Transcript: Open Access to Health Records

fhi logo
the FHI editorial team

Nov 02, 2017 - reading time 25 mins

By the FHI editorial team


The Philips Future Health Index editorial team is always on the look-out for great content pieces that discuss the future of health, selecting the most interesting health-related stories for you to read.

By the FHI editorial teamClick here to read less

fhi logo mobile

To some, electronic medical records (EMRs) are a crucial part of enabling truly connected care, while to others their implementation is full of potential risks. 

Doctor and patient chat

This is a transcript of the first FHI podcast: Open access to healthcare records, yes or no?


Our host, health journalist Danny Buckland, is joined by two guests. Tessa Richards is a senior editor at the British Medical Journal, which advocates for open access to health records. Sam Smith is part of the independent organization medConfidential, which campaigns for confidentiality and consent in health and social care.


Danny Buckland: Welcome to the Philips Future Health Index Podcast, where today we are discussing the benefits of electronic medical records, the online versions of an individual’s medical history. They capitalize on advances in technology and data collection by providing the patient, and clinician, with an easily accessible record of such things as consultations, treatments, and continuing medication, with surveys reporting they help deliver better and more efficient healthcare. They are celebrated as an important tool for improving early diagnoses and contributing to more effective research into a range of disease conditions. But their presence, online, in computers or stored in data clouds has caused concern that the records are not secure and could fall prey to hackers, who have regularly breached governmental, banking, and even hospital firewalls. There is also further unease that this data could be sold to insurance companies or medical firms, and used as a commercial tool, rather than a force for good. I’m Danny Buckland, a health journalist, and I’m joined today by two experts in their fields to discuss the different pulse points on an issue that affects all of us. Tessa Richards, a senior editor from the respected British Medical Journal, which strongly advocates for open access to health records, and Sam Smith, of the independent patient campaign organisation, medConfidential, which believes medical confidentiality requires patients to know how their data is used.


Highly personal information, the essence of a relationship between patient and physician, will become a commodity, they fear, and lead to a breakdown in trust and do more harm than good. Thank you both for joining us today, and I’d like to start by asking Tessa; what are the main benefits for patients and their physicians of adopting electronic medical records (EMR)?


Tessa Richards: Well, thank you very much for asking me to join this morning, I’m Tessa Richards, at the BMJ I lead on the patient partnership strategy, and this is a major initiative that we’re pursuing to help promote a culture change within healthcare which sees a move to partnership with patients, a more truly collaborative and person-centred care. And I think that there is no doubt that levelling the information playing fields and giving patients full and timely access to their health records is a vital part of allowing them to be partners in care. To empower them, to help support them in heath literacy and to foster a really collaborative relationship with the clinicians that they meet. I think it’s also vital to help people to self-manage their conditions and take more responsibility for their health and overall health and wellbeing, because a lot of people now, as you know, live with chronic health conditions and it’s really important that they understand and are supported to manage that condition as well as possible in between very intermittent, short-lived hospital visits, where they often see people that they don’t know. And I think we also have to look very hard at the current status-quo; in common with all patients, I think I myself am familiar with a situation where fragmented records cause huge problems, not just the conditions of the patients, it’s very scary to go along to a clinic and someone says, “oh well your notes got lost or I haven’t got access to them or I’ve only got this letter and I haven’t got your more complicated twenty-year history, could you tell me what tablets you’re on…” and, you know, if you had them all on a memory stick, you could probably fill them in very quickly, or if you’d had a chance before you came in to see your own records you’d be really empowered to, as I say, act as a partner in care. I also think that another important element which perhaps isn’t dwelt on, is that there is a lot of error within the medical records at the moment, so not only are they fragmented and often incomplete at the point of care, but there are also errors in them which patients are very well able to correct.


Danny Buckland: Thank you Tessa, Sam it sounds like there is great progress to be made and great benefits to be had, but medConfidential’s website says: the statements about best intentions for the use of EMR are simply not good enough, and that patients will lose the trust in their doctors and decide that there are some things that it’s best to keep quiet about, and that is not a good situation is it?


Sam Smith: I agree with Tessa, patients should know how their data is used, and every data flow in and around the NHS should be consensual, safe and transparent, and what that means is that patients should be able to see what happens to their data, because the best way to know how your medical record will be used next month in whatever innovation comes, is to know how it was used last month. One of the problems is that this is a systemic problem with many institutions talking to other institutions, and those organisations don’t necessarily entirely trust every other organisation in the NHS to be perfect. And if that’s the standard that’s necessary, that standard will never be met. It’s also an unnecessary standard because patients knowing how their data is used gives every patient reassurance because they can look at a list and say this is who has looked at my record, and then see, well, nobody who shouldn’t have accessed it has, and the organisations that should have accessed it did, that gives reassurance on the integrity of the system.


Danny Buckland: Well Sam, it sounds like, again, there are many concerns about this, and Tessa I’ll throw this over to you – are we progressing a little bit too quickly on this, and what is the evidence that EMR actually works and does deliver patient benefits?


Tessa Richards: Well I think in terms of progressing quickly, it depends which country you’re talking about. In Estonia for example, where they were in a position where they pretty well invented their whole electronic system from scratch, where all people, everyone, has access with a smart card to their medical record, and they can see whose accessed their data and looked at it. And it seems to be working absolutely fine, that’s a whole country. In Sweden I think it’s at least 10% of all people have access to their records and in Canada now others have moved to do the same thing, and in the US the open notes movement, I think they’ve got around 19 million people signed up to that… It is globally happening. And I think a lot is being learnt about how best to do it, there is an accumulating body of evidence, which is published evidence, on the benefits it brings to patients, and, much perhaps to their surprise, also to clinicians. I think one of the nice examples is where the patients can be really geared up before a consultation to really understand their condition, what the test results show, they can help formulate the right questions at the right time, so they can make that interaction with their clinician count a whole lot more. And I think one of the most exciting things is, actually, the move which goes from open notes, so you can see them, our notes, which is what is happening in places like Sweden, where you now can input your own information in between clinic visits, and then you can interact, assuming your clinicians will do that, in between the visits and in one particular aspect of care, in the rheumatoid arthritis registry, patients can say: I doubled up my dose, I thought that was right, this is fine now, I don’t think I need to come and see you in three months’ time because everything is stable, and the doctor can write back and say, tremendous if you get into trouble, drop me an email… In other words, you know, disease doesn’t stop in between visits! It’s a much more sensible, grown-up way of doing things, sort of, manage your own condition and liaise with your doctors. I think what’s so interesting is that it’s even helping in areas of great sensitivity which is cancer care and mental health disorders, people felt, oh is there this sort of information, can patients handle it –


Sam Smith: I think it’s important to look at the examples Tessa gave, at the order in which they were successful. Taking the Estonia example, wherein, this all goes back to 1991, where the Soviet Union collapsed and they were left with nothing and they said, ok, what should we do here? And the way that they did it, which was for cultural reasons, they put the security and transparency in first and then built a system which would be useful. So they were building a system based off the Estonian identity card and the full infrastructure, but any institution that accesses your record or looks you up for any reason, you see. There are questions such as, who will access my notes, will there be a problem? Well if you have a full list with every time your notes have been accessed, which is impossible to remove entries from, no patient should be worried that there have been unauthorized access that they should know about, because they can look at the list and go, there have been no accesses that I don’t know about. Or if there is a problem and data is lost, or there is a cybersecurity incident, or their cat logs in on their behalf… They can look at it and go, well what happened there? And there is information from which they can ask the question. Because what we see in the NHS, and in all organisations, from the smallest GP to the US intelligence community, is occasionally you get people who go looking for stuff, from the nosey receptionist to Ed Snowden. And there are a dozen examples that affect only one GP that barely make the news and then there are examples that are still running from five years ago. What we see is people with human curiosity looking for something they shouldn’t and that’s what people are worried about.


Danny Buckland: Do you think, then, therefore, that the right that we’d all want, I think, with our medical records are achievable, or is it something that’s just too much to do?


Sam Smith: It is possible. Nothing we have talked about this morning is impossible, but one of the reasons for the dash to EMR is to do things that the management in hospitals want. And one of the things they want, but will never admit, is a quiet life, which means that if there was a choice between giving patients some information that would be annoying to the hospital, or not give them the information, they would probably choose not to give them the information, and that is an entirely rational decision for that hospital, and for that manager to say, I’m not going to tell them because it’ll be annoying. But if it’s at a systemic level, every institution making a small decision that’s ideal for that institution, it’s toxic to the agenda that we want to use medical records more, because there are benefits, as Tessa has outlined, to this. But it’s a case of, if patients were able to see how other organisations had accessed their record, then they could start to build trust in modern data sharing, but that also requires care providers to also trust each other and instead they just want the comfort blanket of secrecy.


Tessa Richards: I think that’s deeply worrying for patients, you know, information is power and I think, we will never achieve the cultural change we wish to have and see in healthcare, and have really collaborative care if we level don’t this information playing field, and I think that, you know, that patients have a right and a need for this, but I do actually think that we should look, perhaps touch on, how useful are the existing records at the moment, and I think that, one of the things that these global experiments, if you like, the global movement is showing us how best to implement opening the medical record to patients because, for example in the US, the notes are often incredibly confusing with all sorts of billing stuff and , you know, they’re a complete jumble because they were never written for the patient, they were written for lots of other things, for commercial interests and managerial interests as well as clinical interests. There is a job ahead to try and make notes more useful for patients to use, and that will almost certainly make them more useful for clinicians to use too.


Danny Buckland: I think there is an important element here, Tessa, about education and awareness, I think many of the public will have used their records but many will be confused and not able, or not seen any information that tells them how they can get better care, do you think that’s an important part?


Tessa Richards: Well I think in today’s world, actually, patients are extremely savvy. I’m a member of a patient community, I have a rare cancer, and eight years ago when I got it, there was no online community. Now there is an online community for this incredibly rare cancer which is well over a thousand, so when I go to a doctor who says, well I’ve never heard of this condition, I’ve never met anybody with it before and I’m not sure how to manage it, I can say: can I help you! Let me introduce you to my Facebook community where people are online exchanging information about the latest research, the significance of raised serum-calcium, for example, what does it mean, they’re coaching and continually supporting each other, they know which are the best experts in the field, they’re giving each other humane companionship and support over difficult periods. I am astonished at the knowledge within these communities that people are tapping into. Nothing gives you a better incentive than a medical problem in your child or yourself, it’s rather like people are remarkably savvy when it comes to finding the cheapest holiday or the best deal on a washing machine… Believe me, when you’re ill or someone you love is ill you can get wised up online pretty well, and there are trusted sources of information that you can turn to, to find out what is the significance of a raised this, that and the other. Of course it comes with a measure of uncertainty because in a lot of medicine, you know, there is a lot of uncertainty and sometimes that can be quite helpful to know too, about practice variation. You know, medicine is opening up and I think that is a good thing.


Danny Buckland: I think, Sam, you’d probably agree that it is a good thing, but we talked almost about the consumerisation of medicine now, we see big players coming into medicine and using the data and promoting what they would describe as better conditions, or better outcomes. Do you believe in that, or do you believe in it with the caveat that there needs to more control?


Sam Smith: I think it varies. There are undoubtedly some faults, and there are undoubtedly some life-saving innovations that are only possible because of this approach. And it comes down to what patients get told, and what information they have so they can make decisions, so there are cancer patients who put their entire medical history, every blood test, every result, on the website because they know they are probably going to die and it might help somebody else.


Tessa Richards: I absolutely agree, it’s absolutely fundamental and I’m interested to see that there are initiatives out there where there are new data platforms being set up, to which you can choose to give your data, like in Switzerland, My Data is a new platform and there’s Hugo, personal health records in the States. Because there’s so much data coming on stream now, we have a third situation where you can have a wearable and data is being collected off you, but you may have no right to see or access that data at all, and people are beginning to say well this is rather absurd, that may be zoomed straight off to some company who is going to profit from that data. You have a right to that data as you have to any other data, so there may be some argument in favour of data cooperatives, where patients can vote in and say yes I’m very happy for my data to be used for research, I’m less happy for it to go here and there and wherever. It’s interesting, Sam, you raised the point that people are almost overwhelmingly happy for data to be shared for research purposes, but they need to know that it’s happening, when it’s happening and what it’s for, and I think it’s great that, in the UK, the Welcome Trust has set up this new centre to promote understanding of the use of patient data, and they launched in April, and I think it’s a great initiative because clearly there needs to be wider debate about who is using your data, and why and what the benefits are.


Danny Buckland: Every frontier of medicine is fraught with problems and I think we are at a frontier now, and these are the discussions we need to have. So, Sam, how would you like to see it progress then? How would you like that confidence, and our ability to make great use of that technology, come about?


Sam Smith: So, commercial actors don’t really help themselves because if they can convince themselves and their funders that something is a good idea, then they think, everybody must think it’s a good idea, which it might be for the business and shareholders, but the patients might take a different view. And it’s when companies, and it’s usually companies, try to hide this from patients that you end up in a corner trying to explain to the public that you would never, ever sell medical records to insurance companies, the day before an insurance company pipes up with a report that says thank you for flogging them a bunch of records. Because the truth will always come out, so let’s look at the mess between Google DeepMind and the Royal Free Hospital London, which has 1.6 million people’s records, which were copied in secret. Now, they did this nice big press release that said, we’re going to build this app and it’s going to be wonderful to help kidney doctors, so if you’re at risk of having an acute kidney injury, it will help you. And it will. What they didn’t say is they copied five years of medical history of every patient who visited the hospital, because that would’ve raised the question, why are they getting that? And when it came out, they said it was for the direct care of those patients. Patients who would never have had a blood test, will never come back to the hospital and may no longer be alive, but they’re getting the data anyway. And, you know, they said it was systemic care, and they said it was not for research. And then there is a piece of paper that is a Google DeepMind application to the Health Research Authority to use AI to help detect acute kidney injury, which they’d filed seven months earlier when they said, in the subject field, that they want to feed the medical records to an AI. And in the application, because you have to say, well what is the research for and who will benefit, the scientific purposes of that application are redacted for commercial confidentiality and they will not release them. Now, Google sort of still hasn’t publically said categorically they didn’t feed it to an AI before the public, and then they realised the assurance they’d given the HRA that they would, and there are a bunch of things in that HRA approval that Google have now said aren’t true that they said originally were. But we’re now in a hole, and Google is in a hole, for which I actually see no way out, because they need to delete the data and start again. But what the company wants to do is not just help the NHS, they want to build a system that they can use to make money elsewhere, and I have no problem with companies making money helping patients, but it’s a case of, are you going to be honest about what you are doing? And if you’re not, and if you say one thing and do another, that’s what will get you stuck.


Danny Buckland: Tessa, is that an isolated case, or is that something that can be dealt with?


Tessa Richards: I think that Sam has raised a great example and I would say that Google has learnt a lot from this, and what it really illustrates is the basic fundamental premise that doing an initiative of any sort, in an attempt to improve care for patients, patients must be in the room. They have to be part of designing that project from the word go. They’ve got to understand the rationale for it and where you involve patients in co-producing an initiative it’s likely to be a lot more successful, and as a result, I mean, Google DeepMind has now set up a patient group, you know, better late than never, but let that be a lesson. So the point is that if it’s in the patient’s name, it must be with the patient and it’s going to make a much better enterprise and more effective and really perhaps deliver on the patient care because only if the patients can really understand, I think, where the ultimate value of the services lie that they access and use. They must have a say in that.


Danny Buckland: This empowerment is fantastic, isn’t it Sam, but you’d like it there with some rights enshrined so that the actual passion that patients have and the direction they can give care through technology is directed properly.


Sam Smith: So the biggest barrier to refusal here is, well what’s going to happen to my data? Is there a list of where your data has gone and how do you know that the system has worked? Because at the moment, the only thing most patients hear about how their data is used, is when something goes wrong. Whereas there are probably many, many other research projects that are a success, and you never hear about the ones that are fine and produce good work and produce good benefits, and it’s a case of there needs to be an informed conversation that’s not just about how it goes wrong but how it can go right, so you can actually say, and if there is secrecy, companies will try and sneak through the secrecy. Because if you have the option of telling a bunch of patients something that they’ll be unhappy about what we’re doing, or we’ll just tell nobody, every administrator will go, how about we tell nobody because that’s less work. The question is not should this be done for a patient, I should not make a decision for any other patient, I should know how my data is used and what my decisions are. And there are conversations and democratic engagements that say, well what does research mean in the NHS? There is a conversation, if you want to have that conversation then you can engage in it, but it’s a case of every patient should know how their data is used and what’s impacted. And that comes down to where it’s gone and what it’s used for, and explain to patients what they want to know. The Google DeepMind project would never have gone ahead if there was an expectation that patients would actually get to see what data they got and why, because somebody would’ve asked, well why are we giving them five years of everybody in the hospital to Google? And the question would have to have been answered, because you’re telling patients you just think those questions because somebody’s going to read it and ask. It’s like your bank statement, you get a bank statement every month showing what’s been spent on your credit card, you might not check it every month,  but you have trust that somebody’s going to check it and if there’s going to be widespread faults then somebody would notice. So you can get away with skipping it one month, and go, yeah that figure looks about right, that’s fine. And that trust in the system comes from there not being secrecy, if your bank statements could have secret transactions on it that you knew nothing about then you’d probably look for a new bank.


Danny Buckland: But trust is something that can be built, and I think with the evidence that Tessa has described already, and you talked about the future being here now, do you feel confident that, as the BMJ strongly advocates for openness, do you feel confident that we can progress and take into account all of the issues that Sam has raised today?


Tessa Richards: I absolutely think we can progress, we have progressed and I think it is vital that we progress. The clinical benefits are absolutely underestimated, the evidence is strong there, and I think it is a right. I think, for me, facing very difficult clinical decisions, patients on a daily basis, a lot of them really, almost don’t mind how and who is using their data, that is not their overriding concern. What really annoys them is when they go to a clinic and the doctor doesn’t have their notes, doesn’t know anything about them and neither do they, it’s simply not safe to carry on with the fragmented way that we operate at the moment, it is really important, I think, that this data is in the hands of patients, I think it’ll be safer care, it’ll be better care. In an era of shared decision making, you cannot share decisions if only one side of the couple has the information, it’s completely absurd. We do really need to put information in the hands of patients, for most patients that is more of an overriding concern thank it is about the security of the data, which is fundamentally important too, but I don’t think that this is a debate purely about the security of data.


Sam Smith: I would completely agree with that. And it’s a case of, if you get the audit right and you can see that when you were in a hospital appointment they didn’t access the record that you know they should’ve accessed, you have an evidence base to go back to them and say, why in that consultation wasn’t my record accessed? And it’s not like the clinic or whatever can deny it, because you’ve got the audit, so it’s a case of, and you know, there are plenty of reasons which are all absolutely crazy, but are all preventing access. And it’s a case of, but when you have patients day in, day out going: you theoretically have access to my record and there’s nothing stopping you, there’s nothing stronger for fixing the problem because we already have the technology to do the sharing that needs to be done, but all the barriers to it are because the system is so complex and there’s no trust there, and there is no way to build trust. And if you can build the trust then you can do other things, and it gives the patients the information they need to sort of go: I’m transferring from this clinic to that clinic, and 50% of the patient’s records don’t make it and they have to talk about little blue pills again. And it’s a case of, that sort of thing, if there’s a lot of patients there will then be a push, not from NHS England saying this is how the world should be, but it’s a case of, from the patients they are treating going, what keeps happening? Because all the patients are talking to each other and they go, yeah you’re probably going to lose it and this is why, and at some point there’s going to be a lot of pressure on those care pathways to fix the problems, and that will actually lead to better care.


Danny Buckland: So, in short, you would believe that we can develop better care using technology, we just have to be careful about how we do it?


Tessa Richards: Yes, and I would say, you know, let’s do this together with the patients.


Danny Buckland: Well thank you both for a stimulating discussion on a topic that is critical to the future of healthcare. You can read the 2017 Future Health Index Report and articles focusing on connected healthcare from around the world at and follow @philipshealth on Twitter.

Share this article

  • Link copied


You are about to visit a Philips global content page


You are about to visit the Philips USA website.

I understand

Our site can best be viewed with the latest version of Microsoft Edge, Google Chrome or Firefox.