A Declaration of Health Data Rights: Can't argue with it, but it's only a first step
I'm joining the party a day or two late, and am supporting:
In an era when technology allows personal health information to be more easily stored, updated, accessed and exchanged, the following rights should be self-evident and inalienable. We the people:
Upon reflection, I realized that not everyone -- whether in Massachusetts or elsewhere -- has the same ease of access, and while the declaration is sort of a no-brainer, it is important to put it out there, and I'm happy to join the folks who got this thing going, including Adam Bosworth, David Kibbe, Jamie Heywood and Gilles Frydman (forgive me for leaving other names off this short list). I discussed the Declaration with Gilles Frydman, who agreed that it is just a first step, but a critically important one to take while the national dialogue is focused on electronic health records.
Additional steps down the path will have to include other common-sense guarantees that are already enacted into law here and there, including guarantees concerning the rights of patients to obtain test results through their physicians or otherwise, the ability of patients to correct errors in their records (so we don't have easily-accessible garbage), as well as easy access to interoperable electronic health records and non-tethered personal health records.
There are good reasons why some physician notes in some patient records should not be shared with patients or family members (a subject for another day), but this Declaration is focused on data -- not free-text notes -- so those notes would not be covered.
What other rights along these lines would you like to see guaranteed?
Update 6/27/09: Many supporters have signed onto the Declaration. One notable exception: Jen McCabe, who was in on some early drafts, but feels strongly that the darn thing doesn't go far enough. Jen has blogged about her thoughts on the subject and has laid out her own more comprehensive patients' healthcare information rights manifesto.
I agree with Jen's sense that the Declaration is a first step, a baby step, and that there's a lot farther to go. However, I see this first step less as a near-futile gesture, and more a real first step, a way to to get the conversation moving at a time when it can converge meaningfully with parallel conversations about implementation of ARRA / HITECH Act / Son of HIPAA provisions. As the old saying goes: A journey of 1,000 miles begins with one step.
Here's what I would like to see providers who are prepared to sign onto the Declaration do as a next step: Without waiting for government action, initiate a campaign to amend their HIPAA Notice of Privacy Practices (NPP) (perhaps now, perhaps as part of the NPP amendment that will have to be rolled out once the Son of HIPAA regs are finalized by next February) to incorporate into a standard form contract that binds the providers the next steps that Jen calls for now and that most, if not all endorsers of the Declaration would also agree are necessary and important. This simple, yet far-reaching step, would have a greater impact than an endorsement by a provider organization. These should include guarantees of the "common sense" rights articulated above as well as the following patient rights:
- The right to correct erroneous data -- and a mechanism for noting disagreements with clinicians
- The right to control access to data -- access for all purposes: care, payment, secondary use (including clinical research and marketing)
In the past, non-standard NPPs were drafted and distributed by patient advocacy groups for patients to use and add to their providers' NPP forms. However, patient-specific NPPs are unadministrable. In order for this to work, there needs to be adoption form the provider side, either as a result of new regulation, or as the result of a populist follow-on to the Declaration.
As I wrote above: Please join in; what other rights would you like to see guaranteed as part of the Declaration? What are your thoughts on this approach?