Written Testimony on Patient Privacy Considerations in Electronic Prescribing

National Committee on Vital & Health Statistics

Subcommittee on Privacy & Confidentiality

November 18, 2004

Alison Rein, MS Assistant Director, Food & Health Policy

National Consumers League

Good morning.  My name is Alison Rein, and I am the Assistant Director of Food and Health Policy for the National Consumers League.  I am here today to provide a patient-oriented perspective on the issue of privacy in the context of electronic prescribing.  I will begin my comments with an overview of NCL, briefly describe one of its ongoing initiatives regarding the patient role in electronic prescribing, and then consider the issues of data security and patient privacy.

Overview of the National Consumers League 
The National Consumers League is a private, nonprofit advocacy group that uses education, research, advocacy, investigation, publications, and public/private collaboration to accomplish its mission of representing consumer interests on marketplace and workplace issues.  Formed in 1899, we are the nation’s oldest consumer organization, committed to protecting, representing, and advancing the economic, social, and health interests of consumers.

For over 100 years, NCL has provided government, businesses, and other organizations with the consumer’s perspective on social concerns including child labor, privacy, food safety, and healthcare.  A natural extension of this mission is our recent initiation of the SOS Rx Coalition – a collaborative coalition dedicated to promoting outpatient medication safety, initially among seniors.

Overview of the Electronic Prescribing Project
SOS Rx has chosen to focus on initiatives aimed at promoting consumer actions and system changes that enhance the safe outpatient use of medications.  One emerging effort of the Coalition is the development of a campaign that seeks to educate consumers about the electronic prescribing concept, what it could mean (if implemented appropriately) to them in terms of patient safety and convenience, and how their enhanced understanding of electronic prescribing could facilitate more rapid adoption among providers.

This effort will represent a real shift from current approaches.  Instead of focusing efforts solely on physicians (through incentives, education, etc…) the attention is turned to the patient.  As more and more patients learn about the potential benefits of electronic prescribing, more and more physicians will be compelled to consider adoption of such technologies.

As we move forward with development of this campaign, NCL and some of its Coalition partners will call for provisions that address fundamental issues of data security and patient privacy.  If we truly want to engage patients as proponents of electronic prescribing, then we will need to create a system that is highly attuned to their needs, that does not create tension between patients and providers, and that inspires confidence in the integrity of all transactions.  We have a tremendous opportunity – and obligation – to provide patients with a system they can trust.

Data Security & Patient Privacy Considerations Moving Forward 
When I last presented testimony before the NCVHS Standards & Security subcommittee in May, I outlined some of the patient-focused criteria that would need to be met by any normative definition of electronic prescribing.  I mentioned such considerations as a system’s ability to support safe care, use nationally adopted technology and process standards, comply with best practices, provide patient access to information, enhance patient/provider communications, ensure portability across all systems, and maintain patient privacy and trust.  It is on this last point that I would like to focus my comments this morning.

I will begin by defining some key terms that are sometimes used interchangeably, but should be considered separately in this context.  These are: Security – broadly speaking the protection of data at rest or in transit, and Privacy – the freedom from unauthorized intrusion.   I will only touch on the issue of security momentarily, not because it lacks importance, but because I believe that others are far more qualified to recommend comprehensive data security strategies.  That said, I find it helpful to frame security issues as follows:

Data security fits fairly neatly into three buckets: technical, physical, and procedural. To achieve technical data security, one thinks of challenges with data authentication, data access/dissemination controls, and authorization control provisions.  As we think about the proliferation of electronic prescribing systems, I would encourage close scrutiny of emerging alternative technologies – such as voice over internet – before application in the electronic prescribing context.

In terms of physical security, issues of hardware and software controls, workspace and equipment access controls, and personnel training require attention.  Here, it is primarily the possibility of unauthorized access to prescribing hardware (provider PCs and PDAs) that causes concern.  However, the ever-increasing proliferation of computer viruses also has implications for data security and availability.

Procedural security establishes a formalized, systemic approach to securing data.  It establishes relationships based on trust, ownership of responsibility, and acknowledgement of liability.  Procedural security also poses a challenge, as it typically requires a significant level of coordination and commitment to implement and maintain in any institution.

The establishment of technical, physical, and procedural data security is a necessary condition for any electronic prescribing effort.  Without this foundation, it is impossible to achieve adequate patient privacy.  Assuming that this framework for electronic prescribing is established, patient privacy is possible, but not necessarily guaranteed.

Going back a bit, I would like to take a moment to further define patient privacy in the context of electronic prescribing.  The privacy we are trying to preserve is that of patient health information which, in this case, may consist of:

  • Information about prescriptions written in the past, present, or future for treatment of physical or mental health conditions of an individual,
  • Information regarding payment directly by – or on behalf of – the patient for the provision of prescription medications

Held static or transmitted in any medium, it is important that this information be kept confidential.

The HIPAA privacy rule takes critical steps in that direction by requiring that privacy and security be built in to the policies and practices of healthcare providers, health plans, and others involved in health care.  In some cases, the law makes adequate provisions for patient privacy in the context of electronic prescribing; in others, it does not.  In your efforts to advance electronic prescribing systems that ensure patient privacy, we strongly encourage the following:

  1. Educate patients about their rights and responsibilities, specifically in the context of electronic prescribing.
    • Patients should be informed of their right to obtain or restrict access to their own prescription information at any time.
    • Patients in all states should be able to request amendment or correction of inaccurate prescription information in a timely fashion.
  2. Inform patients (up front) of privacy policies, permissible data uses, and administrative requirements for data use authorization that are specific to electronic prescribing.
    • Patients should be provided with full disclosure about the system before their provider initiates an electronic prescription (first time only).
    • Patients should be informed of ALL possible ways in which their prescription data could be used, and should be able to opt in or out of various systems.  Here are some examples:
    • Patients should be informed that most data use requires authorization, which can be revoked or re-instated at the patient’s discretion.  The authorization for prescription medication use should be separate from the standard HIPPA form that patients sign in the provider office.
    • Patients should be informed that their prescription data could be used without authorization under certain limited circumstances (i.e., emergency treatment), and full disclosure of those circumstances should be provided.
    • At present, HIPPA allows health care providers and pharmacies to use individually identifiable information to engage in messaging that “educates” patients about health conditions, prescribed medications, alternative therapies, etc…The current rule does not provide an opt-out for patients who do not wish to receive this type of messaging – including those deemed as “non-marketing, health care communications.”  To ensure patient privacy, an opt-out option MUST be made available to patients who do not wish to receive this type of non-point of sale messaging (excluding information that must be provided by law).
    • Assuming that prescription data could be used for external research or marketing purposes, the default setting for this type of data sharing should be one of non-inclusion.  Patients should be informed about the nature of the system, and then given the choice to opt-in.
    • A patient’s decision to remain “outside” of these database structures must be permissible without penalty or impact on treatment.
  3. All communications to patients about their prescription privacy options should be provided in consumer-friendly, easy-to-read formats. 
    • Much of the current HIPPA information is too dense, too unclear, and too buried in other paper work to provide patients with any real sense of their role in controlling their health information.
  4. Require inter and intra-state consistency in data security and patient privacy standards.
    • Prescription data should not, under any circumstances, be subject to insufficient privacy standards when patients change jobs, change residency, or change health plans.
    • States and other institutions may enact stronger privacy protection rights than those required at the Federal level, but not weaker.

In addition to providing patients access to their electronic prescription information upon request, NCL believes that patient safety and adherence may be improved by providing patients with a monthly or quarterly verifiable paper trail of their prescriptions.  This information could be provided either via email or snail mail, and could be sent by the provider or pharmacist.  This process would provide value in multiple dimensions:

  1. It would serve as the basis for a patient-maintained, comprehensive list of prescription medications,
  2. It might prompt patients to be more adherent with their medication regimens, and
  3. It would prompt patients to review their prescription data for errors/inconsistencies.

As with all other prescription data uses described above, patients should be able to opt-out of having this information sent to their home or email.

Closing Thoughts
To guarantee patient privacy in all electronic prescribing transactions may not be possible.  However, given the likely consequences of not providing adequate security and privacy measures, every effort should be made to protect patient information.

Another dimension of importance is layered on this issue when we consider that our health care system seems to be moving in a “consumer-driven” direction.  Assuming personal responsibility for health care decisions requires improved access to relevant information, and the ability to control how that information is used.  Patients cannot, and should not be asked to participate in a decision-making process unless they have the relevant information at their disposal to do so.

Furthermore, movement in this direction requires implementation of a system that supports appropriate access, and authorization or denial of access – to patient data.  We hope that increased access to and control of their personal health data will empower patients to become more involved in their own health maintenance.  We know, however, that patients can only achieve this level of participation in the system if they have an expectation of trust.