INTRODUCTION
The confidential relationship between patients and their practitioners is the foundation of clinical practice and is predicated on trust. Both parties develop expectations about how information shared in the therapeutic setting will be used and protected. However, as contemporary clinical practice is rapidly evolving through the use of digital technologies, our understanding and assumptions around those expectations are being tested while their importance in protecting a trusting relationship is becoming paramount. We illustrate this in this editorial by exploring how the technology-driven evolution in practice increases the risks of information disclosure outside the confidential relationship by accident while directly enabling it with the support of legislation by design.
In the direct care setting, doctors and nurses are finding the use of smartphones and the apps that run on them particularly useful for providing care to their patients. They are also realising that this emerging practice poses risks to patient privacy and raises their concerns about the accidental disclosure of confidential information if it is not carefully governed.1 But the extent to which any concerns around accidental disclosure are affecting patients’ trust in the confidential relationship is not clear.
This issue becomes more pressing as we consider other digital (or eHealth) interventions, including electronic health record and advisory systems, which are also an important part of evolving practice and face their own governance challenges. Such interventions are targeted at practitioners as well as patients and the public to help them engage with managing their own care. They also enable the sharing of more information outside the doctor–patient relationship with researchers, commissioners, managers and policy makers,2 often for uses that may not have been envisaged by patient or practitioner when it was first shared and recorded in confidence.
But as information is more routinely shared electronically outside the confidential relationship, sometimes even without patient consent by design, another factor is emerging that is compounding the uncertainty around the effects of evolving practice on the confidential therapeutic relationship. It is becoming clearer that information governance legislation and strategy have been developed without regard for the expectations that form within that relationship.
There is frequently a mismatch between confidentiality as a driver for protecting the relationship between patients and their practitioners, and the focus of information law and governance on the protection of information itself. This can be illustrated with use of examples where the relationship of trust is being overlooked by the current governance approach to evolving practice and new uses of healthcare information.
We are unaware of the extent to which these issues are undermining trust in the confidential relationship and encouraging patients to withhold information from their practitioner, or indeed the practitioner from recording everything that they are told. We therefore propose a greater focus on understanding the relationship of trust and the expectations formed therein as a means to address these concerns.
UNDERSTANDING EXPECTATIONS: CARE.DATA
The need for understanding the expectations formed in a confidential relationship has been well illustrated by the recent experience of care.data an ambitious scheme to merge GP and hospital records across England with a view to licensing it to industry, in addition to supporting care and research purposes. The scheme provoked a professional and public outcry resulting in its temporary suspension.3,4 In response Carter et al suggested the notion of the social licence to better understand the reasons underlying the controversy. They helpfully frame the problem around the expectations and understanding of roles and duties of GPs, wider public expectations and issues of trust.5
To better understand the nature and basis of the expectations we must first fully acknowledge that they develop in the context of a relationship of trust which is founded mostly on confidentiality. We must then build on this in such a way that the development of information governance is firmly anchored in the soil of confidentiality.
RESEARCH AND COMMISSIONING: ROOTED IN CONFIDENTIALITY?
Do we inadvertently underplay confidentiality and under-represent patient and professional expectations when considering wider record access for commissioning or clinical research? In these contexts the problem is compounded by one of access to, and availability of, information. Researchers and commissioners must comply with statutory law which focuses on data protection and the need to de-identify information or seek consent. Yet anonymity cannot be guaranteed6 and the requirement for consent as enshrined in the Common Law Duty of Confidentiality may be set aside by statute.7 Confidentiality can be further protected by limiting disclosure outside of the care setting at the expense of data utility8 — but is that enough to protect the relationship and manage expectations?
Again, whereas confidentiality is the driver for protecting the relationship between doctor and patient at a human level, information governance acts as a driver for protecting data at the digital processing level. This results in a mismatch between the information protection needs and the expectations established when data are first captured inside a confidential relationship, placing the research and commissioning communities in an unenviable position.
PATIENT EMPOWERMENT…?
There is good reason to be excited about the potential of evolving practice. Along with their practitioners, some patients are themselves showing their enthusiasm to engage with the evolution of traditional healthcare practice by developing smartphone apps to help them monitor and manage their conditions, and organise data in a way that is useful for their practitioner.9
Smartphones and apps are being used to support, if not enable, a meaningful care relationship with practitioners, but such apps must be used in a way which fosters rather than threatens relational trust. Privacy advocates have identified issues with apps that have received NHS England approvals. They have raised concerns that the approvals process is insufficient and does not meet statutory requirements,10 and again, we do not know the extent to which these concerns are affecting trust in the confidential relationship.
But even these concerns focus on legal compliance and notions of privacy rather than on protecting trust in the confidential relationship and understanding patient and practitioner expectations that form therein. Honouring these expectations in a transparent way would seem to be vital as we try to govern the technology-driven evolution of practice.
GOVERNANCE: PEOPLE, RELATIONSHIPS, THEN INFORMATION
In an age of technology-supported care and information sharing, prioritising trust between patients and their practitioners has become more crucial. The ways in which patients engage with their healthcare teams and vice versa are changing rapidly, but the use of existing protections does not seem adequate to navigate this new landscape, nor to reassure the public as information is shared more widely.
As we encourage patients to become more involved and responsible for their health we must not do so in ways which risk undermining patients’ willingness to share their personal health information with anyone or exacerbate professional dilemmas for their practitioners. We should be mindful of the Royal Statistical Society findings of a ‘data trust deficit’ where people tend to trust organisations more than the way they use information about individuals.11
What indications this provides about people’s willingness to share in a healthcare relationship are unclear. What is clear is that patient confidentiality must be the basis on which any information governance strategies are founded. To do this successfully we must develop a better understanding of trust and expectations and encourage patient and professional engagement if we are to protect the people and relationships at the centre of evolving practice, rather than relying on an arsenal of information-focused regulation and a preoccupation with showing statutory compliance.
Notes
Provenance
Freely submitted; externally peer reviewed.
- © British Journal of General Practice 2016