Add to collection(s) Add to saved
  1. Social Science

Etiquettes of Information Sharing in Healthcare and -Research

advertisement 
Etiquettes of Information Sharing
in Healthcare and -Research
M. Hartswood, K. Ho, R. Procter, R. Slack, J. Ure and A. Voss
Social Informatics Cluster, School of Informatics,
University of Edinburgh
avoss@inf.ed.ac.uk
Secondary Use of Clinical Data
• eScience projects making routine, secondary use of
clinical data:
– National Translational Cancer Research Centre in Edinburgh
– Scottish Family Health Study
– NeuroGrid, etc.
• To replace and expand on existing research through new
IT infrastructures:
– Linking new kinds of data (genetic and proteomic volume data)
– Involving more people in trials and epidemiological studies.
– Translational research: linking practice, clinical research and
bench sciences
• Issue of Information Governance comes to the fore.
Information Governance
• What is new/specific about this kind of
eScience research?
– These projects will deal with personal,
sensitive information
– Needed for record linkage, long-term followup and study administration
– Consenting is crucial but does not solve
confidentiality issues
The Grid Works Fine…
• In ‘research land’ where data is usually:
– Anonymised
– In ‘the common’
– Kept and managed in designed-for-purpose,
state-of-the-art systems
– In an environment where a lot is possible
(even though not everything goes)
…but…
• As we enter the world of the NHS, we find:
– Personal, sensitive data (subject to DPA)
– Held in well protected islands of ownership
– Kept and managed in systems designed for
purposes other than research
– In a very restrictive environment where ‘very
little goes’
– NHS IM&T staff are not normally familiar with
Grid technologies
So…
• Need to establish recognised practices of
data sharing and to establish trust (in
systems used and between parties)
• Ways to relieve the tension between
requirements of information governance
and the aims of eScience
Etiquettes of Information Sharing
• Involve/are related to practical ethical action (Jirotka et
al. in press) as the two mutually elaborate each other.
• By etiquettes we mean members’ understanding of ‘how
things are properly done’, providing a reference for any
particular action taken.
• Referring to the formal rules is a notable exception
(whereas in the IT world it is more likely to be the unseen
routine)
• Taking practical ethical action is often a collaborative
endeavour
• These practical concerns are not replaced by Grid
technologies.
Examples
• From ethnographic studies of work in a
deliberate self harm ward and in a
community mental health team (as well as
an NHS guidance document).
• Illustrate the notion of etiquettes of
information sharing
• Relevance to eScience
• Specific issues in Clinical eScience
Research
Example I: Resources
• Use of space as a resource in realising confidentiality:
“It was noteworthy that the doctors’ room was treated as
an area ‘out of bounds’ to patients and patients’ relatives
– patients seeking to gain the attention of the team by
knocking on the door were invariably refused entry.
Particular attention was given to ensuring that the door
of the doctors’ room was closed during discussions
concerning patients and staff members neglectful of
closing the door were reminded of the importance of
this.”
Restrictions and Resources
• Closer coupling of policy with resources
when things get computerised
• Often through centralised control by IT and
HR departments
• Often results in ad-hoced practices that
are less secure or compromise
confidentiality
• Alternative: providing resources for the
work of protecting confidentiality.
Example II: Identity
• Identify enquirers, so that information is only shared with
the right people
Staff should check that any callers, by telephone or in
person, are who they say they are. There can be a
significant risk of harm to a patient through
impersonation by those seeking information improperly.
Seek official identification or check identity by calling
them back (using an independent source for the phone
number). Check also that they have a legitimate right to
have access to that information.
Confidentiality: NHS Code of Practice, Department of Health, Version 3.0, 28.7.2003
Identity
• Is the presentation of a valid Grid certificate enough to
establish the identity of a requester?
• Will it result in immediate release of data?
• Grid seems to assume ‘always on’ operation vs. requestresponse
• Data managers are not going to be experts in Grid
security and will not be able to spot a forged certificate.
• They will, however, have other competencies such as
knowing who usually requests what etc.
• Diverse ways of establishing identity and membership (a
nurse, a consultant, an epidemiologist)
• Even if not in routine use, these are necessary to seek
assurance in case of uncertainty
Example (III)
• The social worker explained that the he
maintained different two sets of records, paperbased ones, and brief details of his visits on the
Social Work system. He said that because any
social worker has the ability to look at the
electronic records he would record more
sensitive information in the paper record, giving
the example of a diagnosis of schizophrenia as
one such example.
Understanding Implications
• Based on what people know about a system and
how data committed to it may be used, people
make decisions about what to commit to the
system.
• Use of the system and its affordances as a
resource for ensuring confidentiality.
• Implications for the use of the data (especially
the secondary use)
• Grid systems make the user’s task more
complicated and there will need to be support to
remedy this.
Training
Data Governance in Research
• Caldicott guardians in universities?
• Working out practical guidance, e.g.,
–
–
–
–
Budgeting for security: e.g., to create separate space
Make arrangements and implications visible
Locking computers, configuring them to auto-lock
Portable machines and work from home, e.g., “carry
in a bag or rucksack”
– Backups: keeping sensitive data separate
– Ensuring no personal sensitive data is included in
presentations
Confidentiality Issues in Clinical
eScience Research
• Some examples we have come across:
– Feeding results back to persons and to healthcare
services
– Familial links: cases as gatekeepers to their relatives
and their data
– GPs as gatekeepers to potential population controls
– Informed consent: do people understand how their
data may be used?
– Food Frequency Questionaires – importance of the
return address
– Recruitment
Conclusions: Implications for
Design
• Some of the issues cannot be resolved
once and for all.
• Practical ethical action is an unavoidable
part of work.
• There are no non-functional requirements.
• Embedding, controlling rules vs. providing
resources to work in accordance with the
rules (in letter or spirit).
Related documents
Environmental eScience Applications Martin Dove and Stuart Ballard
Environmental eScience Applications Martin Dove and Stuart Ballard
Realising a broad vision of eScience
Realising a broad vision of eScience
There are conditions under which confidentiality may be breached. ... wanting to harm yourself or someone else, the experimenter will... LIMITS OF CONFIDENTIALITY
There are conditions under which confidentiality may be breached. ... wanting to harm yourself or someone else, the experimenter will... LIMITS OF CONFIDENTIALITY
Observation of Associate Teacher by Student Teacher
Observation of Associate Teacher by Student Teacher
Download
advertisement