Ethical Use of Electronic Health Record Data and Artificial Intelligence: Recommendations of the Primary Care Informatics Working Group of the International Medical Informatics Association.

OBJECTIVE: To create practical recommendations for the curation of routinely collected health data and artificial intelligence (AI) in primary care with a focus on ensuring their ethical use. METHODS: We defined data curation as the process of management of data throughout its lifecycle to ensure it can be used into the future. We used a literature review and Delphi exercises to capture insights from the Primary Care Informatics Working Group (PCIWG) of the International Medical Informatics Association (IMIA). RESULTS: We created six recommendations: (1) Ensure consent and formal process to govern access and sharing throughout the data life cycle; (2) Sustainable data creation/collection requires trust and permission; (3) Pay attention to Extract-Transform-Load (ETL) processes as they may have unrecognised risks; (4) Integrate data governance and data quality management to support clinical practice in integrated care systems; (5) Recognise the need for new processes to address the ethical issues arising from AI in primary care; (6) Apply an ethical framework mapped to the data life cycle, including an assessment of data quality to achieve effective data curation. CONCLUSIONS: The ethical use of data needs to be integrated within the curation process, hence running throughout the data lifecycle. Current information systems may not fully detect the risks associated with ETL and AI; they need careful scrutiny. With distributed integrated care systems where data are often used remote from documentation, harmonised data quality assessment, management, and governance is important. These recommendations should help maintain trust and connectedness in contemporary information systems and planned developments.

Electronic health records and protection of sensitive personal data in Brazil / Historiales médicos electrónicos y protección de datos personales sensibles en Brasil

On December 27, 2018, Law No. 13,787 was enacted in Brazil, regulating the electronic health record and establishing rules for its digitization and use. While already in force, the new Law refers to the General Data Protection Law - LGPD (Law No. 13,709 of August, 14, 2018, as amended by Law No. 13,853 of July 08, 2019), which will only come into effect in August 2020. In analyzing the documentary dimension of the right to health in the Brazilian regulation, this text proposes to analyze two issues: Could the electronic health record mean risk of leakage or misuse of patients' data in violation of their rights of personality? If the information is online, how could it be prevented from being accessed out of clinical objectives thus constituting a violation of the patient's personality rights?

El 27 de diciembre de 2018 se promulgó en Brasil la Ley Núm. 13.787, que regula la historia clínica electrónica y establece normas para su digitalización y uso. Si bien ya está vigente, la nueva Ley se refiere a la Ley General de Protección de Datos - LGPD (Ley Núm. 13.709 de 14 de agosto de 2018, modificada por la Ley Núm. 13.853 del 8 de julio de 2019), que sólo entrará en vigor en agosto de 2020. Al analizar la dimensión documental del derecho a la salud en la regulación brasileña, este trabajo propone analizar dos cuestiones: ¿Podría el historial médico electrónico significar un riesgo de uso indebido de los datos de los pacientes en violación de sus derechos de personalidad? Si la información está en línea, ¿cómo se puede evitar que se acceda a ella desde objetivos clínicos, lo que constituye una violación de los derechos de la personalidad del paciente?

Ethical aspects in the use of electronic medical records: analyzing who matters the most / Aspectos éticos no uso de registros médicos eletrônicos: analisando o que mais importa

Abstract Purpose: To investigate the patients' perspectives regarding the introduction of the electronic medical record into use in an ophthalmologic hospital and its impact on the doctor/patient relationship. Methods: The cross-sectional study analyzed the impact of the electronic medical record on the doctor-patient relationship based on the patients' opinions after electronic medical record implementation compared with use of traditional paper records. The same doctor attended all patients and completed questionnaires during patient interviews that analyzed empathy, punctuality, efficiency, information clarity, doctor cordiality, respect, trustworthiness, patient benefits from the technology, confidentiality, and humanized care. The inclusion criteria included age of 18 years or older, adequate cognition, previous treatment in the same institution by the same doctor using paper medical records and later the electronic medical record, and free and informed written patient consent. The exclusion criteria included age below 18 years, inadequate time to answer the questionnaire, first patient visit, doubtful interview responses, and first visit before 6 months after electronic medical record implementation. The data were analyzed descriptively by relative and absolute frequencies. A previous pilot study of 20 patients yielded 95% confidence intervals for the percentages of agreement for the electronic medical record questionnaire responses obtained and found that 160 patients was adequate for performing the study. Results: The patients reported that the electronic medical record had a positive impact on the doctor-patient relationship in all areas considered. Over 94% of patients responded affirmatively when questioned about their confidence in the confidentiality of their data, 38.3% noted changes in the doctor's concern for service and 68% agreed that clarity of the information provided by the doctor was greater with the electronic medical record. Conclusion: Based on the patients' perceptions, the EMR positively affected the doctor-patient relationship after the implementation of the technology in a private ophthalmologic hospital.

Resumo Objetivo: Investigar as perspectivas dos pacientes em relação à introdução do prontuário eletrônico em uso em um hospital oftalmológico e seu impacto na relação médico / paciente. Métodos: O estudo transversal analisou o impacto do prontuário eletrônico na relação médico-paciente com base na opinião dos pacientes após a implementação do prontuário eletrônico em comparação com o uso de registros tradicionais em papel. O mesmo médico atendeu a todos os pacientes e completou questionários com pacientes que analisaram empatia, pontualidade, eficiência, clareza da informação, cordialidade do médico, respeito, confiabilidade, benefícios para o paciente da tecnologia, confidencialidade e cuidado humanizado. Os critérios de inclusão incluíam idade de 18 anos ou mais, cognição adequada, tratamento prévio na mesma instituição pelo mesmo médico, usando registros médicos em papel e, posteriormente, o prontuário eletrônico e consentimento livre e esclarecido por escrito do paciente. Os critérios de exclusão incluíram, idade abaixo de 18 anos, tempo inadequado para responder ao questionário, primeira consulta do paciente, respostas duvidosas à entrevista e primeira visita antes de 6 meses após a implementação do prontuário eletrônico. Os dados foram analisados descritivamente por frequências relativas e absolutas. Um estudo piloto prévio de 20 pacientes forneceu intervalos de confiança de 95% para as porcentagens de concordância para as respostas do questionário de prontuário eletrônico obtido e constatou que 160 pacientes eram adequados para realizar o estudo. Resultados: Os pacientes relataram que o prontuário eletrônico teve impacto positivo na relação médico-paciente em todas as áreas consideradas. Mais de 94% dos pacientes responderam afirmativamente quando questionados sobre sua confiança na confidencialidade de seus dados, 38,3% observaram alterações na preocupação do médico com o serviço e 68% concordaram que a clareza das informações fornecidas pelo médico era maior com o prontuário eletrônico. Conclusão: As vantagens do prontuário eletrônico foram o rápido acesso à informação, clareza dos dados, recuperação rápida e organizada da informação e agilidade nos serviços.

Toward an accelerated adoption of data-driven findings in medicine : Research, skepticism, and the need to speed up public visibility of data-driven findings.

To accelerate the adoption of a new method with a high potential to replace or extend an existing, presumably less accurate, medical scoring system, evaluation should begin days after the new concept is presented publicly, not years or even decades later. Metaphorically speaking, as chameleons capable of quickly changing colors to help their bodies adjust to changes in temperature or light, health-care decision makers should be capable of more quickly evaluating new data-driven insights and tools and should integrate the highest performing ones into national and international care systems. Doing so is essential, because it will truly save the lives of many individuals.

Social Responsibility Practices of EHR Vendors: An Analysis of Disclosures in Annual Corporate Reports and Websites.

Socially desirable outcomes within healthcare IT depend not only on the ethical behavior of individuals, but also on the actions and policies of large corporations. It is therefore important to have public accountability mechanisms that can be applied to corporations. The Sustainability Accounting Standards Board (SASB) publishes standards for assessing corporate transparency around ethical issues of broad public interest. The SASB standards and methodology were used to assess disclosures in the annual shareholder reports and websites of the top EHR vendors. The results showed a very low rate of meaningful disclosure.

De pacientes, médicos e historias clínicas / On patients, physicians and medical records

No disponible

The Ethics of Cloud Computing.

Cloud computing is rapidly gaining traction in business. It offers businesses online services on demand (such as Gmail, iCloud and Salesforce) and allows them to cut costs on hardware and IT support. This is the first paper in business ethics dealing with this new technology. It analyzes the informational duties of hosting companies that own and operate cloud computing datacentres (e.g., Amazon). It considers the cloud services providers leasing 'space in the cloud' from hosting companies (e.g., Dropbox, Salesforce). And it examines the business and private 'clouders' using these services. The first part of the paper argues that hosting companies, services providers and clouders have mutual informational (epistemic) obligations to provide and seek information about relevant issues such as consumer privacy, reliability of services, data mining and data ownership. The concept of interlucency is developed as an epistemic virtue governing ethically effective communication. The second part considers potential forms of government restrictions on or proscriptions against the development and use of cloud computing technology. Referring to the concept of technology neutrality, it argues that interference with hosting companies and cloud services providers is hardly ever necessary or justified. It is argued, too, however, that businesses using cloud services (e.g., banks, law firms, hospitals etc. storing client data in the cloud) will have to follow rather more stringent regulations.

Building a Privacy, Ethics, and Data Access Framework for Real World Computerised Medical Record System Data: A Delphi Study. Contribution of the Primary Health Care Informatics Working Group.

BACKGROUND: Privacy, ethics, and data access issues pose significant challenges to the timely delivery of health research. Whilst the fundamental drivers to ensure that data access is ethical and satisfies privacy requirements are similar, they are often dealt with in varying ways by different approval processes. OBJECTIVE: To achieve a consensus across an international panel of health care and informatics professionals on an integrated set of privacy and ethics principles that could accelerate health data access in data-driven health research projects. METHOD: A three-round consensus development process was used. In round one, we developed a baseline framework for privacy, ethics, and data access based on a review of existing literature in the health, informatics, and policy domains. This was further developed using a two-round Delphi consensus building process involving 20 experts who were members of the International Medical Informatics Association (IMIA) and European Federation of Medical Informatics (EFMI) Primary Health Care Informatics Working Groups. To achieve consensus we required an extended Delphi process. RESULTS: The first round involved feedback on and development of the baseline framework. This consisted of four components: (1) ethical principles, (2) ethical guidance questions, (3) privacy and data access principles, and (4) privacy and data access guidance questions. Round two developed consensus in key areas of the revised framework, allowing the building of a newly, more detailed and descriptive framework. In the final round panel experts expressed their opinions, either as agreements or disagreements, on the ethics and privacy statements of the framework finding some of the previous round disagreements to be surprising in view of established ethical principles. CONCLUSION: This study develops a framework for an integrated approach to ethics and privacy. Privacy breech risk should not be considered in isolation but instead balanced by potential ethical benefit.

UK National Data Guardian for Health and Care's Review of Data Security: Trust, better security and opt-outs.

Sharing health and social care data is essential to the delivery of high quality health care as well as disease surveillance, public health, and for conducting research. However, these societal benefits may be constrained by privacy and data protection principles. Hence, societies are striving to find a balance between the two competing public interests. Whilst the spread of IT advancements in recent decades has increased the demand for an increased privacy and data protection in many ways health is a special case. UK are adopting guidelines, codes of conduct and regulatory instruments aimed to implement privacy principles into practical settings and enhance public trust. Accordingly, in 2015, the UK National Data Guardian (NDG) requested to conduct a further review of data protection, referred to as Caldicott 3.  The scope of this review is to strengthen data security standards and confidentiality. It also proposes a consent system based on an "opt-out" model rather than on "opt-in.Across Europe as well as internationally the privacy-health data sharing balance is not fixed.  In Europe enactment of the new EU Data Protection Regulation in 2016 constitute a major breakthrough, which is likely to have a profound effect on European countries and beyond.  In Australia and across North America different ways are being sought to balance out these twin requirements of a modern society - to preserve privacy alongside affording high quality health care for an ageing population.  Whilst in the UK privacy legal framework remains complex and fragmented into different layers of legislation, which may negatively impact on both the rights to privacy and health the UK is at the forefront in the uptake of international and EU privacy and data protection principles. And, if the privacy regime were reorganised in a more comprehensive manner, it could be used as a sound implementation model for other countries.

How bioethics principles can aid design of electronic health records to accommodate patient granular control.

Ethics should guide the design of electronic health records (EHR), and recognized principles of bioethics can play an important role. This approach was recently adopted by a team of informaticists who are designing and testing a system where patients exert granular control over who views their personal health information. While this method of building ethics in from the start of the design process has significant benefits, questions remain about how useful the application of bioethics principles can be in this process, especially when principles conflict. For instance, while the ethical principle of respect for autonomy supports a robust system of granular control, the principles of beneficence and nonmaleficence counsel restraint due to the danger of patients being harmed by restrictions on provider access to data. Conflict between principles has long been recognized by ethicists and has even motivated attacks on approaches that state and apply principles. In this paper, we show how using ethical principles can help in the design of EHRs by first explaining how ethical principles can and should be used generally, and then by discussing how attention to details in specific cases can show that the tension between principles is not as bad as it initially appeared. We conclude by suggesting ways in which the application of these (and other) principles can add value to the ongoing discussion of patient involvement in their health care. This is a new approach to linking principles to informatics design that we expect will stimulate further interest.

Surgical treatment of cleft lip / Tratamento operatório das fendas labiais

We performed a systematic review of the literature on the surgical treatment of cleft lip, emphasizing the prevalence, complications associated with the treatment and the points of disagreement between authors. We conducted a literature cross-sectional search that analyzed publications in books, articles and on the databases SciELO - Scientific Electronic Library Online, PubMed, of the National Center for Biotechnology Information. We conclude that: 1) the severity of the cleft will indicate the technique presenting more advantages; 2) the different approaches indicate that there is no consensus on the optimal technique; and 3) the surgeon experience contributes to choosing the best option.

Os autores realizaram uma revisão sistematizada da literatura sobre o tratamento operatório de fendas labiais enfatizando a prevalência, as complicações associadas ao tratamento e os pontos de divergência entre autores. Foi realizada pesquisa bibliográfica e transversal, que analisou publicações em livros, artigos e bases de dados SciELO - Scientific Electronic Library Online, PubMed do National Center for Biotechnology Information. Os autores concluem que a gravidade da fissura vai sugerir a técnica que apresenta mais vantagens e as diferentes condutas indicam que não há consenso sobre a técnica ideal e a experiência do cirurgião contribui para a escolha da melhor opção.

Protecting human health and security in digital Europe: how to deal with the "privacy paradox"?

This article is the result of an international research between law and ethics scholars from Universities in France and Switzerland, who have been closely collaborating with technical experts on the design and use of information and communication technologies in the fields of human health and security. The interdisciplinary approach is a unique feature and guarantees important new insights in the social, ethical and legal implications of these technologies for the individual and society as a whole. Its aim is to shed light on the tension between secrecy and transparency in the digital era. A special focus is put from the perspectives of psychology, medical ethics and European law on the contradiction between individuals' motivations for consented processing of personal data and their fears about unknown disclosure, transferal and sharing of personal data via information and communication technologies (named the "privacy paradox"). Potential benefits and harms for the individual and society resulting from the use of computers, mobile phones, the Internet and social media are being discussed. Furthermore, the authors point out the ethical and legal limitations inherent to the processing of personal data in a democratic society governed by the rule of law. Finally, they seek to demonstrate that the impact of information and communication technology use on the individuals' well-being, the latter being closely correlated with a high level of fundamental rights protection in Europe, is a promising feature of the socalled "e-democracy" as a new way to collectively attribute meaning to large-scale online actions, motivations and ideas.

Critical theory as an approach to the ethics of information security.

Information security can be of high moral value. It can equally be used for immoral purposes and have undesirable consequences. In this paper we suggest that critical theory can facilitate a better understanding of possible ethical issues and can provide support when finding ways of addressing them. The paper argues that critical theory has intrinsic links to ethics and that it is possible to identify concepts frequently used in critical theory to pinpoint ethical concerns. Using the example of UK electronic medical records the paper demonstrates that a critical lens can highlight issues that traditional ethical theories tend to overlook. These are often linked to collective issues such as social and organisational structures, which philosophical ethics with its typical focus on the individual does not tend to emphasise. The paper suggests that this insight can help in developing ways of researching and innovating responsibly in the area of information security.

Personal health information, privacy and surveillance: do we need a critical voice?

This paper argues that many expanding secondary uses of personal health information are moving beyond legitimate monitoring processes, to become surveillance practices used for purposes of controlling individuals and populations. The paper focuses on the academic discipline of health informatics as a key claim-making site for influencing understandings about uses of personal health information. Using a Foucauldian influenced analysis, it discusses the way discourses shape our attitude to expanding uses of personal health information. It argues that aspirational goals of the discipline discourage critical analyses, creating the potential for the health informatics community to support expanding use of personal information for activities that may result in discrimination, disadvantage.