This invention relates generally to the field of transmission of medical records, and more particularly to a standing order database search system and method for such transmission having Internet and intranet application.
In a recent Harris poll, 85% of respondents said they believe protecting the confidentiality of medical records is “absolutely essential” or “very important” within healthcare reform. As this survey result suggests, people are concerned about the risks powerful, new information technologies could pose to their rights of privacy. In an ironic way, the inefficiencies of the past have served as something of a comfort—despite the fact that more than a quarter of Americans responding to a 1993 Harris poll said health information about them had been improperly disclosed in the past.
Reflecting the inadequacy of a technological solution to the issue, various leaders have sought a political resolution. In 1995, Senator Robert Bennett (R-Utah) introduced the so-called Medical Confidentiality Act of 1995. Although the legislation remains mired in debate, one thing has become clear from remarks made by both the staunch advocates for the legislation as well as its numerous dissenting voices, most of which feel that its protections are inadequate. This fact is that comprehensive protection must be devised to guarantee the confidentiality and integrity of computer-based patient records as well as the data networks to carry such information.
None of the prior technologies has been able to strike this balance between protecting confidentiality and facilitating the transfer of individual medical records. The San Jose Mercury News, a widely recognized online resource for Silicon Valley companies reported the following headline in its Mar. 4, 1997 edition: “The electronic privacy issue is shaping up as a major-league battle in the 105th Congress.” On Mar. 5, 1997, Wired Magazine reported in a story entitled “Panel Urges Medical Data Protection” as follows: “Right now, if your medical records are on a computerized database or are transmitted, you run the risk of having them seen by people you never dreamed would be perusing your health information.”
The deficiency in prior technology to deliver the combined benefit of adequate protection of confidentiality and support for an ubiquitous, easy-to-deploy and use, and cost-effective means for the transfer of medical records is perhaps best noted in the written and oral testimony before various Congressional committees debating privacy legislation.
During his Jan. 13, 1997 opening remarks before the National Committee on Vital Health Statistics, Subcommittee on Privacy and Confidentiality, Dr. Robert Gellman, a privacy and information policy consultant in Washington and the subcommittee chair stated: “We intend to cover the full range of fair information practices issues, including patient's rights, limits on use and disclosure of information, health identification numbers, pre-emption of state laws and privacy-enhancing technologies when available, sometimes known as PETs—privacy-enhancing technologies.”
The subcommittee's first witness, Dr. David Korn, Professor of Pathology, and immediate past Vice President of Stanford University, Dean of the Stanford Medical School and a distinguished scholar in residence at the AAMC, stated: “The difficult challenge before this committee is to find a point of balance that will enable to us to enhance the security of confidential medical information and reduce the probability of its misuse, without substantially impairing the access and communication that are essential to the effective delivery of medical care, the efficient functioning of the health care delivery system and the pace of biomedical and health services research.” Dr. Korn concluded his remarks by stating, in part, “[G]iven the requirements for access and communication in the real worlds of medical care and biomedical research, such levels of security in my judgment are fanciful.”
On Feb. 3, 1997, David L. Larsen, Director of Health Care Services at Salt Lake City-based Intermountain Health Care (IHC), testified on behalf of the American Association of Health Plans (AAHP) which represents 1,000 HMOs, PPOs, and similar network plans providing care to over 120 million Americans. In his testimony, Mr. Larsen stated: “AAHP supports this Committee's efforts to protect against the unauthorized and inappropriate use of patient information while at the same time facilitate the coordination and delivery of high quality, network-based health care. It is important that your recommendations recognize the special needs of integrated delivery systems.
“In order to manage and improve the health outcomes of the population we insure, we must be able to share information among IHC corporate entities—our physicians, hospitals, and health plans. IHC has developed electronic medical records and common databases to facilitate this communication. Preventing the creation of these common databases, limiting the type of data which can be shared within the IHC integrated delivery system, or requiring a patient's authorization for each and every transaction and transfer of data, would severely limit IHC's ability to measure and improve the health outcomes of our enrollees.”
Robert B. Burleigh, President of Brandywine Healthcare Services and Consultant to the Board of Directors of the International Billing Association (IBA), the only trade association representing third party medical billing companies, also testified before the National Committee on Vital and Health Statistics Subcommittee on Privacy and Confidentiality on Feb. 3, 1997. In his testimony, Mr. Burleigh stated: “[Section 111 (d) of the proposed legislation] provides that a ‘health information trustee may disclose protected health information only if the recipient has been notified that the information is protected health information . . . ’ In the normal course of business today, the technical means of notifying a recipient of (proposed) protected health information, prior to, or concurrently with, disclosure does not exist.”
Mr. Burleigh concluded his testimony with the following warning: “We are concerned that an unintended result of this proposed legislation would be the decision by providers to discontinue accepting insurance coverage in order to avoid the burdensome (in their view) new duties of securing informed consents, providing disclosures, maintaining new disclosure logs and related records, and other proposed responsibilities.”
On February 18, Lauren Dame, staff attorney at Public Citizen's Health Research Group, a non-profit organization founded in 1971 by Ralph Nader and Dr. Sidney Wolfe, testified before the committee. In her prepared remarks, Ms. Dame stated: “As medical records are computerized and there is increased disclosure of sensitive medical information—as we believe there will be—many of the problems consumers face today will be exacerbated unless strong privacy protections are included in any regulations developed . . . [P]rivacy for medical information is an important value in and of itself. People feel very strongly that they should have control over the dissemination of what amounts to highly intimate and private information about themselves.
“[W]e believe that any effort to regulate the use and development of computerized patient medical records should begin with the proposition that . . . personally identifiable patient information should not be disclosed without the informed consent of the patient. (And, by “informed consent”, I do not mean the kinds of blanket consent or release forms patients currently are forced to sign in order to obtain health insurance, which basically give the insurers the right to collect any medical information they want, and to do with it what they will.)”
Ms. Dame concluded her remarks with this statement which indicates the solutions have yet to be devised: “[Y]ou have heard from insurers, providers, and processors of data, and no doubt most of them have painted glowing pictures of the great increases in efficiency and cost savings associated with computerizing medical records and with limiting privacy protections. While in some areas, the interests of all of us might be accommodated, often you will be faced with some hard choices . . . In making your recommendations to the Secretary, I urge you to err on the side of protecting the privacy and confidentiality of personally-identifiable medical information. As a society, we can always modify regulations to increase data exchange if experience shows us that we can safely do so. But privacy, once lost, cannot be recaptured.”
On Feb. 19, 1997, Dr. Denise Nagel, a physician, instructor at Harvard Medical School and co-founder of the National Coalition for Patient Rights, an organization whose mission is to protect and preserve privacy and confidentiality in medical care, testified for that organization and on behalf of the American Psychoanalytic Association and the Association of American Physicians and Surgeons. During her testimony, Dr. Nagel quoted the 1996 Time/CNN poll which “found that 87% of Americans believed that ‘laws should be passed that prohibit health care organizations from giving out medical information without first obtaining the patient's permission.’” and commented that “the same percentage of people in a 1993 Louis Harris poll trusted their own providers but most (71%) believed that ‘if privacy is to be preserved, the use of computers must be sharply restricted in the future.’” Dr. Nagel stated her opinion: “Rules that conform to these views would require consent for placing personal information in a computer system and consent for the disclosure of identified information, except in rare circumstances.”
Merging these two fiercely advocated perspectives—efficiency of a system for delivering records and informed consent—into a single system is one of the essential missing features of the prior art.