If there were a national health care information network, medical errors resulting from lack of data sharing would be drastically reduced. Unfortunately, there are many barriers to the secure exchange of electronic medical records, the most basic of which is the lack of a consistent way to identify each patient. For privacy reasons, it's unlikely that we in the U.S. will have a national health identifier in the next decade. Recent privacy spills at ChoicePoint, DSW and Ameritrade highlight the risks of maintaining a national health identifier that could be used with other identifiers, such as Social Security numbers, to link medical, banking and employment records.
A better way to interconnect health care is to leave all the data, without a national identifier, where it lives today in doctors' offices, hospitals, labs and pharmacies, but connect it with the kind of decentralized, federated but coordinated architecture that drives the Web. When you want to buy a book from Amazon.com, it's unlikely that you type the IP address, http://207.171.175.29. Instead, you type www.amazon.com, and the Internet's Domain Name System connects you to the right Web server.
Imagine a DNS for patients that functions in a similar way. When a patient consented for his identity to be recorded, his name, sex, date of birth, ZIP code and medical record number (but not clinical information) would be securely transmitted to a medical-grade patient DNS. A clinician needing access to medical records could, with the patient's consent, query the DNS by providing demographic information and then obtain a list of the institutions the patient had visited as well as his medical record numbers. He wouldn't have to know the numbers - the rough equivalent of Amazon's IP address -- ahead of time.
In the short term, this patient DNS would provide the clinician with enough information to contact other institutions that have treated the patient and request medical records via fax or phone. Over the next few years, as hospitals set data-exchange standards and clinician offices implement interoperable electronic health records, this patient DNS would provide a framework for linking electronic health data.
Groups in Massachusetts, Indiana and California are piloting a patient DNS this summer as part of a common framework to exchange medical records, with funding from the Markle Foundation's Connecting for Health Project (http://connectingforhealth.org) and the Robert Wood Johnson Foundation. The technical architecture is built upon Web services, secure gateways and the WS-Security standard. The pilot implementation is called the Record Locator Service.
The privacy and security policies that protect patient confidentiality, ensure consent and provide auditing of the lookup process are much more challenging than the technology itself. This summer's pilot will engage patients, privacy experts, attorneys, clinicians, employers and payers to develop these policies and oversee the project.
With a secure patient DNS, we can interconnect health care in this country, saving lives, reducing costs and bringing health care to the same level of interoperability that has revolutionized industries such as financial services, airlines and manufacturing.
Autor: John D. Halamka
Quelle: Computerworld, 30.05.2005
