Patient Perspectives and Preferences for Consent in the Digital Health Context: State-of-the-art Literature Review.

BACKGROUND: The increasing integration of digital health tools into care may result in a greater flow of personal health information (PHI) between patients and providers. Although privacy legislation governs how entities may collect, use, or share PHI, such legislation has not kept pace with digital health innovations, resulting in a lack of guidance on implementing meaningful consent. Understanding patient perspectives when implementing meaningful consent is critical to ensure that it meets their needs. Consent for research in the context of digital health is limited. OBJECTIVE: This state-of-the-art review aimed to understand the current state of research as it relates to patient perspectives on digital health consent. Its objectives were to explore what is known about the patient perspective and experience with digital health consent and provide recommendations on designing and implementing digital health consent based on the findings. METHODS: A structured literature search was developed and deployed in 4 electronic databases-MEDLINE, IEEE Xplore, Scopus, and Web of Science-for articles published after January 2010. The initial literature search was conducted in March 2021 and updated in March 2022. Articles were eligible for inclusion if they discussed electronic consent or consent, focused on the patient perspective or preference, and were related to digital health or digital PHI. Data were extracted using an extraction template and analyzed using qualitative content analysis. RESULTS: In total, 75 articles were included for analysis. Most studies were published within the last 5 years (58/75, 77%) and conducted in a clinical care context (33/75, 44%) and in the United States (48/75, 64%). Most studies aimed to understand participants' willingness to share PHI (25/75, 33%) and participants' perceived usability and comprehension of an electronic consent notice (25/75, 33%). More than half (40/75, 53%) of the studies did not describe the type of consent model used. The broad open consent model was the most explored (11/75, 15%). Of the 75 studies, 68 (91%) found that participants were willing to provide consent; however, their consent behaviors and preferences were context-dependent. Common patient consent requirements included clear and digestible information detailing who can access PHI, for what purpose their PHI will be used, and how privacy will be ensured. CONCLUSIONS: There is growing interest in understanding the patient perspective on digital health consent in the context of providing clinical care. There is evidence suggesting that many patients are willing to consent for various purposes, especially when there is greater transparency on how the PHI is used and oversight mechanisms are in place. Providing this transparency is critical for fostering trust in digital health tools and the innovative uses of data to optimize health and system outcomes.

Ready or Not: Key Insights to Enabling Adolescents' Access to Their Personal Health Information.

Granting minors with online access to their personal health information (PHI) is a complex policy and implementation issue, requiring a balance of rapid changes in adolescent maturity and autonomy, adolescent need for privacy and confidentiality and care responsibilities of custodians and providers. There are currently no standard legislation or policies that enable access; however, most implementations use the age of majority or the mature minor doctrine as an approach - each with its own limitations. This paper highlights key legislative and implementation insights for organizations seeking to enable adolescents with online access to their PHI, calling for leadership to address this issue.

Foundations for Meaningful Consent in Canada's Digital Health Ecosystem: Retrospective Study.

BACKGROUND: Canadians are increasingly gaining web-based access to digital health services, and they expect to access their data from these services through a central patient access channel. Implementing data sharing between these services will require patient trust that is fostered through meaningful consent and consent management. Understanding user consent requirements and information needs is necessary for developing a trustworthy and transparent consent management system. OBJECTIVE: The objective of this study is to explore consent management preferences and information needs to support meaningful consent. METHODS: A secondary analysis of a national survey was conducted using a retrospective descriptive study design. The 2019 cross-sectional survey used a series of vignettes and consent scenarios to explore Canadians' privacy perspectives and preferences regarding consent management. Nonparametric tests and logistic regression analyses were conducted to identify the differences and associations between various factors. RESULTS: Of the 1017 total responses, 716 (70.4%) participants self-identified as potential users. Of the potential users, almost all (672/716, 93.8%) felt that the ability to control their data was important, whereas some (385/716, 53.8%) believed that an all or none control at the data source level was adequate. Most potential users preferred new data sources to be accessible by health care providers (546/716, 76.3%) and delegated parties (389/716, 54.3%) by default. Prior digital health use was associated with greater odds of granting default access when compared with no prior use, with the greatest odds of granting default access to digital health service providers (odds ratio 2.17, 95% CI 1.36-3.46). From a list of 9 information elements found in consent forms, potential users selected an average of 5.64 (SD 2.68) and 5.54 (SD 2.85) items to feel informed in consenting to data access by care partners and commercial digital health service providers, respectively. There was no significant difference in the number of items selected between the 2 scenarios (P>.05); however, there were significant differences (P<.05) in information types that were selected between the scenarios. CONCLUSIONS: A majority of survey participants reported that they would register and use a patient access channel and believed that the ability to control data access was important, especially as it pertains to access by those outside their care. These findings suggest that a broad all or none approach based on data source may be accepted; however, approximately one-fifth of potential users were unable to decide. Although vignettes were used to introduce the questions, this study showed that more context is required for potential users to make informed consent decisions. Understanding their information needs will be critical, as these needs vary with the use case, highlighting the importance of prioritizing and tailoring information to enable meaningful consent.

Meaningful Digital Consent in Canada: Recommendations from Pan-Canadian Consent Management Workshops.

The digital health landscape is rapidly evolving with regard to how society accesses and interacts with digital information and technologies. With a largely commercial marketplace, there are growing concerns that users are not fully informed about how their data are used. Canadian privacy legislation is currently undergoing modernization to improve the transparency of commercial information handling practices through the introduction of meaningful consent. This paper reports on workshops held across Canada, exploring the implications of meaningful consent in a digital health context. Recommendations focus on measures to promote transparency, improve digital literacy and foster public trust in digital health innovations.

Patient Privacy Perspectives on Health Information Exchange in a Mental Health Context: Qualitative Study.

BACKGROUND: The privacy of patients with mental health conditions is prominent in health information exchange (HIE) discussions, given that their potentially sensitive personal health information (PHI) may be electronically shared for various health care purposes. Currently, the patient privacy perspective in the mental health context is not well understood because of the paucity of in-depth patient privacy research; however, the evidence suggests that patient privacy perspectives are more nuanced than what has been assumed in the academic and health care community. OBJECTIVE: This study aimed to generate an understanding on how patients with mental health conditions feel about privacy in the context of HIE in Canada. This study also sought to identify the factors underpinning their privacy perspectives and explored how their perspectives influenced their attitudes toward HIE. METHODS: Semistructured interviews were conducted with patients at a Canadian academic hospital for addictions and mental health. Guided by the Antecedent-Privacy Concern-Outcome macro-model, interview transcripts underwent deductive and inductive thematic analyses. RESULTS: We interviewed 14 participants. Their privacy concerns varied, depending on the participant's privacy experiences and health care perceptions. Media reports of privacy breaches and hackers had little impact on participants' privacy concerns because of a fatalistic belief that privacy breaches are a reality in the digital age. Rather, direct observations and experiences with the mistreatment of PHI in health care settings caused concern. Decisions to trust others with PHI depended on past experiences with the individual (or institution) and health care needs. Participants had little knowledge of patient privacy rights and legislation but were willing to participate in HIE because of perceived individual and societal benefits. CONCLUSIONS: This study introduces evidence that patients with mental health conditions would support HIE. Participants were pragmatic, supporting HIE because they wanted the best care possible. They also understood that their PHI was critical in supporting the single-payer Canadian health care system. Participant health care experiences informed their privacy perspectives, trust, and PHI sharing attitudes-all accentuating the importance of the patient experience in building trust in HIE. Their lack of knowledge about patient rights and PHI uses highlights the degree of trust they have in the health care system to protect their privacy. These findings suggest that the patient privacy discourse should extend beyond the oft-cited barrier of patient privacy concerns to include discussions about building trust, communicating the benefits of HIE, and improving patient experiences. Although our findings are in the Canadian context, this study highlights the importance of engaging patients in privacy policy discussions, regardless of jurisdiction, to ensure their nuanced perspectives are reflected in policy decisions on their PHI.

Understanding the patient privacy perspective on health information exchange: A systematic review.

BACKGROUND: Health information exchange (HIE), the ability for health information technology (HIT) to share patient data, can improve the efficiency and effectiveness of healthcare; however, this ability may cause patient concern about their ability to control who can access their health records (i.e., privacy). These concerns may affect a patient's candor in their therapeutic patient-provider relationships, thereby undermining their care. While patient privacy concerns are often cited as a barrier to HIT implementation, the patient privacy perspective is not well understood. The purpose of this systematic review is to provide an in-depth exploration of the patient privacy perspective toward HIE, its antecedents, and its outcomes. MATERIALS AND METHODS: A systematic review was conducted on seven health sciences and interdisciplinary databases. Empirical studies that assessed the patient perception of privacy in context of interoperable HIT were included. All included articles were independently screened, extracted, and analyzed by two reviewers. The results were extracted and categorized based on the dimensions outlined in the Antecedent Privacy Concern Outcomes macro-model (APCO). RESULTS: Of the 1713 unique citations, 59 articles met the inclusion criteria which consisted of 39 (66.1%) quantitative studies, 15 (25.4%) qualitative studies, and 5 (8.5%) mixed methods studies. Fourteen articles (23.7%) were specifically focused on understanding privacy. The patient privacy perspective was operationalized in different ways, with privacy concern being the most common measure (25.4%). The percentage of participants expressing privacy concern ranged from 15% to 74%, depending on the study. Perceived quality of care was associated with lower privacy concerns. Privacy concerns were associated with privacy protective behaviours; however, the perceived benefit of HIE may mitigate the effects of privacy concern. CONCLUSION: Using the APCO as a guide, this review found that the patient privacy perspective is dynamic, complex, and still not well understood. There may be an oversimplification of the patient privacy perspective and its impact given the paucity of privacy-focused research. The evidence suggests patient perceptions of healthcare and the value of HIE are important factors in mitigating privacy concerns and its effects. More in-depth privacy studies are required to further illuminate the nuances of the patient perspective and provide policy-makers with greater insights on the privacy barrier.

The eHealth Trust Model: A Patient Privacy Research Framework.

Patient privacy concerns are often cited as a barrier to health information exchange (HIE) implementations; however, the current understanding of patient perspective is limited due to a fragmented approach to patient privacy research. The limited evidence suggests that the patient privacy perspective is context-dependent and may involve benefit-risk tradeoffs. A standardized approach to the contextual factors would allow for more consistent assessment, providing a better understanding or explanation of the contextual factors influencing the patient privacy perspective and their attitudes towards HIE. This paper describes the development of the eHealth Trust Model-an evidence-based theory-grounded conceptual framework intended to guide future patient privacy research.