Debate: Saving lives comes before privacy

Data eHealth Privacy Welfare technology

Saving lives must outweigh the fear of digital information being misused. Health and social care staff need to receive important and accurate information quickly in order to make the right decisions. This is written by Kalle Gudmundsson, Swedish Association of Social Welfare Managers, and Lars Lundberg, IT&Telecom companies.

Too often, we see serious consequences of relevant information not being available to everyone in different parts of the health and care system. The risk of sensitive information about an individual ending up in the wrong hands should not prevent the possibility of saving lives through information transfer.

Today's healthcare is increasingly based on the assumption that most of us who do not need emergency care will be cared for at home. However, there are two prerequisites:
- That there is a uniform conceptual framework.
- That everyone with information needs in their professional practice has access to current and relevant information.

The lack of available information is a reality. No one knows how often this has fatal consequences, the number of unreported cases is probably large and no one can say with certainty how many people have died due to medical malpractice because relevant information was not available.

Let's take some examples:
You become acutely ill (unconscious) and have the misfortune of not being in your own region. In the emergency room, the staff have no medical information about you: what medications you are taking, any allergies or other illnesses. There is an obvious risk of medical malpractice with, in some cases, fatal results.

More and more people want and can receive care and nursing at home. This leads to increasingly complex and advanced municipal healthcare. We now have a situation where community nurses and doctors in primary care are expected to provide relatively advanced healthcare. Do they have regular access to all patient data? Unfortunately not. Again, high risk of malpractice.

The tragic case of Yara - the eight-year-old girl who was murdered in her home in Karlskrona - will be our third example. This example is not directly related to healthcare, but the lack of information proved fatal. If the information sent by letter and fax had instead been available digitally to all stakeholders, the outcome might have been different.

So why does it look like it does? Why does the transfer of information between different principals not work? The question has been batted around for decades, buried in countless studies without any real results. Rather, in some respects we have gone backwards as the issue of privacy has become increasingly important in our increasingly digitized society. The fear of digital information being misused or leaked to unauthorized persons has put the possibility of saving lives on the back burner. These fears are relevant and should be taken very seriously - but we believe that the issue of privacy needs to be put in the context of saving lives.

In the debate on patient data security, there are often two perspectives:
- Preventing unauthorized access to digitized information about you as a patient and citizen by all means.
- Ensuring that professionals have access to up-to-date and sometimes life-changing information about you as a patient/client when they need it.

We believe that the starting point must always be the latter. The risk of sensitive information about an individual falling into the wrong hands should not prevent the possibility of saving people's lives through information transfer. We believe that if we can save just one person, that is reason enough to work hard for change.

On the privacy issue, where patient data has been leaked to the media, it has never been due to poor security, but to authorized staff 'looking in the wrong file' and contacting the media. So the biggest risk is the human factor, and the most effective measure is training and awareness.

The second aspect of cyber security is intrusion, that is, when someone hacks into a system to access information. This type of breach is unfortunately not 100% preventable, but we should remember that in both cases it is a criminal act. The difference between an authorized staff member leaking patient data and a hacker breaking in is that the staff member can be tracked by logging patient visits.

The privacy risks may be perceived as daunting, but we argue - once again - that they must be weighed against the benefits, i.e. the potential to save lives.

The responsibility for health care lies with the municipalities (home care) and the county councils. However, the problems described above require a number of measures at national level to eliminate them:
- The government needs to push for changes to the Privacy Act to allow relevant information to be transferred between different health care providers/actors.
- The government needs to establish national standards and definitions of terms to enable the transfer of information between different systems.
- Individual care recipients should be able to easily give their consent to whether or not their own care information can be shared between care providers. The management could, for example, be located in 1177 Vårdguiden.
- Through a nationally rolled out and free e-identification, all citizens would have free access to, among other things, their own patient records.

We also see that a number of good initiatives have been taken that are moving things in the right direction. The reports The right information in the right place at the right time (SOU 2014:23), Next steps in e-health (SOU 2015:32) and Effective care 2016:2 are all excellent reports with several good proposals.

There are also several national initiatives on common concepts: the National Information Structure, the International Classification of Functioning, the Classification of Social Services Interventions and Activities, and the Elderly at the Center are four examples of laudable efforts. However, the government needs to take the lead and decide which framework should apply. Here we would also like to emphasize the importance of user-friendliness and accessibility.

In other words, there is light at the end of the tunnel. But now the government needs to take a number of clarifying decisions. Unambiguous legislation and a clear framework of standards and concepts will improve health and social care and save more lives.

Kalle Gudmundsson, chairman of the Swedish Association of Social Welfare Managers, which works for the development of Swedish welfare

Lars Lundberg, business policy expert and responsible for welfare technology issues, IT&Telecom companies within Almega