It’s getting personal: computerised health records come of age

“Every human being is author of his own health or disease,” the Buddha said. Some 2,500 years later, technology is allowing patients to truly take control of their own well-being in what may be the biggest medical revolution in decades: the computerisation of personal health records (PHRs).

The healthcare information revolution involves both technological and cultural transformations. And making the leap from storing data on paper to keeping it electronically may be the easier adjustment of the two.

Though medicine is still decades behind other major spheres such as finance in embracing information technology, change is coming, says Bill Crounse, senior director for worldwide health at Microsoft. In some parts of Europe, such as the Netherlands and the UK, electronic health records are the norm for primary care practices. Secondary care has been slower to computerise records – partly because specialists don’t always work at desks. But 22 per cent of US hospitals now say they use electronic patient records across their organisations.

The more challenging transformation is cultural. The point of electronic records is to make accurate information available when and where it is needed, including to patients themselves. But many individuals worry that digital records which are made accessible to secondary healthcare professionals could be tapped by potential employers to discriminate between candidates, sold to drug companies for marketing purposes, or exposed to a wider public through hacking. Such concerns have slowed the development of networked electronic record systems – which share information with healthcare professionals beyond primary care – in several European countries, including Britain and France.

The arrival of online personal health records, such as Microsoft’s HealthVault has fuelled the debate. In 2008, the World Privacy Forum warned that the “existence of electronically available and centralized health information outside the traditional health care system will attract new users and create new risks”. Earlier this year, the British Medical Association, which represents clinicians, warned again: “There needs to be serious consideration of how to protect patients.”

Perception and reality

A particular worry in an age of social networking is that patients who share their personal records with an online support group will effectively lose control of that information. The association recommends that personal health records systems be adopted only if there has been a careful consideration of the risks.

The European Patients Forum says it is vital that patients and their representative organisations are appropriately consulted and involved in all stages of information technology developments “to ensure these solutions are effective, and geared towards the needs of patients”. 

Crounse, who is also a doctor, agrees, but says that many of the risks are a matter of perception rather than reality. He compares the position of online health records today with that of e-commerce in the 1990s. “People thought you were crazy doing things like Internet banking and buying things online, but in time people found that there were responsible parties out there providing an excellent service.”

He predicts that will be the experience with healthcare too. “Just because the [patient] record is electronic doesn’t mean it is more or less secure than it’s ever been,” Crounse says. He cites numerous examples of paper records going astray – without the audit trail created by electronic systems showing which pieces of data have been accessed, and by whom. “They are so much more secure than the chaos of paper.” Critics insist electronic records create a more attractive target for systematic attack, and that the certainty of being caught might not prevent, for example, an employee being coerced to give access to systems.

Cautious rollout

Governments and health care providers are struggling to address growing demands by consumers for control over their medical information. Crounse argues the way to tackle all the worrying scenarios is by responsible parties deploying systems with robust governance, good technology – and a mature understanding of what is at stake. “People reach a point where they understand that there is always some risk but that the benefit outweighs any small risk,” he says. 

Where electronic medical records have been installed, he says, the objections are more about cost and disruption to workflow, coupled with generational differences in attitudes to computers.

So far, Microsoft has been cautious in rolling out its personal health record technology. Outside North America, HealthVault is available only in Germany, the UK and one Chinese province, and always in cooperation with reputable local partners. “We have been very deliberate and prospective about governance arrangements before launching the systems,” Crounse says. 

Microsoft is also investing in advanced security technology. One example is last year’s acquisition of US-based Sentillion, a leader in systems for managing the identities of users of clinical information systems. Microsoft’s goal is to give health care professionals new insight about patients in real time and enable them to perform the appropriate tasks with unprecedented speed. At the same time, the technology will simplify the workflow of clinicians, allowing them to spend less time navigating different IT systems and more time with patients.

Crounse sees two overarching trends in the future of health care – the need to control costs and the commoditisation of medical technology, allowing more treatments to take place at home. The information revolution will promote both. The Buddha would approve. 

This article was first published in Microsoft’s Futures Magazine.

Related content