Anger Over EU Medical Data-Sharing

ukhackster writes "A row is brewing in Europe over plans to make medical records available across the EU. The scheme calls for interoperability between health systems in 22 different countries. Experts are predicting that security problems could expose confidential patient records, with one calling the affair 'a colossal waste of money and energy.' This 'e-Health' initiative reflects similar projects in the United States, and raises many of the same issues discussed here. The article makes it clear that many important issues, such as security, privacy, and the rights of patients, are still up in the air as the project moves forward. Could this be another huge IT project disaster on the horizon?"

Opting out

[blowdart]

For those of you/us in the UK there is the ability to opt-out of the central NHS records system currently being developed. This is probably a good thing if you don't want civil servants to have the ability to look at your medical records or if you don't want a 3rd party, private, company to process them (as happens now). Simply fill in the form on the site and it will generate a letter for you to post to your GP.

Re:Not an IT disaster, but a political disaster.

[cerberusss]

A simpler solution would be to agree on a standardized data format and data content for medical records. This alone would take years.

This already exists for many, many years. It's called HL7.

Re:Equal measures of paranoia and well-placed conc

[teh+kurisu]

It seems to be the larger projects that are more likely to fail. You're probably not aware of this due to our Anglo-centric media, but Scotland already has a national patient database up and running and has not had the problems that the NHS has faced south of the border. I suspect that this is largely due to the fact that it was run as a centralised project with a few partners, whereas in England there are a lot more patients and NHS trusts to deal with.

(I'm sure a lot of Scots are unaware that the system is successfully in place here... too often news that is not nationally relevant makes its way onto the national news, and shapes opinions in a way that undermines some of the good work that's being done. </rant>)

Scaling things up to a European level is going to be a nightmare, but I agree that it should be done. The whole idea of the EU is freedom of movement, and I don't want to feel less safe when I cross borders.

Re:alternative

[Da+Fokka]

In the Netherlands, about 60000 hospital admissions can be attributed to avoidable problems with medication (e.g. taking penicilin whilst being allergic to it). The information is there, it's just not accessible. Yes, this is a serieus problem and IT can make a difference. In different countries there are different approaches:
  - In the UK, all medical information will be put into one huge central database ('the Spine'). All pharmacists, phycisians and GPs can choose between about 4 programs, all government mandated. The project is suffering from huge delays, widespread criticism and is already considered a failure.
  - In Germany, all medical information will also be stored in a central database. Everyone will get a smartcard which will be needed to access this information. This will ensure patient control over their information.
  - In the Netherlands, the main idea is that the care provider will retain control over the patient data. A central directory will know the whereabouts of this information and serve as an information broker between Healthcare Information Systems. Eventually, all software will have to support certain interaction with this central directory. The interactions will be based on HL7v3, an international standard.

Since I am involved in implementing the dutch system, that's the one I know most about. I believe it's a good idea and a good compromise between availability of data and privacy. That being said, the system (called AORTA) does have some issues which will need to be resolved before widespreak adoption can take place.

Why people care about "big brother" healthcare

[Anonymous+Brave+Guy]

I don't get the whole "this is big brother" attitude about this at all.

Fair enough, but I suspect your position would be different if all your friends had found out something rather personal about you because the system leaked.

Perhaps medical issues shouldn't be regarded as embarrassing, but the fact is, for many people in today's society, they prefer not to share their ailments publicly. After all, if I told you I was HIV+, would your first reaction be "he's gay", "he sleeps around and has unsafe sex", "he's a drug abuser"? Or would it be "maybe he caught his arm on a used needle while giving life-saving first aid to a drug user"? Consider what most people's reactions might be, and the effect of the more common explanations on someone's reputation, and that'll explain why people keep things a secret. (For the avoidance of doubt, this is a hypothetical example.)

It's already a big system, which relies on the integrity of doctors and other health workers not to leak information. Generally, perhaps by their nature, this group are amongst the most ethically aware people in our society. But the bigger you make the system, the more scope there is for leaks. In cases like this, where privacy is clearly important, we should always question the need to pass data around more widely.

Fortunately for us, this will never fly in the UK. The medical profession has made is abundantly clear to government that it will not support even a UK-wide database on the suggested terms, with a high proportion of GPs stating that they would openly refuse to participate.

Just don't attempt to solve it all

[Fuzuli]

And you'll be successful. Really, the problem with these kind of national health information system projects (NHS being the most famous one) it that everybody loves giant projects. Giant in the sense of both scope and functional and technical complexity. The governments want to come up with a total change in healthcare which can be seen by everyone. The vendors are much more happy about this, since the bigger the project, the larger the profit from products, and especially consultancy.
The problem is healthcare is very, very complex. I have been in software industry for over 10 years now, and I have spent the last 6 in healthcare. It is a beast that no one has ever tamed. Doctors, nurses the overall process in many levels of healthcare service makes the whole thing a nightmare. And trying to plan and implement a solution for the whole thing in the national scale is very risky. We have over 30 hospitals running on our hospital information sytem in my company, and each one of these hospitals have very different needs. You may imagine that the basic requirements for medical systems will be common, but it is not. Add financial aspects to this, and everyting becomes such a mess.
Now talk to anyone in healthcare IT, and they'll tell you that you can't provide the potential benefits without standards. HL7 has been the most common messaging standard in healhtcare, but it is a huge beast with its own problems. You need electronic healthcare records if you want to provide, patient safety, decision support, accurate reporting etc.
Now sharing these is important for the patient and the doctor, but moreover, aggregating that data is important for the government. EU countries spend and average of 8% of their gnp on health, and for policy makers, data is necessary.
To overcome this complexity, governments should come up with incremental projects, each dealing with one important aspect at a time. FIRST: deal with electronic patient records based on standards. Use CDA, openEHR, CEN 13606, whatever. But first do this. Then when you have the ability to produce data in a standardized format in your healthcare institutions, work on messaging among them. The thing that no one seems to get is; each of the founding technologies of e-health has its own complexities and problems, and it becomes impossible to deal with them when you aim for super-high goals.
Just keep it simple, and you'll see that even the simple will be hard enough. Australia seems to be doing good in their national e-health strategy, and Finland is also successful. Before going for the whole EU, national systems should be built and tested.
No matter what the people in the industry say, governments always fail to grasp the complexity of these things.

HL7 isn't really that; OSHCA meeting May 2007

[midgley]

HL7 as is said nearby is not really for that, it is for passing laboriously specified messages about specific things, most usefully laboratory results. It also has rather a lot of exceptions, and a model of licensing and publishing which I personally think adds a great deal to its difficulties in becoming a spreading general standard.

OpenEHR produces the archetypes, a way of describing anything required for medicine and healthcare, and of providing inheritance and subclassing. This project which is hopeful-looking and based in Australia nowadays seems like a good approach to describing the information in ways that make it movable and computable.

I tend to favour a model where medical notes stay where they were made, and other nodes on the network ask questions about them, thus disclosing what information they are accessing, outside their own organisation. I also suspect that FLOSS (Free (Libre) or Open Source Software) implementation is a necessary but not of itself sufficient condition for any medium-scale success.

OSHCA, the Open Source Healthcare Alliance, meets in Kuala Lumpur in May this year, 8th to 11th. Several projects, and some consideration of how to get "there" from here will be reporting and discussed. The programme will be developed on http://www.oshca.org/ but give us time please, although the organisation's first meeting was 2000 we have had a fallow period and are getting back under way.

(I'm a member of the organising ctee for the meeting.