How a data-first approach improves medical—and legal—functions

The Canadian health-care system is much like that of the United States. Both are migrating to electronic medical records systems. For patients, it means safer and more effective care. Health-care providers can get a holistic view of the patient in short order, while public and private health organizations can employ their resources more efficiently. This ultimately leads to better knowledge about populations and how to improve services.

The evolution of data collection and use comes with its own challenges, of course—particularly patient privacy. On the leading edge of that is Steven Tam, general legal counsel and chief privacy officer of Vancouver Coastal Health Authority (VCH). Tam needs to stay on top of the opportunities and threats in e-health, which compelled him to work collaboratively with his peers at other health-care organizations to wrestle with the benefits of data and concerns for confidentiality.

Data can help us maintain quality standards in the face of limited resources. We might root out where resources are used inefficiently and find better data to support research.”

Modern Counsel: Why is e-health an imperative in the Canadian health-care system now? Is it to benefit patient care or perhaps to provide broader information about health-care trends?

Steven Tam: It’s both. By creating one record per patient, we can share information across hospital boundaries to make better care decisions about the patient. We can subsequently analyze the aggregated data to look at ways to improve how we deliver care by capturing information electronically.

MC: Can you describe some of the tangible benefits of e-health?

ST: There are various ways in which it can work. It can reduce the need to repeat diagnostic tests because all information is available from one source, and it reduces communication errors through computerized physician order entry. We will also see better medication reconciliation, avoiding adverse drug events and allergic reactions. In the case where a person arrives in the emergency department at one hospital when they had a surgical procedure or other treatment at another, we can know what treatment was previously provided.

MC: E-health still sounds like a huge change for health-care staff.

ST: There will be an adjustment period when switching from paper to electronic records; however, it will eventually enable them to spend less time looking for required information or passing it along to others and more time focused on actual treatment and service delivery.

MC: What is the state of data collection and utilization in health care right now?

ST: It’s fragmented. For this reason we’ve launched the Clinical and Systems Transformation to replace many of our existing systems among three separate health organizations with a single system. (The other two organizations are Providence Health Care and the British Columbia Provincial Health Services Authority.)

MC: From a legal perspective, what are the biggest challenges of e-health and other new technologies?

ST: We are concerned about health authority obligations and liability for preventing unauthorized access, about securing large volumes of data, and compliance requirements around the storage of data inside Canada only.

MC: Why would data be stored outside of Canada?

ST: The current laws in British Columbia prohibit us from storing personally identifiable data outside of Canada, but many cloud-based services and other technologies, from basic communication tools to specialized health-care IT/data services, rely on data either being stored in or processed through computers over the Internet outside of Canada.

MC: It seems as if sharing health-related data across independent health-care organizations could be problematic. How do you manage that?

ST: I approach it holistically, attacking the problem at a system level. I worked with my peers at the other organizations to create something called the General Health Information Sharing Agreement (GHISA) to support these activities. GHISA establishes a common legal, policy, and governance framework for the sharing of health information within the public health-care system in British Columbia.

MC: Who is involved in GHISA and what exactly does it apply to?

ST: The parties to the agreement are the Ministry of Health and all six health authorities within the province. It documents participating parties’ intentions to share information that is reasonable, relevant, and necessary to deliver health-care services or in relation to health-care planning and other secondary uses of health information. It is limited to what is permitted under FIPPA (the Freedom of Information and Protection of Privacy Act) and other laws.

MC: What are the biggest challenges when balancing the use of data against the protection of patients’ privacy?

ST: In a very large organization with many historical existing practices, it’s essential to establish organizational-level information governance to bring more consistency to how policies are implemented and complied with.

MC: Information gathered by e-health systems can affect public health on a macro level. How might that play out?

ST: In a complex and diverse health-care world, it should enable standardization of how care is delivered. This can help us set and meet benchmark standards across different facilities. Canada also has an aging population, so data can help us maintain quality standards in the face of limited resources. We might root out where resources are used inefficiently and find better data to support research.