Health information in an information age

From NYC DOHMH website

From NYC DOHMH website

A colleague of mine presented an interesting bioethics issue for our lunch time seminar today. It was a discussion motivated by the New York City Department of Health’s recent initiative for diabetes prevention, which adds an amendment to the health code requiring laboratories to report results from a blood sugar test called A1C to the Dept of Health and Mental Hygiene*. High A1C corresponds to high blood sugar. Test results are entered into the A1C registry; medical providers will receive quarterly reports listing patients and their A1C level and patients with high A1C levels might be notified in the mail about the finding.

This initiative is striking in two ways. First, it collects and distributes patient health information without knowledge or consent from the patient. This isn’t necessarily new – a lot of health information is collected and used in the name of public health. Either the NYC DOH is casting diabetes prevention as a public health concern or it is setting a new precedent for the use of health information. Second, it circumvents the usual transmission of health information from provider to patient by sending the patient test results directly, and there’s a question whether it is ethical to send patients this information without the context that their health provider could give.

As part of the discussion, we looked at examples of an emerging grey area for patient health data. GoogleHealth, Microsoft HealthVault, and 23andMe are all services that collect information about a person’s health (or genetics) through that person’s consent, but they reserve the right to use that information for reasons they see fit, nominally research. There then becomes what looks increasingly to be a slippery slope. Medical providers at one end who are bound by HIPAA rules, public health activities, and at the other end, commercial companies who do not provide medical services but handle patient health data. How important are medical providers when you dispense health information? Should these companies be regulated by HIPAA (or some variation), i.e. is health information qualitatively different from other types of data? Is it ok for the government to monitor your health and distribute that information without your knowledge (especially in situations of low public health risk, at least to others)?

Obviously, we are moving towards more access and more information. But there seem to be many complex issues when health information is involved. Should it be treated differently?

* By the way, does anyone else think the term “mental hygiene” sounds dated?

2 Responses to Health information in an information age

  1. Paul says:

    Personally, I’m not a fan of my information being out of my control. It’s too easy for someone to dig through a dumpster, for a backup tape to be lost, or a laptop misplaced.

  2. shwu says:

    No one wants their information stolen or misplaced, but it’s almost impossible to do anything these days without giving some other entity control over your information. You give them control because you want their service/product, e.g. online banking, online shopping, medical services. Unless you have access to the technology, you can’t find out your genome unless you relinquish some control over the information to a company like 23andMe. For online banking, it’s expected and most people don’t hesitate, despite many breaches of security. But when it comes to health information, we haven’t gotten there yet, and I’m wondering if it’s only a matter of time. I guess my question is – is my health information different from, say, my online banking information? Why is it perfectly ok for people to do credit checks on me using my financial information to determine risk and define terms of loans but insurance companies can’t do “medical checks” for the same purposes? I’m not saying I think they should be able to, but is the issue that health is considered an inalienable right but something like home ownership is not?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s