Volume 13, Issue 1/2011 - Legal

The Ethical and Legal Challenges of E-Health

E-Health promises to be a cost-effective and efficient way of providing healthcare at an affordable cost to patients who would otherwise be excluded or underserviced. However, e-health also comes with a series of ethical and legal challenges which, if not met before its implementation, could undermine its success. Among other things, changes in the nature of the healthcare professional-patient relationship, in informed consent requirements and in the apportionment of liability are implicated. Privacy concerns also arise and the position of health informatics professionals as well as of service providers is also affected. A further complicating factor is outsourcing.

Common perception and official pronouncements notwithstanding, what healthcare is delivered — and how — is not simply a function of health needs, financial resources and the number and training of available healthcare professionals. To a considerable degree, it is a matter of politics.

Politics, however, is not a rational enterprise nor is it driven by algorithms and formulae, despite the existence of healthcare economists and decision-theorists. It is driven by a mix of public attitudes and the values and agendas of politicians. This is a volatile mix that is subject to many influences. One of the most profound of these is the technological imperative: If something is technologically new, sophisticated and promises to provide a 'rational' solution to a particular problem, then it must be tried. The influence of this imperative is not confined to policy making. It can also be detected at the level of hands-on care.

Indeed, it has been suggested that, for one reason or another, modern healthcare as a whole is obsessed with technology, and that decision-makers and professionals alike cannot wait to apply technological innovations — much like children who must try out every new toy — and that e-health in particular is implicated.

E-Health and its Challenges

Of course such a sweeping view of e-health is unfair. If its proponents are to be believed, e-health has the potential of overcoming barriers of geography, professional availability, limitations of transportation and infrastructure, and even problems caused by socio-economic disparity. Moreover, it holds out the promise of maximising effectiveness and efficiency at the lowest possible cost without seriously interfering in patients' lives. Arguably, therefore, e-health is not so much an instance of the technological imperative as the wise and considerate choice by responsible healthcare planners.

However, the fact remains that to allow technologically grounded effectiveness and efficiency considerations to be the sole determinants of e-health planning is to fall prey to the technological imperative, because e-health comes with a number of potentially serious problems. These are not insurmountable. However, they should be addressed and solved prior to implementation, lest downstream difficulties undermine what otherwise would be a beneficial development.

Technical Reliability and Appropriateness

For example, there are challenges that are rooted in the technology itself. Device safety and standardisation are obviously important issues; as are the technology's ability to ensure data integrity and reliability and its power to gather and communicate data accurately with appropriate back-up measures to guard against malfunction or interruption.

As well, e-health is predicated on the assumption that the instrumentation will provide patient data without constant technical supervision, since this would constitute an intolerable intrusion into patient lives. Not only healthcare providers but also vendors and health informatics professionals (HIPs) are here affected. While similar concerns exist in the standard healthcare setting, the fact that the relevant technology is expected to function independently and reliably in unsupervised and geographically removed settings adds new parameters to the traditional picture.

Privacy, EHRs and Unique Patient Identifiers

Privacy issues also acquire a new dimension. By and large, national laws and international conventions (such as the European Union Directive 96/46/EC) stipulate that healthcare professionals and institutions have a duty to protect the confidentiality of patient data to the best of their ability, and that breaches in this regard should be communicated to the subjects of the data in due time and in an appropriate manner.

Over the past few years, healthcare providers have been at pains to ensure compliance with these requirements and have developed such things as authorisation protocols, password protection, encryption and the like. However, these techniques are geared to a professional context and to an institutionalised setting that can be finely adjusted and controlled. E-Health introduces the patient and the patient's home environment into the mix. Here these measures may be neither possible nor appropriate. Nevertheless, the privacy requirements remain.

Moreover, e-health uses electronic health records (EHRs). This means not only that the records must be accessible on an asneeded basis but also that they contain unique patient identifiers (UPIs) so as to guarantee that the right patient gets the right intervention at the right time. Quite aside from any technical issues about the implementation of an integrated EHR architecture, there is also the issue of UPIs themselves. Both ethical and legal concerns have been raised in this regard relative to such issues as possible 'function creep' in their use.

Patients as Co-Deliverers of Healthcare and Liability

However, challenges are not confined to the technical sector. It would be disastrous for healthcare providers to forget that e-health turns patients (and sometimes their significant others) into active co-participants in the delivery of care. With this, the issue of liability acquires an entirely new form.

That is to say, healthcare has traditionally been based on the assumption that the data underlying healthcare decision-making have been developed by healthcare professionals, and that control of the data gathering process lies in the hands of these professionals and of the technical staff who assist them. Data-related mistakes or misadventures, therefore, are a matter of professional care, diligence and competence.

With e-health, patients become involved in the care delivery process not simply as subjects but as participants. When e-health is not entirely automated through indwelling telemetry, patients have to report the relevant data — and they may make mistakes either in measuring or in reporting values. Even when the process is automatic, it may happen that patients accidentally interfere with these automated measurements or their transmission. Liability apportionment therefore assumes a new aspect, and when family members or significant others are involved the issue of their co-responsibility also arises.
To be sure, there are juridical precedents from other areas of healthcare when patients contribute to negative outcomes. However, these are predicated on the traditional model of the healthcare professional- patient relationship which is based on three premises: First, that healthcare involves a direct patient-professional encounter; second, that the patient's contribution to the functioning of the techniques and technologies employed by the professional is essentially non-existent; and third, that the professional's own expertise determines the availability and reliability of instrument-based patient data and is independent of the patient's skills in the use or functioning of these tools. E-Health importantly changes this picture. Therefore it is doubtful that e-health can rely on the traditional approach to liability. Even the standard consent model may no longer be applicable.

E-Health, therefore, requires not only the development of appropriate patienttraining modules but also the development of new consent and liability models that acknowledges the patient's (and the significant others') expanded agency in the care process.

Expanded Role of HIPs

Furthermore, HIPs play a much more expanded role in e-health since they are the technical lynch-pins of the whole system. Of course HIPs are also integral to any intervention that uses electronic devices in standard healthcare. However, in e-health their role goes beyond providing technical support. The reason is that e-health requires patients to understand the functionally important aspects of the technology with which they are involved because their actions (or lack thereof) may importantly interfere with or alter the functioning of the relevant protocols and devices. True expertise in this regard does not lie in the domain of medicine and healthcare but in the arena of the health informatics. It would therefore be inappropriate to turn communication and patient training in this regard into an addon responsibility for physicians. With this, however, HIPs now acquire an educational and informed-consent duty that supplements those of physicians. It goes almost without saying that the issue of liability apportionment also has to be revisited from this perspective.

Moreover, purely technical issues such as transmission characteristics, bandwidth issues etc., are significant factors in ehealth. Decision-making about what is functionally appropriate in this regard is different from decision-making about whether to use an MRI or some other diagnostic device. The latter is a matter of physician expertise and responsibility; the former, however, is a matter of technical expertise. With e-health, therefore, the role of the HIP expands beyond the traditional scope of purely technical expert and includes giving advice on the choice of the technology itself — with attendant healthcare implications.

Interoperability and Legacy Systems

There is also the following consideration: While e-health is an innovation, it is not an innovation that supplants current healthcare delivery. It extends it. This means that e-health is not a stand-alone modality but something that has to integrate seamlessly into whatever system of healthcare delivery is in place.

This also has ethical and legal implications:

First, the fact that e-health must function in an environment that involves distinct kinds of material items and protocols means that it can be implemented only if it can be incorporated seamlessly into the legacy systems that form part of the established healthcare structure. Interoperability is therefore a necessary material condition for its success, since otherwise treatment may be impaired by the technology and the fiduciary obligation of the attendant healthcare professionals and institutions may be put at risk — with serious legal consequences. This goes beyond guaranteeing interoperability within the institutional setting that is hospital-based. It also includes the problem of integrating e-health with the databases and operating systems that are used by individual physicians and other healthcare providers whose patients participate in e-health.

Second, as a new modality, e-health is subject to close scrutiny regarding appropriateness, safety and the like. However, quality assurance being what it is, this means that such scrutiny will expand beyond the immediate context of e-health to include the existing healthcare structures, so that in case of unusual incidents the operational flaw can be correctly identified as belonging either to the existing structures or to e-health — or to the interface between them. While it is highly likely that sooner or later general quality assessment of existing structures would be undertaken anyway as a matter of continuous quality management, the introduction of e-health may well trigger and accelerate this process. The introduction of e-health, therefore, would not only have ethical and legal implications but financial ones as well that go beyond the costs associated with the development of e-health itself.

Third, like any electronics based technology, e-health is subject to Moore's law. Consequently, given the rapid changes in ICT, diagnostic technology etc., there lies a corresponding duty, rooted in the fiduciary nature of the healthcare provider-patient relationship, to ensure that e-health systems contain within themselves appropriate measures to ensure a seamless legacy structure that integrates as its various aspects, protocols and components as these become obsolete and are replaced. Planning for e-health, therefore, cannot ethically proceed without making appropriate plans in that direction. In other words, it is not a modality that is complete and can be "forgotten" once it is in place. Again, ethical, legal and financial implications stand in the wings. 

Outsourcing and its Associated Problems

Another parameter that may deserve attention is outsourcing. Since the decision to become involved in e-health is usually based on cost-effectiveness and cost-benefit considerations, healthcare planners and administrators sooner or later turn to global players both for the applicable technology itself as well as for the provision of relevant services simply because, as a matter of scale and of disparate wages, global players are generally capable of providing the relevant technologies and services at a lower cost.

This means that international corporations specialising in information- and data-management may come to provide such services while themselves being headquartered or located in another jurisdiction. Also, because e-health requires intensive monitoring and a fast turn-around time, and because trained staff is scarce or unavailable on a constant basis, institutions may be tempted to turn to international medical diagnostic and consultative service providers. This is not a speculative scenario. It has already happened in other contexts and on several occasions services that were originally provided by national or local agencies have become outsourced to international providers. Radiographs originating in Chicago have been read in Bangalore or Zurich, billings originating in Berlin or Mexico City have become outsourced to Bloomington or Chennai. Even medical notes that have been taken in one country have been outsourced for transcribing to other countries where the native language of the transcribing individuals is other than that of the note-taking medical professionals. In other words, there is the distinct possibility that in order to employ the relevant technology cheaply, and purely for the sake of "rationalising" the associated costs that accompany the implementation e-health, outsourcing may become a major factor.

Such practices, however, raise privacy concerns to a whole new plateau. International technology- and service-providers are bound not simply by the contracts through which they provide their services but also by the laws of the countries in which they are based as corporate entities. This may make it impossible for the outsourcing parties to guarantee the privacy standards that are mandated within the jurisdiction in which they themselves are incorporated and in which they provide the services that they have outsourced.

Professional standards present another challenge in this connection. Patients expect, and healthcare providers are legally obligated to provide, care that meets the professional standards of the jurisdictions in which the care is actually provided. If outsourcing occurs, an effective and enforceable mechanism must be in place to ensure that there is some means for holding the distant party responsible if professional errors occur, where this mechanism will not be more burdensome or more cumbersome than what is in place in the outsourcing jurisdiction. Otherwise, outsourcing services will occur at the price of patient rights.


E-Health is a technically sophisticated modality of healthcare that is designed not only to provide continuous care where none was possible before, but also to provide such care in a qualitatively unexceptionable manner and at a reasonable cost to a great variety of patients. Moreover, it presents the promise of rationalising health expenditures by limiting institutional admissions and interventions to truly appropriate cases rather than operating in a one-sizefits- all and cost-intensive manner and treating potentially ambulatory patients as institutional cases.

However, like any new modality, e-health is not without its challenges, and these are not merely technical in nature. They include value-issues that go to the very nature of healthcare itself, to the nature of the healthcare provider-patient relationship, to the role and responsibilities of the informatics professional, and they include such issues as informed consent, privacy and liability. 

Finally, and perhaps above all, e-health presents a human challenge. Data show that while some patients welcome e-health as an indication of concern for patient wellbeing that is not limited by geographic boundaries, other patients reject it as an unacceptable medicalisation of the home environment and as an intolerable intrusion into their homes and private lives.

None of these issues detract from the promise of cost-effectiveness and efficiency that is presented by e-health. However, this promise should not blind anyone to the fact that, like any technological solution to an existing problem, the solution brings problems of its own, that these are not simply technical in nature — and that they must be addressed before the technology is applied. To forget this would indeed be to act on the basis of the technological imperative with potentially disastrous implications. 






Print as PDF
E-Health promises to be a cost-effective and efficient way of providing healthcare at an affordable cost to patients who would otherwise be excluded or und

No comment

Please login to leave a comment...

Highlighted Products