This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
4. - Past mHealth Summit coverage: Read more in this section
- All hospital staff should be aware of mobile device security
- Handling of patient data via smartphones creating confusion
- Consumers intrigued by gadgets, healthcare pros concerned with policy
Explore other sections in this guide:
Mobile health tools, both consumer-facing and ones used by physicians, are contributing to the creation of more data related to patients' health than ever before. But this raises the question of who owns that data, and what kind of rights different parties have to access information. Attendees at the mHealth Summit 2012 had very different ideas about health data ownership.
The Health Insurance Portability and Accountability Act (HIPAA) and meaningful use rules state patients have a right to access their records. While physicians may hold the data, they cannot deny patients who ask to see it.
In a town hall session at the summit, members of the Office of the National Coordinator for Health IT (ONC) discussed data ownership issues related to the agency's Blue Button initiatives. The consumer engagement members of the office are encouraging more data holders to implement Blue Button functionality, which would allow patients to download their medical data.
I do believe there is some form of joint ownership of that data, and that while we must provide on-demand access to patients when they ask for it, health care systems also have some right to that jointly created data.
project specialist, Partners Healthcare's Center for Connected Health
According to Lygeia Ricciardi, acting director of the Office of Consumer eHealth at the ONC, once patients, providers and payers can all easily download medical records, the question of data ownership becomes less important. Rather than thinking about who owns the data, people should think about who has a right to download a copy.
"I'm not sure 'own' is quite the right for it in a digital world," Ricciardi said.
Echoing these comments, Damon Davis, a special assistant in the Office of Consumer eHealth, said patients "walk around" with their data all the time by virtue of the fact that they know how they feel and whether medications, diet or exercise regimens are working. When it comes to digital data, it's up to the patient to demand access to it.
"Doctors are more like data holders, not owners," he said. "We should be in this together. The true idea is that you have a right to your data; you should go get it; you should feel justified."
But the right to access data is not the same thing as ownership of that data, said James Gaston, senior director of clinical and business intelligence at Chicago-based HIMSS Analytics. He told SearchHealthIT that patients are actually relatively restricted in control over their health data.
For example, he said a patient could not instruct an insurance company to delete all information relating to him or her. Furthermore, while there are laws in place restricting what organizations can do with patient data -- they cannot sell identifiable patient information, for example -- the patient has few controls over how their data is used.
"Health care data is owned within an organization, but they're under mandate by law to give patients access," Gaston said.
Gaston added that clearly defining data ownership issues will become important as the industry continues its move toward mobile devices, as this technology demands significant privacy and security.
But health data ownership may not be such a clear-cut situation. Rob Havasy, project specialist and operations manager at Partners Healthcare's Center for Connected Health, told SearchHealthIT he feels there are several types of patient data that health care organizations collect and create, some of which the organization has as much right to ownership as the patient, or more.
He breaks down health data maintained by providers into three categories. First, there is data totally supplied by the patient, which may include information from patients' own blood glucose tests or personal health monitors. Then there is data created jointly. This may be information from a blood test done in the office or a treatment administered. The third category includes data created entirely by the provider, which may include doctors' notes and opinions. In each of these cases, the question of ownership involves different considerations.
"Patients clearly have an ownership stake and can do with that data as they please," Havasy said. "But I do believe there is some form of joint ownership of that data, and that while we must provide on-demand access to patients when they ask for it, health care systems also have some right to that jointly created data."
In some cases, it could even be detrimental to health care organizations for patients to have total data ownership rights. Havasy said treating a patient involves a business component, and a certain amount of data must be retained by the provider for purely business reasons.
David Muntz, principal deputy national coordinator at the ONC, said in a panel discussion that figuring out the answers to these data ownership questions could eventually have an impact on how care is delivered.
"If the patient owns the data, what does that mean for the patient?" Muntz said. He believes ownership could influence the kinds of discussions patients are able to have with their providers and the degree to which care delivery is centered on the patient.