Carolyn Petersen

Legal and Regulatory Considerations Associated with Use of Patient-Generated Health Data from Social Media and Mobile Health (mHealth) Devices

Patient-generated health data are coming into broader use across the health care spectrum and hold great promise as a means to improve care and health outcomes. At the same time, rapid evolution in the social media and mobile health (mHealth) market has promoted an environment in which creation and transmission of personal health information is easy, quick, and appealing to patients. However, adoption of social media and mHealth by providers is hampered by legal and regulatory concerns with regard to data ownership and data use. This article defines common forms of patient-generated health data (PGHD) and describes how PGHD is used in clinical settings. It explores issues related to protection of personal health information, including that of children and adolescents, data security, and other potential barriers such as physician licensure. It also discusses regulatory and legal considerations providers and patients should consider before using social media and mobile health apps.

AMIA's code of professional and ethical conduct

AMIA, as other professional societies, has a long-standing interest in promoting a strong ethical framework for its membership. This white paper presents the latest AMIA Code of Professional and Ethical Conduct. It was approved in November of 2011 by the AMIA Board of Directors. This document constitutes a revision of, and update to, the first code, approved and published in J Am Med Inform Assoc 1 in 2007. In an effort to keep pace with the fields vitality, the code presented here is intended to be a dynamic document, and will continue to evolve as AMIA and the field itself evolve. AMIA will publish on its web site this version of the code as part of a process that seeks ongoing response from, and involvement by, AMIA members. The code is meant to be practical and easily understood, so it is compact and uses general language. Unlike the ethics codes of some professional societies, the AMIA code is not intended to be prescriptive or legislative; it is aspirational, and as such, provides the broad strokes of a set of important ethical principles especially pertinent to the field of biomedical and health informatics. The code is organized around the common roles of AMIA members and the constituents they serve—including patients, students, and others—and with whom they interact. The AMIA Board and the AMIA Ethics Committee encourage members to offer suggestions for improvements and other changes. In this way, the code will continue to progress and best serve AMIA and the larger informatics community. Codes of ethics for professionals present special challenges in conception and execution. The goal of this code is to lay out the core values of this profession in a way that inspires AMIA members to acknowledge and embrace these values. While the crafting of the code involved many …

mHealth: Don't Forget All the Stakeholders in the Business Case.

Mobile health (mHealth) facilitates linking patient-generated data with electronic health records with clinical decision support systems. mHealth can transform health care, but to realize this potential it is important to identify the relevant stakeholders and how they might be affected. Such stakeholders include primary stakeholders, such as patients, families and caregivers, clinicians, health care facilities, researchers, payors and purchasers, employers, and miscellaneous secondary stakeholders, such as vendors, suppliers, distributors, and consultants, policy makers and legislators. The breadth and depth of the mHealth market make it possible for mHealth to have a considerable effect on people’s health. However, many concerns exist, including privacy, data security, funding, and the lack of case studies demonstrating efficacy and cost-effectiveness. Many American and European initiatives to address these concerns are afoot.

A Code of Professional Ethical Conduct for the American Medical Informatics Association: An AMIA Board of Directors Approved White Paper

The AMIA Board of Directors has decided to periodically publish AMIAs Code of Professional Ethical Conduct for its members in the Journal of the American Medical Informatics Association. The Code also will be available on the AMIA Web site at www.amia.org as it continues to evolve in response to feedback from the AMIA membership. The AMIA Board acknowledges the continuing work and dedication of the AMIA Ethics Committee. AMIA is the copyright holder of this work.

The Future of Patient Engagement in the Governance of Shared Data.

Background: The emerging health care system increasingly values patient engagement and shared decision-making between patients and their providers. The practice of these values is gaining importance as the patient-centered medical home model and personalized medicine come into greater use. Opportunity for Improvement: Exploration of patient preferences about personal health data use for research and quality improvement is a fundamental element of the provider-patient relationship. Giving patients an explicit opportunity to discuss their options about use of their data and implementing a process that allows patients to receive desired communications about how their information is used can help build patient trust, a requirement for successful care partnerships. Practice Advancement: Working to change organizational cultures that exclude patients from participation in important decisions related to personal health information use promotes a strong patient-provider relationship and, ultimately, lays the foundation for improved health care through expanded use of patient data.

Big Data in Healthcare - Defining the Digital Persona through User Contexts from the Micro to the Macro. Contribution of the IMIA Organizational and Social Issues WG.

OBJECTIVES While big data offers enormous potential for improving healthcare delivery, many of the existing claims concerning big data in healthcare are based on anecdotal reports and theoretical vision papers, rather than scientific evidence based on empirical research. Historically, the implementation of health information technology has resulted in unintended consequences at the individual, organizational and social levels, but these unintended consequences of collecting data have remained unaddressed in the literature on big data. The objective of this paper is to provide insights into big data from the perspective of people, social and organizational considerations. METHOD We draw upon the concept of persona to define the digital persona as the intersection of data, tasks and context for different user groups. We then describe how the digital persona can serve as a framework to understanding sociotechnical considerations of big data implementation. We then discuss the digital persona in the context of micro, meso and macro user groups across the 3 Vs of big data. RESULTS We provide insights into the potential benefits and challenges of applying big data approaches to healthcare as well as how to position these approaches to achieve health system objectives such as patient safety or patient-engaged care delivery. We also provide a framework for defining the digital persona at a micro, meso and macro level to help understand the user contexts of big data solutions. CONCLUSION While big data provides great potential for improving healthcare delivery, it is essential that we consider the individual, social and organizational contexts of data use when implementing big data solutions.

Through Patients' Eyes: Regulation, Technology, Privacy, and the Future

Summary Privacy is commonly regarded as a regulatory requirement achieved via technical and organizational management practices. Those working in the field of informatics often play a role in privacy preservation as a result of their expertise in information technology, workflow analysis, implementation science, or related skills. Viewing privacy from the perspective of patients whose protected health information is at risk broadens the considerations to include the perceived duality of privacy; the existence of privacy within a context unique to each patient; the competing needs inherent within privacy management; the need for particular consideration when data are shared; and the need for patients to control health information in a global setting. With precision medicine, artificial intelligence, and other treatment innovations on the horizon, health care professionals need to think more broadly about how to preserve privacy in a health care environment driven by data sharing. Patient-reported privacy preferences, privacy portability, and greater transparency around privacy-preserving functionalities are potential strategies for ensuring that privacy regulations are met and privacy is preserved.

Balancing Between Privacy and Patient Needs for Health Information in the Age of Participatory Health and Social Media: A Scoping Review

Summary Objectives:  With the increased use of participatory health enabling technologies, such as social media, balancing the need for health information with patient privacy and confidentiality has become a more complex and immediate concern. The purpose of this paper produced by the members of the IMIA Participatory Health and Social Media (PHSM) working group is to investigate patient needs for health information using participatory health enabling technologies, while balancing their needs for privacy and confidentiality. Methods:  Six domain areas including media sharing platforms, patient portals, web-based platforms, crowdsourcing websites, medical avatars, and other mobile health technologies were identified by five members of the IMIA PHSM working group as relevant to participatory health and the balance between data sharing and patient needs for privacy and confidentiality. After identifying the relevant domain areas, our scoping review began by searching several databases such as PubMed, MEDLINE, Scopus, and Google Scholar using a variety of key search terms. Results:  A total of 1,973 studies were identified, of which 68 studies met our inclusion criteria and were included in the analysis. Results showed that challenges for balancing patient needs for information and privacy and confidentiality concerns included: cross-cultural understanding, clinician and patient awareness, de-identification of data, and commercialization of patient data. Some opportunities identified were patient empowerment, connecting participatory health enabling technologies with clinical records, open data sharing agreement, and e-consent. Conclusion:  Balancing between privacy and patient needs for health information in the age of participatory health and social media offers several opportunities and challenges. More people are engaging in actively managing health through participatory health enabling technologies. Such activity often includes sharing health information and with this comes a perennial tension between balancing individual needs and the desire to uphold privacy and confidentiality. We recommend that guidelines for both patients and clinicians, in terms of their use of participatory health-enabling technologies, are developed to ensure that patient privacy and confidentiality are protected, and a maximum benefit can be realized.

Balancing Health Information Exchange and Privacy Governance from a Patient-Centred Connected Health and Telehealth Perspective

OBJECTIVES  Connected healthcare is an essential part of patient-centred care delivery. Technology such as telehealth is a critical part of connected healthcare. However, exchanging health information brings the risk of privacy issues. To better manage privacy risks we first need to understand the different patterns of patient-centred care in order to tailor solutions to address privacy risks. METHODS  Drawing upon published literature, we develop a business model to enable patient-centred care via telehealth. The model identifies three patient-centred connected health patterns. We then use the patterns to analyse potential privacy risks and possible solutions from different types of telehealth delivery. RESULTS  Connected healthcare raises the risk of unwarranted access to health data and related invasion of privacy. However, the risk and extent of privacy issues differ according to the pattern of patient-centred care delivery and the type of particular challenge as they enable the highest degree of connectivity and thus the greatest potential for privacy breaches. CONCLUSION  Privacy issues are a major concern in telehealth systems and patients, providers, and administrators need to be aware of these privacy issues and have guidance on how to manage them. This paper integrates patient-centred connected health care, telehealth, and privacy risks to provide an understanding of how risks vary across different patterns of patient-centred connected health and different types of telehealth delivery.

Patient informaticians: Turning patient voice into patient action

Abstract Historically, patients have held a passive role within healthcare, seeking consultation from and following the directions of providers and their care teams. However, changes in culture, education, and technology are making it possible for patients to proactively develop and implement technologies and approaches for health management and quality of life enhancement—to act as patient informaticians. This perspective reviews the societal shifts facilitating the evolution of patient informaticians as discrete actors within healthcare, describes the work of patient informaticians and how this work differs from that of other patient roles (eg, patient advocates), considers examples of patient informaticians in action, and defines patient informaticians’ position relative to the healthcare system.