At present, patients anywhere in the United States are entitled to access their patient records, but the records are typically controlled by providers. New Hampshire is the only state which provides citizens with legal ownership of the health information, notes Eric Topol, MD.
“That’s completely wrong. That has to get fixed,” said Topol, who spoke at the MedCity ENGAGE show last week. “It should be your data.” In fact, he calls patient data ownership “a civil right that’s yet to be granted.”
Patient data ownership rules vary across the U.S. In many states, including Washington, Idaho, North Dakota, Minnesota, Wisconsin, Michigan, New York, Maine, Pennsylvania, and Nevada, there was no law in place as of mid-2015 which specified whether patients are providers owned or had property rights medical records. But in a large number of additional states, including Oregon, California, Texas, Georgia and New Mexico, state laws specifically state that the hospital or physician owns the medical record.
Long before EMRs went into wide use, ownership of medical records would occasionally come into dispute, such as when a practice went out of business or a hospital was acquired. The historic lack of clear case law governing such transactions would occasionally lead to major legal controversies during such transitions.
Today, the stakes are even higher, contends Topol, who serves as director of the Scripps Translational Science Institute at San Diego-based Scripps Health. To realize the benefits of “individualized medicine” – Topol’s term for “precision medicine” — patients will have to control their health data, he said.
“We are going to be leaving population medicine – where it’s one size fits all — in favor of individualized medicine,” Topol told the audience. With individualized medicine, patients drive their own care, he said.
The current centralized model of health data ownership actually poses a risk to patients, Topol argues, given the ripe, financially-attractive lure that big databases pose. “We need to decentralize this data because the more it’s amassed, the more it’s going to be hacked,” he contends.
So what of Topol’s vision for “individualized medicine”? Well, here’s how I see it. Topol’s comments are interesting, but it seems to me that there’s an inherent contradiction between one half of his arguments and the other.
If by talking about individualized medicine, he’s referring to what is otherwise known as precision medicine, I’m not sure how we can pull it off without building big databases. After all, you don’t gain broad understandings of how, say, a cancer drug works without crunching numbers on thousands or millions of cases. So while giving consumers more power over the medical records makes sense, I don’t see how we could fail to aggregate them to some degree at least.
On the other hand, however, it does seem absurd to me that patients should ever lack the right to retrieve all of the records from the custody of a provider, particularly if the patient alleges malpractice or some form of malfeasance. If we want patients to engage with their health, owning the documentation on the care they received strikes me as an absolutely necessary first step.