The see-saw of patient data confidentiality is one in constant motion.
The see-saw of patient data confidentiality is one in constant motion. On one side are the system designers and medical lawyers whiplashed from their collisions with unhappy patients and healthcare professionals. Sitting on the other are clinicians, shouldering the burden of human lives. A panel discussion at Singapore Healthcare Management 2015 discusses which is more important – saving patient lives or keeping their medical records secure.
Which is more important - data safety or work efficiency?
What are the risks involved?
Education and coorperation of users key
As far as the issue is concerned, Associate Professor Loo Chian Min carries the unfortunate title of Chief Medical Informatics Officer of SingHealth. He plays for both sides as a system administrator with a duty to protect patient data, and also as a practitioner who wants easy access to patient information.
“Using Electronic Medical Records (EMR), healthcare professionals can now see patients at any point, from anywhere. It allows us to do better what we’re trained to do – treat our patients. But at the same time, you don’t know who else gets to look at the data,” he describes.
Sharing his thoughts, SingHealth’s Deputy Director of Nursing Informatics Yap Soon Ghee said, “Yes, it’s all about our patients. Easy access is great, but when I put on my informatics cap, it’s a completely different picture. I can be walking around the ward, logging off computers that errant colleagues have left on.”
Soon Ghee’s experience surfaces a harsh reality – easy access comes with a high price. Compromised patient data can lead to many lost man hours tracing and handling the crisis that might come as a result. As panel moderator Group Chief Information Officer Benedict Tan reminded, Facebook bought popular messaging system Whatsapp for US$19 billion.
“All the information will be mined, studied and used. That is the price of data.”
Microsoft Asia Chief Security Officer Pierre Noel thinks the healthcare industry should take a step back and look at what really matters. When compared to industries like defence, where data security is more important than a human life, hospitals will be better off looking at ease of use. Not to say he is against any form of protection. “People should always think twice, and always be suspicious. The job of a good cyber security team is to keep security at top of mind among staff,” he said. With everyone playing their part in cyber security, Director of the Legal Clinic Kuah Boon Theng would be most relieved. “There will always be a bias towards care providers, and the patients tolerate a certain level of security lapse because they are in need of care,” she shares.
“But the sense of gratitude will fade, and when that time comes they may not be so forgiving to see medical data being compromised.”
In the middle of the confidentiality-ease of use struggle are the system users. Prof Loo adds aptly that “we are not dealing with a homogenous group” and that much effort needs to go into providing access while practicing control. The EMR is a system built to do our work, but at the heart of it are our human emotions and habits. Therein lies the problem, and also the solution.