business hours.
Disrespectful– waiting times are longer than appointment times.
Demanding – prescription refills are a chore, problems need to fill a short time frame.
Tedious – covering the same information with a number of health practitioners or service
providers.
Compartmentalised – dealing with health problems and bits of body not all of me.
Uncoordinated – multiple appointments for different symptoms with the same cause.
Inefficient – the ‘right hand not knowing what the left hand is doing.’
Mysterious – uncertainty about what the pink pills are actually treating, what the doctor meant.
Dangerous – missed or clumsy connections transferring across services.
Many health practitioners also share these frustrations. While patient access to electronic
information and interaction with health care services via patient portals can’t address them all, they
do have the potential to change the face of primary health care and bring consumers and their
doctors closer together.
As a New Zealander, my vision is to see doctors in the top three most trusted professions. This paper
is a pathway to a better future for us all. A future which is in your hands – uptake of a patient portal
is most strongly influenced by a trusted health professional who simply offers them the opportunity
to connect and be informed via this medium.
The possibilities are great and the journey will be taken in small steps. The first step is for you to
offer me access to a patient portal. I trust you will have the courage to do that.
Jo Fitzpatrick
4Contents
Contents
Preface .................................................................................................................................................... 3
Introduction ............................................................................................................................................ 7
What is the status quo? .................................................................................................................. 7
What is a patient portal? ................................................................................................................ 7
Aims of this document .................................................................................................................... 8
Scope ............................................................................................................................................... 8
Methods .................................................................................................................................................. 8
Potential benefits and risks of patient portals........................................................................................ 9
Evidence for patient and provider benefits and risks. .......................................................................... 10
Impact on patient-provider partnership ....................................................................................... 10
Health impacts of portals on patients........................................................................................... 11
Work impact of portals for providers ........................................................................................... 11
Disparities of adoption .................................................................................................................. 12
Getting ready for patients to access medical records .......................................................................... 13
PHO strategies to support portal implementation ....................................................................... 13
Health information availability ..................................................................................................... 14
Privacy, confidentiality and security of health information ......................................................... 15
Significant privacy impacts of patient portals – a guide for practices .................................................. 15
Rule 1. Purpose of collection of health information ..................................................................... 16
Rule 2. Collection from the source of health information ............................................................ 16
Rule 3. Collection of health information from the individual ....................................................... 17
Rule 4. Manner of collection of health information ..................................................................... 17
Rule 5. Storage and security of health information ...................................................................... 17
Rule 6. Right of access................................................................................................................... 19
Rule 7. Correction of health information ...................................................................................... 19
Rule 8. Accuracy of health information-check before use............................................................ 20
Rule 9. Retention of medical records............................................................................................ 20
Rule10. Limits on use of health information................................................................................. 20
Rule 11. Limits on disclosure......................................................................................................... 22
Rule 12: Unique identifiers ........................................................................................................... 22
5Common issues to be addressed .......................................................................................................... 22
Security, registration and authentication ..................................................................................... 22
Informing patients of implications of record access ..................................................................... 23
Patient sharing record with someone else ................................................................................... 24
Correction of record-accuracy of record ...................................................................................... 24
Patients contributing to record..................................................................................................... 25
Writing clinical notes .................................................................................................................... 25
Laboratory results ......................................................................................................................... 26
Online communication.................................................................................................................. 26
Third party data or other data that the health professional wishes to remain confidential ....... 27
Children ......................................................................................................................................... 28
References ............................................................................................................................................ 29
6Introduction
Many consumers have considerable experience with online transactions including shopping,
banking, travel reservations and even higher education. However, health care services have been
slow to embrace the opportunities afforded by the internet and electronic media to enable people
to look after their health in a similar way. Over the last decade, new technologies have been
developed to allow patients to view their medical records via secure internet portals. These patient
portals have been advocated as a path towards improving the quality and safety of health services.
They promote patient engagement in their own care, allow patients to be well-informed of their
health care needs and facilitate a more collaborative partnership with their health care team.1,2
The National Health Information Technology (HIT) plan includes the concepts of three portals; a self-
care portal, a maternity portal and shared care portal for patients with complex chronic disease.3
The plan has an aspirational goal that by the end of 2014:
“New Zealanders will have a core set of personal health information available
electronically to them and their treatment providers regardless of the setting as they
access health services.” 4
What is the status quo?
Patient access to their own health records is a fundamental patient right enacted in the Privacy Act
1993 and Health Information Privacy Code 1994. A patient who requests their health information is
given access within 20 working days usually without charge, and in a form that the individual
prefers.5 However, as these records have been paper-based or ‘locked up’ within health services’
electronic health record (EHR) systems, patient access has been relatively uncommon due to logistic
and structural barriers.
What is a patient portal?
Given confusion around the term, we use the same definition from Wikipedia as provided in a recent
review of patient portals that have been developed in conjunction with New Zealand GP patient
management systems:6
“Patient Portals are health care related online applications that allow patients to
interact and communicate with their health care providers, such as physicians and
hospitals. Typically, portal services are available on the Internet at all hours of the day
and night. Some patient portal applications exist as standalone websites and sell their
services to health care providers. Other portal applications are integrated into the
existing website of a health care provider. Still others are modules added onto an
existing electronic medical record (EMR) system or PMS. What all of these services share
is the ability of patients to interact with their medical information via the Internet.
Currently, the lines between an EMR, a personal health record, and a patient portal are
blurring.”
As highlighted in this definition, patient portals are an evolving intervention that allows a patient to
interact with their health information and their health care team via the internet. There is a variety
of ways a portal can be implemented and the extent of health service data that they have available.
7For example, some patient portals have been developed as an addition to a GP’s patient
management system whereas others allow direct contribution from multiple sites and services (e.g.
Shared Care Portal). In USA they are commonly defined as personal health records tethered or
connected to a provider’s EHR.7 These portals are usually paired with secure messaging functions
and the ability to request an appointment or a prescription refill.
Irrespective of their architecture, patient portals represent a new way of patient-clinician interaction
and concerns have been raised about their use. Some of these include the privacy and security of
online records, patient confusion caused by medical jargon or test results, the potential effect on
doctors’ workload and whether disparities in access to electronic media may increase disparities in
patient outcomes.
Aims of this document
In April 2014, the Royal New Zealand College of General Practitioners (RNZCGP) convened an Expert
Advisory Group for patient portals to scope out and develop a resource for general practices. The
aim was to provide guidance to PHOs and their general practice teams seeking to implement patient
portals and support their patients in the safe use of this technology.
Scope
This review aimed to find policies, guidelines, clinical protocols or codes of practice for the use of
patient portals particularly for primary care services. The generated data was summarised and
presented to the Expert Advisory Group at the first meeting. The summary became the basis for
discussion and the scope of this document. In particular, this guide will not include the various
potential IT architecture or configurations, discuss vendor contracting or the business model that the
practices/PHO might adopt for portals. Furthermore, this document will not cover “clinician to
clinician” portals such as Summary Care Records or sharing other patient data between health
services.
Methods
The Chair of the Expert Advisory Group for Patient Portal, Sue Wells, undertook a literature review,
searching electronic medical databases for the evidence for the impact of portals on patients,
providers and health services. Grey literature was also retrieved. The latter included the websites of
professional GP colleges including the American College of Physicians, Royal Australian College of
GPs, Royal College of GPs (United Kingdom), Canadian Medical Association, the College of Family
Physicians of Canada, as well as websites of the Medical Council of New Zealand, Medical Protection
Society, the Office of the Privacy Commissioner, World Health Organisation, the Office of the
National Co-ordinator for Health IT (US) and the Department of Health and Human Services (US). To
understand the work that had already been conducted in New Zealand regarding shared records and
patient portals, the Chair also contacted the National Health IT Board, Patients First, Midland Health
Network, Compass Health, Canterbury District Health Board and Pegasus Health. In addition she also
communicated with experts in the United States, Australia, United Kingdom, Denmark and Sweden.
8Potential benefits and risks of patient portals
The adoption of patient portals imposes a significant change to ‘usual’ primary care practice and
work flows. There are set-up and on-going costs with implementation and licensing as well as the
initial burden of work involved for patient registration. Once portals are up and running in the
practice, what are the expected potential benefits and risks? Table 1 includes the majority of the
claims (potential benefits and risks) noted in the literature which are relevant to the New Zealand
health care context. They are categorised according to positive or negative claims and whom these
most affect – consumers, health professionals, population health/funders.1,2,8-13
Table 1: Potential benefits and risks of patient portals for consumers, health professionals, funders
and society
Potential benefits of patient portals Potential risks, concerns and challenges from
patient portals
Consumer, Support wellness and self-management Increase in patient confusion
patients and activities Increase in patient anxiety
their caregivers Improve understanding of health issues Risk of breaching privacy and security
Increase sense of control over health Risk if patients use this mode of
Increase control over access to personal health communication in times of emergency
information
Support timely, appropriate preventive
services
Support health care decisions and
responsibility for care
Strengthen communication with providers
Improve relationship with providers
Verify accuracy of information in provider
records
Support home monitoring for chronic diseases
Support understanding, appropriate and
continued use of medications
Support continuity of care across time and
providers
Avoid duplicate tests
Reduce adverse drug interactions and allergic
reactions
Reduce hassle through online appointment
scheduling and prescription refills
Increase access to providers via e-visits
Health Improve access to data from other providers Increase in workload with initial
professionals and the patients themselves implementation
Increase knowledge of potential drug Increase in health professional workload with
interactions and allergies patient concerns and messaging queries
Avoid duplicate tests Increase in litigation
Improve medication adherence Risk of privacy and security breaches
Provide information to patients for both
health care and patient services purposes
Improve efficiency in providing patients with
specific information or services (e.g., lab
results, Rx refills, e-visits)
Improve documentation of communication
with patients
9 Improve customer service (transactions and
information)
Support wellness and preventive care
Improve workforce productivity
Encourages a more open and honest
relationship with patients
Funders/ Support wellness and preventive care Increase disparities due to differential uptake
Societal/ Improve workforce productivity especially if do not address health literacy
Population Promote empowered health care consumers issues, special needs (visual, cognitive or
Health Benefits Strengthen health promotion and disease physical limitations) and access to internet
prevention Increase health care utilisation (e.g. GP visits,
Improve the health of populations hospitalisation and ED visits.)
Expand health education opportunities
Evidence for patient and provider benefits and risks.
Given the potential benefits and risks, evidence was sought from the literature looking at the impact
of portals on patients and providers. Six recent systematic reviews were retrieved that focused on
patient access to their electronic health records and e-communications with their health care
team.9,14-18 The majority of the literature to date has come from qualitative analyses, cross-sectional
surveys, or descriptive cohort studies. The most recent systematic review15 identified 20 randomised
controlled trials published between 1970 and 2013. The patient population of interest for nearly half
of the controlled studies were patients with chronic diseases including diabetes, cancer, heart
failure and high blood pressure.15
Existing literature showed that most patients are highly enthusiastic and positive about the
opportunity to access their health records through patient portals.19 However, health professionals
are far more reticent and usually express concerns that patients may be confused and overwhelmed
by the medical jargon or that they will be bombarded by patients sending messages to them.20,21
Internationally and from early experiences in New Zealand, these concerns have not eventuated.28,29
Of note, Davis Giardina et al.(2014) found that there was no “evidence to substantiate any negative
patient outcomes resulting from access to health information.” 15 In particular, access to a portal was
not associated with an increase in patient anxiety. From the Open Notes project conducted in three
large US health care organizations, the majority of patients viewing at least one visit note reported
that they:20
understood their health conditions better (77-85%)
remembered their care plan better (76-83%)
felt in more control of their care (77-87%)
were able to take better care of themselves (70-72%)
were better prepared for visits (69-80%)
would take medications better (60-78%).
Impact on patient-provider partnership
W. Edwards Deming (1900-1993), one of the pioneers of quality improvement, argued that “97% of
what is important isn't measured or isn’t measurable.” Only proxy measures therefore are available
to look at the impact of portals on the patient-provider partnership.
10The most consistent finding is that allowing patients to read medical records leads to improved
patient-provider communication.2,20 Patients being able to access their GP records have reported
feeling that they have more trust and confidence in their doctor and that it helped them feel like
partners in health care.22 Accessing their health information online also:
helped patients prepare for consultations;
helped to clarify complex communication that occurred during consultations; and
being able to review the record at home after a consultation assisted their memory,
understanding and self-reported adherence to their care plan. 20,22
Doctors who were involved in the Open Notes project where visit notes were opened up as well as
other portal functionalities commented that it “strengthened relationships with some of their
patients (including enhanced trust, transparency, communication, and shared decision making) and
that participation was easier than expected or seemed to make no difference to their work lives.” 20
Health impacts of portals on patients
The randomised controlled trials to date have investigated the effect of patient portals on various
patient outcomes such asphysiological outcomes (e.g. BP control or HbA1c), psychological outcomes
(e.g. depression, quality of life), health behaviours, adherence, patient satisfaction and self-efficacy.
The evidence from these studies is promising but mixed. While some have shown improvements,
others have found no impact. While evidence is sparse, there is data suggesting that the use of
secure messaging can improve glucose outcomes in patients with diabetes and increase patient
satisfaction.17 Furthermore, Goldweig et al. (2012) found that secure messaging as part of a web-
based management program was more effective than secure messaging alone.17
Several factors regarding the literature for the above patient outcomes need to be taken into
account. Firstly, the current data available represents very mixed, heterogeneous study populations,
differing portal designs, mixed interventions, different measured outcomes and mostly very short
time frames (one year or less). Most of the literature comes from the US where compared to non-
users, the majority of portal users have private insurance, higher incomes and are mostly white. As
such, these people may have better health outcomes anyway and access to a portal might be too
weak an intervention to show improvements compared to controls. Secondly, the design of patient
portals may be a crucial factor for patient engagement and the ability to get the most value from this
technology. Studies have noted the lack of portal design and content for chronic disease
management, 18,23 and low use of the portal as a natural hub for multidisciplinary care co-ordination
and case management.23
Work impact of portals for providers
Evidence for portal use and time and resource efficiency has been largely descriptive. A recent
qualitative study of US health care institutions indicated physician acceptance of this technology
occurred as it made their indirect care work easier and that physicians found this form of
communication “just saved time.”21 The major time saver was losing the ‘telephone tag’ and
automatic documentation of patient-provider asynchronous communications.21 In the Open Notes
project, very few doctors (0-5%) reported longer consultations as a result of patients reading their
visit notes. Furthermore, few reported having to spend more time addressing patient concerns
outside of the consultation (0-8%).20
11The implementation of patient portals has not been associated with increased litigation.20,24
It has been reported that around 28% (17-35%) of all visits do not require face-to-face
appointments25,26 and the premise is that online messaging may substitute for some consultations.
Indeed an assessment of the impact of patient-provider electronic communication indicated that
office visits could be reduced by 10-20% in integrated settings.27 However, studies of the actual
impact of patient portals on health care utilisation are mixed. Conducted in different US regions,
three studies documenting experiences within Kaiser Permanente are notable.28-30 The first two
found that implementing a patient portal linked to the Kaiser EHR, reduced primary care visits by
6.7% in one study30 and by 25.3% in the other.28
However, the third study found a marked increase in all health care utilisation.29 Matching for age,
sex, utilisation frequencies, and chronic illnesses, they categorised patients as portal users or non-
users. Then they compared individual patient utilisation of services in the year after they registered
on the portal to the previous year. Compared to non-adopters, they found that adoption of a patient
portal was associated with increased telephone contacts (+0.3 per member/year) office visits (+0.7
per member/year), emergency department visits (11.2 per 1000 members/year) and hospitalisations
(19.9 per 1000 members/year). No explanation was given for possible reasons for this increase. It
will be important to follow-up these cohorts in the longer term to investigate whether the pattern of
utilisation continues. For all three of these studies, confounding may still be a problem.31
Utilisation will need to be monitored in New Zealand. As yet, these findings have not been mirrored
in early experience of portal use here.
Disparities of adoption
All new technologies and interventions have the capacity to increase disparities in health outcomes
due to differential uptake. In fact many have raised concerns about portals exemplifying the inverse
care law32 – those with most need would be least able to access and use them. Indeed, patients that
adopt portals in the US have been reported to be very different from non-adopters by age, gender,
ethnicity, socioeconomic status and presence of co-morbidities.33-37 The differences vary whether
the measure is ‘getting registered’ or ‘active accounts’ (i.e. patients use the portal once registered).
The reasons given for the differences include no provider encouragement to register, lack of patient
need (young healthy people may not see the value), health literacy issues, special needs (visual,
cognitive or physical limitations), language barriers, no internet, no computer, lack of computer
literacy and patient fears or mistrust of the system.
However, differences in uptake are likely to be an issue for high risk populations with chronic
disease. Compared to the ‘healthy’, these patients have greater information needs, often complex
care plans, multiple providers and poly-pharmacy requiring co-ordinated and sustained care over
time. Experience in the US is that patients with chronic disease are less likely than healthy adults
(62% vs. 81%) to have internet access.38 However, this is rapidly changing with the rise in the
adoption of smart phone technology.39 Indeed, once chronic disease patients have internet access,
they are more likely to seek health information online38 and also to adopt portals than those without
chronic disease.37,40 Portal adoption will need to be monitored carefully in New Zealand. The
availability of smart phone apps is likely to be important for reducing disparities in uptake due to
lack of computer access.
12Getting ready for patients to access medical records
This section looks at an overall approach for primary health care organisations (PHOs) to consider if
they are embarking on implementing patient portals in their member practices. The discussion then
looks more at the practice and health professional level regarding readiness for enabling record
access, privacy and security concerns and other key issues raised by patients and health
professionals.
PHO strategies to support portal implementation
It is not in the scope of this document to discuss IT architecture, or to guide vendor contracting or
the business model that the practices and/or PHOs adopt for portals. However, should PHOs wish to
support their practice to implement portals, recent research indicates that the following steps
facilitate implementation success – both with health professional acceptance and patient uptake.21
1. Have a vision. With patient involvement, work out how patient portals could be a part of the
PHO strategic priorities. For example, some PHOs might have a vision of better supporting the
patient and their whanau and strengthen the partnership with their health care team. For
another PHO, the portal might be a vehicle to achieve evidence-based care such as appropriate
CVD risk management for all those who have been risk assessed. In Midlands Health Network,
the portal fits into their overall transformational plan – The Model of Care.
2. Articulate the PHO vision widely and in what way the portal might be pivotal to the envisioned
change.
3. Gather a governance group and identify consumer and frontline health care staff who are
interested. As the portal is a whole of practice intervention – include patients, nurses,
receptionists, practice managers as well as GP leaders. The first task of the governance group
should be to check whether the vision is one they all support and how the portal can support
this vision. This group then works to ensure the privacy and security standards (including a
Privacy Impact Assessment) are in place and maintained, the extent of the initial pilot and how
practices will be supported. There should be ongoing governance of patient portals in order to
manage maintenance of the standards put in place at the time of implementation and to ensure
that the portal continues to function as intended.
4. Have a communication plan. Provide patient education and information during the portal
registration process. There needs to be careful advertising and printed material available for
patients to understand how the portal will work and what security measures will be in place.
Having pamphlets to hand out to patients to start the conversation as well as when they register
along with posters for the practices are really useful.
5. Start small. For example, one practice, one doctor. Depending on circumstances, the practice
might start with a subset of the portal functions and gradually introduce more.
6. In the early adopting pilot sites, conduct two work process design projects. One on how to
register patients to the portal and a second on how implementing the portal can be
incorporated to make practice work easier. International experience is to formally map the work
flows in practice processes where a portal will bring about a change in the status quo.21 This will
typically include prescriptions, telephone queries, appointments and how laboratory test results
are communicated. Process flows will clearly show what is currently happening and where the
bottlenecks are. Then repeat the process by mapping how they will occur with the portal.
137. Communicate the stories of the early adopting pilot sites to other practices. A useful strategy
internationally was having champions – patients who tell their story of the importance of the
portal for them and members of the health care team (GP, nurse, receptionist, practice
manager) who visit other practices, discuss issues and concerns and bring their own ‘tried-and-
tested’ experiences in early adopting practices.21
8. Train practice teams on the use of their patient portal system. For registration, one of the keys
to patient uptake is that everyone in the practice team has a role in letting patients know about
the portal and signing them up. Furthermore, all practice members need to be comfortable
navigating the portal so that they can guide patients and their queries. Consider scripting roles of
each of the practice team.
9. Set targets. For example, Midlands Health Network in a Model of Care practice set a target of 50
patients signed up to the portal per month. International evidence suggests that the most
successful strategy for portal adoption is if their trusted health professional encourages them to
do so.21
10. Monitor uptake and actively seek feedback from practices on issues that arise.
11. Communicate to practices and to patients what is happening, what the problems have been and
how they have been addressed. Celebrate success and continue to monitor.
Health information availability
The most common functions and features available to patients through portals connected to their
health care team are listed below. 9,23,41,42
Problem list
Medications
Allergies and alerts
Record of visits (time/date/provider)
Immunisations
Laboratory results
Provision of condition-specific information and helpful links to other websites that have patient
friendly education resources to help understand medical terms and care
Clinical summary record
Pathology and radiology results
Family history, social and lifestyle history
Visit consultation notes
Operation notes
Secure patient-provider messaging functionality
Prescription refill requests
Appointment requests and in some cases the ability for patients to self-schedule appointments
Patient reminders (for preventive care or appointments)
14The functions most commonly used by patients internationally are viewing laboratory results,
requesting an appointment, messaging their health care team and requesting a prescription refill.23
Most portals internationally provide links to trusted consumer educational resources from all
aspects of data (e.g. weblinks from each diagnosis or each laboratory test.)
There are a variety of approaches that a general practice could consider with respect to offering
record access and online transactions. New Zealand is in an early phase of implementation of portal
technology and what we do will emerge and mature over time. Advice from other health systems is
to consider a staged approach – introducing access to some of the data and functionality available
and then gradually extend access as patients and health professionals develop confidence.21,43
Therefore, while the patient can always request access to their full set of notes, initially only a subset
of these is made available online. It is in essence an alternative way for patients to be more informed
and involved in their care. Opening up functions and health information gradually allows the practice
to sort out their work flow processes, new roles and responsibilities and adapt to this new way of
working. Some practices may wish to make consultation notes available and if so may decide on a
start date going forward rather than all notes from all times in the past. However, all decisions about
what data is available should be made in agreement with the patient.
Privacy, confidentiality and security of health information
For both patients and health professionals, it is vital that privacy and confidentiality of health
information is maintained. To maintain trust in their GPs, patients need to continue to have
confidence that their health information will not be inappropriately shared or accessed. Practices
should have a policy on access to patient portals which is compliant with the Privacy Act 1993 and
the Health Information Privacy Code 1994. A formal Privacy Impact Assessment (PIA) is an ideal
place to gain an understanding of the impact of the portal on each of 12 rules of the Health
Information Privacy Code 1994.44 The Advisory Group believes that the capacity to conduct the PIA is
likely to be at the PHO rather than at the practice level.
The practice’s patient portal should provide a secure environment which enables patients to view
their clinical summary and medication list, laboratory test results and to interact with their practice
(including messaging the practice team, making appointments and requesting a repeat prescription).
Functionality of the patient portal should meet current accepted standards for security (e.g., HISO
standards), access, auditability, information ownership and use.
Patient portals use the internet and patient information is sometimes stored on a web-based server
(i.e. separate to the practice systems). Having an internet connection is a genuine security risk and
all practices are encouraged to review their IT risk management. This includes assigning
responsibilities for IT security, having policies and procedures in place, ensuring access control and
other risk management measures.
Significant privacy impacts of patient portals – a guide for practices
Each PHO or group who are considering implementing Portals will need to work through a privacy
impact assessment for themselves. The following guide sets out significant impacts, but is not
intended as a replacement. Differing portal architecture or implementation of other data sharing (for
15example Clinician-to-Clinician portals with summary care records) will require consideration and
adaptation of the guidance given here.
This section has been adapted from the Privacy Impact Assessments conducted by Midlands Health
Network Ltd45 and Compass Health46 and provides acknowledgement where segments of these
documents have been used. In addition, guidance has been drawn from documents published by
Medical Council of New Zealand47 and the Office of the Privacy Commissioner.44
The impact a portal might have on each of the 12 rules of the Health Information Privacy Code
199444 has been identified. For each rule we outline its intent, describe in general how the rule is
applied currently and then describe what impact a patient portal might have. The portal architecture
that is used to frame this assessment relates to those connected to a GP’s patient management
system. Current instances of this type of portal are ManageMyHealth [MedTech], Health 365 [My
Practice] and Accession Patient [Intrahealth]. In this scenario, the portal connects patients through a
password protected internet connection directly to a subset of their electronic health records either
stored as an extract from the practice in a separate database or retained within general practice
electronic systems. It allows patients access to their health records or to an agreed subset of their
health information and provides patients with the ability to electronically communicate with the
practice with queries and various other functions such as prescription refills or appointment
requests.
Rule 1. Purpose of collection of health information
Health information must only be collected for a lawful purpose that is related to the function or
activity of the health agency.
How the rule is currently applied: All health professionals collect and record patient health
information and decisions made about their medical care. The purpose is to provide a record of a
patient’s medical history and on-going treatment as well as meeting medico-legal requirements to
describe and support the management of the patient’s health care. Information is also collected for
the purpose of sharing with other health professionals such as for referrals or to ensure continuity of
care for the patient. The information may also be recorded for statutory or statistical purposes.
Impact of a patient portal: The portal does not change the current purpose of collecting health
information
Rule 2. Collection from the source of health information
In most cases, health information must be collected directly from the person who the information is
about. However, sometimes it is acceptable to collect information from other people instead. For
example, where the patient has authorised you to collect the information from someone else.
How the rule is currently applied: In almost all circumstances in general practice, information is
collected directly from the patient or from parents, guardians, or caregivers.
Impact of a patient portal: The portal provides a new collection opportunity for the patient (and/or
their authorised representative) to send information electronically to their general practice team
that may be able to be incorporated into their electronic medical record.
16Rule 3. Collection of health information from the individual
When a general practice collects health information from an individual, it has to take reasonable
steps to make sure that person is aware of the information flows and the purpose of those flows.
The individual needs to know that data will be collected, why it is being collected, who will get the
information, who will be storing the information and that they have right to access it. They also need
to know whether they have to supply the information or if it is voluntary and what will happen if the
information isn’t provided.
How the rule is currently applied: Usually these steps are carried out at the time of patient
enrolment into a practice/PHO with the patient signing an enrolment form with specially designed
privacy statements. The practice may well also have pamphlets that the patient can take home with
them and notices on waiting room walls. The supply of information from a patient to their health
care professional is nearly always voluntary with the patient choosing to disclose what they wish.
Impact of a patient portal: Although patients will have signed an enrolment form, it will be necessary
to confirm with the patient the impact of registering with the portal in terms of where it is stored
(e.g. depending on the portal product this may be a view the patient has into the local practice PMS
system or a secure web server that uploads patient information from the patient management
system), who has access to the information and the voluntary nature of the process.
Rule 4. Manner of collection of health information
Health information must be collected in a lawful, fair and not unduly intrusive manner.
How the rule is currently applied: Health professionals deal with sensitive personal information on a
daily basis and have processes in place for the collection of health information. These processes are
already governed by professional quality standards such as those outlined RNZCGP Foundation
Standard 20 – Continuity of care is facilitated by the registration of new patients; and Standard 21 –
Patient records meet the requirements to describe and support the management of health care
provided.
Impact of a patient portal: Although the portal provides a new opportunity for exchange of
information between the patient and their health care team, the manner it is collected should not
change.
Rule 5. Storage and security of health information
Agencies holding health information must ensure that there are reasonable safeguards in place to
prevent loss, unauthorised access, misuse or disclosure of health information.
How the rule is currently applied: A patient’s medical history and other related health information is
usually stored within the practice’s patient management system. As outlined in the Compass Health
Privacy Impact Assessment,46 “Almost all general practices are connected to the internet, usually by
a broadband internet connection. This internet connection is used primarily for the use of normal
business email, web browsing and for creating secure messaging gateways to communicate
electronically with other health professionals (most often using the HealthLink product). The
terminology “surface area” is often used to describe how much potential there is for threats to
attack the security of a system. Having an internet connection is a genuine security risk. The
17associated surface area for attack it provides is extremely minimal if it is configured correctly. Having
46
an internet connection has a high business benefit which outweighs the associated risks.”
The Health Information Security Framework (HISO 10029.1) provides recommendations for health
agencies on safeguarding health information so that it is “produced, stored, disposed of and shared
in a way that ensures the information’s confidentiality, integrity and availability.” 48
Impact of a patient portal: Some portals utilise the internet and patient information is stored on a
secure web-based server (i.e. separate to the practice systems). In addition it will be important to
review Privacy Statements and Security measures relating to each portal vendor’s product in terms
of encryption during transmission and within the portal webserver.
The following text has been excerpted from from the Privacy Impact Assessment conducted by
Compass Health.46 It relates to the ManageMyHealth portal but the advice is pertinent to the other
instances of PMS-linked portals currently available.
“At present the data is secured with a single-factor authentication mechanism, requiring
anyone wishing to access it to have a matching pair of username and password.
The risk with the most likelihood of occurring is one where a patient or provider
compromises the system security by inadvertently or deliberately giving others their
username and password. To mitigate this, it will be important within the patient
information to stress the importance of keeping their username and password safe and
to only give it to other people that are acting as their guardian or advocate if they wish
to. It will also be important to ensure that health professionals are educated fully as to
their responsibilities and measures that they need to take to ensure the safety of the
system. Organisations will also be asked to ensure that their network, processes and
procedures meet a minimum security standard (based on HISO recommendations.)” 48
There is also a risk that a web-based portal can be compromised by software vulnerabilities. In
particular, developers need to ensure that sites are robust against cross-site scripting attacks, which
may provide unintended access into an underlying database. Therefore, any patient portal should be
subject to a robust information security risk assessment before it is loaded with live data.
The Privacy Commissioner has also advised that passwords are (a) often compromised, and (b)
usually not strong. Passwords are also particularly vulnerable to socially engineered password resets
(i.e. calling the helpdesk and requesting a password reset). Password reset protocols need to be
robust against attackers who are likely to know important facts about people (such as estranged
family members or investigators).
Patients having registered to a portal can allow other health professionals (and indeed whoever they
wish) access to the health information that has been transferred to the portal. This scenario is likely
to be useful when patients travel and need to seek health care from other health professionals not
usually involved in their care. However, as an additional security measure, audit functionality for the
patient is highly recommended. Depending on the product, it will be important to check whether the
portal provides audits of access to the system and what the audit entails (e.g. displays date, time,
18type of access and who accessed the information). In addition, check with vendors regarding
blocking access with repeated failed attempts to log on.
Rule 6. Right of access
Patients have a right to access their own health information upon request. Health agencies are
required to deal with such a request within 20 working days and in general, give the information
without charge and in a form that the individual prefers. General practices can refuse to give access
in some situations. For example, if giving the information would endanger patient safety, prevent
detection and investigation of criminal offences or involve an unwarranted breach of someone else’s
privacy.44
How the rule is currently applied: Currently, if patients want to view their health information they
need to make contact with their general practice and request this. This is usually given as a print-out
of the electronic information or provided face-to-face with their health professional. General
practices have existing processes if there is a need to withhold the information.
Impact of a patient portal: The portal substantially facilitates access to a patient’s own health
information. Patients who have registered to the portal will have daily access to their health
information uploaded from the patient management system to the portal. However, this is unlikely
to be the complete health record but a subset that is agreed upon by the GP and the patient as well
as the technical capabilities of the portal product. The GP still retains the ability to withhold
information by making a judgement call on the appropriateness of the information to be uploaded.
The patient still retains the right to request and receive access to all their health information at their
general practice using the standard process as set out in the Privacy Act.
Rule 7. Correction of health information
Patients share their health information with their doctor to better their own health care.
Comprehensive and accurate records are integral to providing quality care. Patients have the right to
ask the general practice to correct the information held about them, if they think it is wrong. The
health professional has an obligation to correct the information when it is wrong. Or if they feel it is
inappropriate to do so, they are obligated to attach a note to the patient record outlining the
request, the patient’s view about what the correct information is and the subsequent refusal.
How the rule is currently applied: At the present time any request for correction would have
generally come from a patient viewing their own health records either as a print-out or face-to-face
with their health professional. The practice might arrange an appointment with the patient and the
health professional responsible for the information. The health professional would then either be
able to correct the information, or decide that the information was accurate and not need
correction. In the latter case, they would usually make a note within the PMS daily record, as to the
patient’s request, subsequent refusal and grounds for not changing the information.
Impact of a patient portal: The portal substantially facilitates access to a patient’s own health
information and also usually allows the patient to communicate directly through the portal to their
health care professional if they see an error or gap in the health information and ask for
correction/addition to the source data (i.e. the electronic health record located in the patient
management system). Furthermore, the patient has the ability to review whether the correction has
19occurred. Therefore the presence of a portal is likely to improve the accuracy and completeness of
health information.
Rule 8. Accuracy of health information-check before use
Before using or disclosing health information, an agency must take reasonable steps to check that
information is accurate, complete, relevant, up-to-date and not misleading. The more important the
information is, the more rigorous the steps to ensure accuracy.
How the rule is currently applied: Both from a medico-legal and duty of care perspective, all health
professionals need to collect and record health information as accurately as possible and in enough
detail to back their clinical decisions. At times they also need to share this data with other health
professionals (e.g. referral to other services). They are required to ensure the information is up-to-
date, complete and the context of the health information is also often given to assist care delivered
by other health professionals. However the data is also reliant on the health professional asking and
on the patient providing all relevant information. Sometimes the information may be wrong or
incomplete as at the time of documentation.
Impact of a patient portal: All health professionals will continue to take reasonable steps to ensure
accuracy and completeness of data.
Rule 9. Retention of medical records
Agencies can only keep health information for as long as is necessary to carry out the purpose for
which the agency got the information in the first place. In terms of the general practice setting, it is a
core repository of a patient’s medical history and needs to be kept for on-going future care. The
Health (Retention of Records) Regulations 1996 requires that health information must be retained
for a minimum of ten years from the day after the last treatment or care of that individual by the
agency holding the information.47
How the rule is currently applied: With electronic records a general practice would hold a copy of a
patient’s file often indefinitely even if the patient has transferred to another practice or if the
patient has deceased.
Impact of a patient portal: Medical records will still be retained within a practice’s patient
management system. However, in some instances the portal information is held on a separate
database and patient generated data might be uploaded and stored there. Therefore the portal
component of retention or transfer will need to be addressed.
Rule10. Limits on use of health information
Agencies must use health information for the same purpose for which they obtained that
information.
How the rule is currently applied: in general, patients are given a PHO enrolment form which outlines
the purpose and use of their information. The information is primarily used to support the provision
of clinical care. It is also used for reporting on health service performance and for health statistics.
The practices are obligated to provide this data to their PHO and the PHO is also obligated to use the
information in a defined manner. This is usually at an aggregated and non-patient identifiable level.
The practice team and the PHOs are the guardians of the use of the health information.
20You can also read
