As concerns continue to mount over rising health care costs, many believe that patients must be more engaged in their own health care, assume an active role in the management of their care, and take greater responsibility for its cost and quality. Personal health records (PHRs) could support patient-self management and engagement, and electronic versions of PHRs would facilitate access to comprehensive health information as well as improve patient/physician communications. Moreover, patients are interested in having more information about their own health care.
There are primarily three categories of PHR services available today, those that are Internet-based, portable device-based, and token-based. Internet-based PHR services begin with a registration process that involves the user choosing a username and password. Through a web interface, users then complete information about their (or a family member's) health that is stored in a secure document maintained by the PHR company. Users can access that information (and/or authorize access by others such as emergency contacts, physicians, or emergency room departments) by logging-in and providing their password.
Portable device-based services comprise a second category of available PHR services. Several companies featured various types of digital memory portable devices containing one's health information that could be carried around on lanyards, key chains, watches, bracelets, pens, laser pointers, or on credit-card wallet CDs. The information is launched by “plugging” that device into a computer in a physician's office or an emergency room.
Token-based PHR services comprise a third category, typically implemented as smart cards. Despite interoperability concerns, smart cards and the like can be an economical way of exchanging medical information across organizations.
In the field of Internet-based PHR services, patients today have many choices when selecting a PHR system that meets their needs. Their healthcare providers, employers, or insurers may offer them a PHR at little or no cost. They can also select from a growing number of PHR vendors who offer either a software application or online service. An example of an open source PHR is the iHealth Record.
The iHealth Record was released in May 2005 by Medem. It was a joint venture of the American Medical Association (AMA) and other healthcare organizations. Key features include online consultations for patients paid for by health plans; email capabilities between doctors and their patients; and the inclusion of current medical conditions, medications, past surgeries, and allergies, as well as end-of-life directives.
It is generally considered insecure to put this type of information out on the Internet for everyone to see—and unfortunately that is the result of using the existing online PHR applications. They are often disguised as services that provide free storage for medical information, but privacy is not assured. In addition, the patient may as a result be the subject of spam emails or postal “junk” mail that is undesired.
Turning to portable device-based services, the E-Health KEY is a secure and portable PHR using universal serial bus (USB) flash drive technology. The E-Health KEY detects whether it is plugged into the “home” computer or into an unknown computer. If plugged into an unknown computer, the E-Health KEY assumes that it is being inserted into a computer of an emergency room (ER) or an ambulance. The application will immediately pull up and present only the critical medical information such as medical conditions, medications, allergies, etc., that the patient/member has previously authorized for broader disclosure.
The first time the E-Health KEY is connected to the home computer, its application installs a small interactive utility program that facilitates interaction with the Medic Alert membership database via the Internet, and offers users additional utilities as well.
It is important to note that the computers used by most medical and emergency personnel are firewalled or require administrative privileges in order to install any software. This means that in an emergency, products that require installation of proprietary software are not usable by those services, which may well slow down access to patients vital information by emergency personnel. Medic Alert also does not support any security measures such as encryption, password protection, or access control mechanisms, thereby leaving open the possibility of comprise of the stored data in the case that the device containing the data is lost or stolen.
Finally, with respect to token-based PHR services such as smart card-based PHR services, Mount Sinai Medical Center in New York City is working closely with Siemens to develop the Patient Health Card solution and began deploying smart cards as part of its 10-institution pilot program. The project was designed to demonstrate the benefits and value of smart cards locally and across organizations as a way to exchange medical information among disparate institutions. The network created with smart cards will allow facilities with varying information systems to share and exchange medical data in a secure and patient-controlled manner. The Health Smart Network will initially link nine hospitals and one community clinic using smart cards. The intent is to expand the network throughout the New York metropolitan area. The ambitious pilot program underway at Mount Sinai, where officials expect to roll out 100,000 cards, could change how doctors and hospitals view smart card technology.
In an open environment, where various entities from different administrative domains (e.g., hospitals, pharmacies, and insurance companies) exchange data, support of electronic data interchange (EDI) is mandatory. However, there are only some particular specifications that could be used in the medical sector, such as a physician letter, hospital-to-hospital documentation, etc. Many of these are intended for other business sectors. As a result, costly converters are needed, which poses problems for true interoperability. To make things worse, there are some basic data sets like electronic patient records that have yet to be standardized. Furthermore, the organization must decide on the nature of the information on a health care smart card. It has been proposed that a smart card merely serve as an access control device in drawing information from an on-line database, but this does not take full advantage of the capabilities of a smart card, and also raises additional transmission and privacy concerns.
The underlying technology to support smart card functionality has been in development for some time. A smart card is a device that includes an embedded integrated circuit chip (ICC) that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface. With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication) and interact intelligently with a smart card reader. Smart card technology today generally conforms to international standards (ISO/IEC 7816 and ISO/IEC 14443) and is available in a variety of form factors, including plastic cards, fobs, subscriber identification modules (SIMs) used in GSM mobile phones, and USB-based tokens. Smart cards are used in many applications worldwide, including secure identity applications (such as employee ID badges, citizen ID documents, electronic passports, driver's licenses, and online authentication devices); healthcare applications (such as citizen health ID cards, physician ID cards, and portable medical records cards); payment applications (such as contact and contactless credit/debit cards, and transit payment cards); and telecommunications applications (such as GSM SIMs and pay telephone payment cards).
One particular smart card technology that was recently developed to provide enhanced security features is Smart Enterprise Guardian (SEG), a product developed by Gemalto NV. SEG is a unique USB device based on industry standards that secures identity credentials and sensitive files with proven smart card technology incorporated with a flash drive storage mechanism in a single unit. It protects up to 2 GB of data on a USB drive and supports strong authentication, digital signature, and file encryption. It enables enterprises of all sizes to protect network access and confidential information; enhance productivity with easy to use security services and simple administration; make business transactions more efficient and safe; and optimize return on investment with a highly interoperable solution that leverages existing information technology infrastructure. This device is one of the first personal portable security devices (PPSD) that offers secure portable memory with advanced encryption standard (AES) 256-bit hardware-based encryption and strong authentication using public key infrastructure (PKI) services.
It may be seen from the above discussion that as the health care industry shifts more toward a more consumer-oriented focus, the desire for patients to have greater access to their PHRs grows. Personal health records offer many potential benefits, including quick access to information that could be a lifesaver in an emergency situation. But the technology is still evolving, and many challenges are yet to be worked out. Some of the chief challenges of the current PHR systems include interoperability, security requirements, privacy, and environmental barriers.
Currently, interoperability is limited in a number of ways. First, most PHR systems in use today are integrated with one provider's electronic health record (EHR) system, in effect serving as a portal view into the EHR. This provides tight integration between what the patient sees and what the provider sees. However, if EHR systems are not interoperable, the content would be primarily limited to what is stored in that provider's EHR.
Security is a continuing problem because, particularly with an Internet-based PHR system, multiple individuals, such as family members and caregivers, may view and contribute patient information. The security requirements of ensuring authentication and access control in this context thus represents a major challenge.
The privacy of health information stored on a stand-alone web site may not be as secure as data stored by a health care system, which must comply with privacy rules mandated by the federal government's Health Insurance Portability and Accountability Act (HIPAA), as well as its implementing regulations.
Finally, there are multiple environmental barriers to PHR implementation. Health information on each patient now generally resides in multiple locations. As a result, integrated PHRs must reach across organizational boundaries to interface with multiple EHR systems. The lack of ubiquitous EHR usage currently presents the greatest environmental barrier to such integrated PHR adoption. A related problem is that EHRs must not only exist in individual offices and hospitals but must also be able to communicate with PHRs. Economic and market forces are obstacles to PHR (and EHR) adoption. Many vendors offering stand-alone PHRs have not been financially successful; numerous products and companies are no longer in existence.
References mentioned in this background section are not admitted to be prior art with respect to the present invention.