With the advent of technology allowing for the extension of life, and as a result of the increasing importance of personal autonomy, decisional capacity, and informed consent and the growing awareness of issues related to quality of life and dying, Canadians have become increasingly interested in expressing their wishes regarding their health care and having more input into decisions about their care should they become incapable. Advance care planning (ACP) can help patients to achieve these goals.
The CMA supports development of a strategy for ACP1 in all provinces and territories. ACP leads to better concordance between patients' wishes and treatments provided,2,3 decreased anxiety for families,4 decreased moral distress for health care providers,5 decreased hospitalization rates of nursing home residents3 and fewer unnecessary medical treatments.3,6,7
ACP is at the intersection of the provision of health care, ethical values and legal rights and duties. In particular, it involves the acknowledgement of essential aspects of autonomy, informed consent, and respect of patients' care wishes now and in the future, and their intentions if they become incapable.8,9
The balancing of the need to obtain informed consent for a treatment option in the present with the need to respect health care preferences that were stated in the past has been addressed using various clinical, legal and institutional approaches across Canadian jurisdictions."
Physicians10 can play a significant role in ACP throughout the course of the patient-physician relationship, including in the pediatric setting. At any time, outcomes of the planning process can be documented and/or the patient can appoint a substitute decision-maker in writing. These documents can be identified as advance directives, personal directives or powers of attorney for personal care11 (hereinafter all will be referred to as advance directives). An advance directive does not remove the need for a physician to obtain consent before providing a treatment to a patient, except in an emergency. As stated in the Canadian Medical Protective Association's consent guide: "[U]nder medical emergency situations, treatments should be limited to those necessary to prevent prolonged suffering or to deal with imminent threats to life, limb or health. Even when unable to communicate in medical emergency situations, the known wishes of the patient must be respected."12
While much of the focus of ACP is on making care decisions and nominating proxy decision-makers in case the patient becomes incapable of making decisions in the future, ACP has much more utility. ACP conversations13 can assist patients in determining treatment trajectories and making decisions about the intensity level of interventions in their current care. Providers can have discussions with patients and their families about proposed treatments in the context of the patient's communicated goals and wishes. The process of ACP also helps patients and their families to become familiar with the language and processes used to make cooperative health care decisions.
SCOPE OF POLICY
This policy aims to provide guidance on key considerations pertinent to ACP in a way that is consistent with a physician's ethical, professional and legal obligations. This is a complex subject: physicians should be aware of the legislation in the jurisdiction in which they practise, the standards and expectations specified by their respective regulatory authority, as well as the policies and procedures of the setting(s) in which they practise (e.g., regional health authority, hospital).
1. ACP is a process of (a) respecting patients' wishes through reflection and communication, (b) planning for when the patient cannot make health care decisions and (c) discussion with friends, family and professionals; (d) it may result in a written document.5 It informs the substitute decision-maker and provides information for the clinician to consider in the provision of care within the bounds of the law.
2. Although often associated with the end of life, ACP represents the expression of a patient's wishes for any future health care when the patient is incapable. It expresses the patient's values and beliefs regarding current care decisions and provides information that can inform any decisions that must be made during an emergency when the patient's consent cannot be obtained. For these reasons, ACP should occur throughout a person's lifetime.
3. Respect for patients' dignity and autonomy is a cornerstone of the therapeutic physician-patient relationship. Patients' right to autonomous decision-making has become embedded in ethical frameworks, consent legislation and case law.14 Respect for the wishes of an incapable patient constitutes a preservation of autonomy and promotes trust between the physician and patient.15
4. The way in which the act of obtaining consent is weighed against the patient's stated wishes as outlined during the ACP process varies according to the jurisdiction in which the patient and physician are located.
1. Given the practical, ethical and legal complexities of ACP, physicians, medical learners should be supported in becoming familiar with ACP and comfortable in engaging in the process with their patients. To this end, CMA supports the development of training in ACP and efforts to make it available to all physicians and medical learners.16 For practising physicians and residents, many resources are available, for example:
a. Advance Care Planning in Canada: A National Framework
b. Facilitating Advance Care Planning: An Interprofessional Educational Program
c. Information from the Health Law Institute of Dalhousie University on the regulatory policies and legislation of individual provinces and territories
d. A comprehensive collection of Canadian resources compiled by the Speak Up campaign of the Advance Care Planning in Canada initiative
e. Pallium Canada's Learning Essential Approaches to Palliative Care module on ACP
In the case of medical students, the CMA supports the position of the Canadian Federation of Medical Students that end-of-life training is an essential facet of undergraduate medical education.
2. The issue of the supervision of medical learners practising ACP should be clarified, as considerable ambiguity currently exists.17 Medical learners would benefit from unified national guidelines concerning the nature of their participation in ACP, especially regarding end-of-life care. In the case of medical students, the CMA agrees with the recommendation of the Canadian Federation of Medical Students that supervision be mandatory during conversations about end-of-life care.
3. The CMA calls for more research on the outcomes associated with the provision of ACP training to physicians and medical learners.
4. The CMA recommends that governments and institutions promote information and education on ACP to patients and their substitute decision-makers.
PROFESSIONAL AND LEGAL RESPONSIBILITY
1. While respecting patients' values, all physicians are expected to encourage their patients to engage in ACP with them. ACP is not a one-time event. The nature of the conversation between the physician and the patient and the regularity with which they discuss the subject will depend on the patient's health status. Family physicians and physicians have ongoing care relationships with chronically ill patients are particularly well placed to have regular discussions with their patients about their beliefs, values and wishes. An effective exchange of information between family physicians (and other physicians who work in the community with outpatients) and acute or tertiary care physicians would assist in ensuring patient's wishes are considered.
2. ACP, in particular advance directives, are at the intersection of medicine and the law. Physicians should recognize this and ask patients whether they have an advance directive or have done any ACP.
3. There is wide variation across jurisdictions in terms of the requirements and procedures for ACP; therefore, physicians should inform themselves about any relevant legislation and the scope of the requirement to obtain consent within that jurisdiction when carrying out ACP.
1. The CMA supports institutional processes that recognize and support ACP. Support for ACP includes developing a consistent process for the exchange of information about patients' wishes and advance directives among health care providers, as patients traverse sectors and locations of care. Patients with a written advance directive must be identified and the advance directive integrated fully within the patient's records18 so that it is available across the institution (and ideally the health care system). The CMA advocates for the inclusion of advance care directive functionality as a conformance and usability requirement for electronic medical record vendors.19 Provinces and territories should be encouraged to establish robust organizational processes and resources for patients in all locations of care and strong province- or territory-wide policy, such as in Alberta.20
2. Institutions and other organizations should encourage health care providers to ask patients to bring their advance directive to appointments at the same time they ask them to bring a list of their medications or other medical information.
3. The CMA supports institutional/organizational audits of structures, processes and outcomes related to ACP as an important step in improving the quality and frequency of ACP activities.
ROLE FOR GOVERNMENTS
1. The CMA supports infrastructures enabling ACP, including funding that will support ACP and other end-of-life discussions.
2. The CMA promotes the incorporation of ACP into future federal and provincial/territorial senior strategies and dementia and/or frailty strategies.
3. The CMA supports the development of ACP metrics and their future inclusion in Accreditation Canada standards.
Advance care planning (ACP)
Advance care planning is a term used to describe a process of reflection, communication, conversation and planning by a capable individual with family, friends and professionals about their beliefs, values and wishes for a time when they no longer have the mental capacity to make decisions about their health care. ACP can also involve the naming of a substitute decision-maker.8
The legislated term "advance directive" has different names, definitions and legal authority across the country. For example, in British Columbia an advance directive is a written legal document that provides a mechanism for capable patients to give directions about their future health care once they are no longer capable. 21 As such, in BC an advance directive may, under certain circumstances, be considered "equivalent to consent to treatment and may be acted upon directly by a health care provider without consultation with an SDM [substitute decision-maker]." 8 In Alberta it is called a personal directive. In Ontario, "advance directive" is a generic non-legal term and refers to communications that may be oral, written or in other forms.8
In Quebec, advance care directives are legally binding, as set out in the Act respecting end-of-life care, which recognizes "the primacy of freely and clearly expressed wishes with respect to care. . ."22
Current legislation does not allow for medical assistance in dying to be requested by an advance directive.23 The CMA acknowledges that considerable public, expert and legal debate exists around the issue.
To obtain informed consent, physicians must provide adequate information to the patient or capable decision-maker about the proposed procedure or treatment; the anticipated outcome; the potential risks, benefits and complications; and reasonable available alternatives, including not having the treatment; and they must answer questions posed by the patient. Consent is only informed if there is disclosure of matters that a reasonable person in the same circumstances would want to know.24 Consent must be given voluntarily, must not be obtained through misrepresentation or fraud, must relate to the treatment and must be informed.
Substitute decision-maker (SDM or agent or proxy)
A substitute decision-maker is a capable person who will make health care decisions on behalf of an incapable individual. In all jurisdictions the health care provider must take reasonable steps to become aware of whether or not there is a substitute decision-maker before providing health treatment to an incapable patient. Legally there are implementation differences across the country. For example, in BC a substitute decision-maker is appointed through a representation agreement, in Alberta through a personal directive and in Ontario through a power of attorney for personal care.
Approved by the CMA Board of Directors May 2017
1 Canadian Medical Association. Policy resolution GC14-25 - strategy for advance care planning, palliative and end-of-life care. Ottawa (ON): The Association; 2014. Available: policybase.cma.ca/dbtw-wpd/CMAPolicy/PublicB.htm (accessed 2016 Oct 17)
2 Houben CHM, Spruit MA, Groenen MTJ, et al. Efficacy of advance care planning: a systematic review and meta-analysis. J Am Med Dir Assoc 2014;15:477-89.
3 Martin RS, Hayes B, Gregorevic K, et al. The effects of advance care planning interventions on nursing home residents: a systematic review. J Am Med Dir Assoc 2016;7:284-93.
4 Mack JW, Weeks JC, Wright AA, et al. End-of-life discussions, goal attainment, and distress at the end of life: predictors and outcomes of receipt of care consistent with preferences. J Clin Oncol 2010;28(7):1203-8.
5 Canadian Hospice Palliative Care Association. Advance care planning in Canada: national framework. Ottawa; The Association; 2010.
6 Teo WSK, Raj AG, Tan WS, et al. Economic impact analysis of an end-of-life programme for nursing home residents. Palliat Med 2014;28(5):430-7.
7 Zhang B, Wright AA, Huskamp HA, et al. Health care costs in the last week of life: associations with end-of-life conversations. Arch Intern Med 2009;169(5):480-8.
8 Wahl J, Dykeman MJ, Gray B. Health care consent and advance care planning in Ontario. Toronto (ON): Law Commission of Ontario; 2014.
9 Canadian Medical Association. CMA Code of Ethics (update 2004). Ottawa: The Association; 2004.
10 Physician involvement is not mandatory in the process. However, it is important for physicians to engage with their patients in ACP as this can facilitate change in patients' ACP behaviour and understanding.
11 Wahl JA, Dykeman MJ, Walton T. Health care consent, advance care planning, and goals of care practice tools: the challenge to get it right. Improving the last stages of life. Toronto (ON): Law Commission of Ontario; 2016.
13 Frank C, Puxty J. Facilitating effective end-of-life communication - helping people decide. CJS Journal of CME 2016;6(2). Available: http://canadiangeriatrics.ca/wp-content/uploads/2017/02/Facilitating-Effective-End-of-Life-Communication---Helping-People-Decide.pdf (accessed 2017 April 25).
14 Fleming v Reid (1991) 82 DLR (4th) 298 (CA ON); Cuthbertson v Rasouli, 2013 SCC 53; Malette v Shulman (1990), 72 OR (2d) 417; Starson v Swayze (2003) 1 SCR 722.
15 Harmon SHE. Consent and conflict in medico-legal decision-making at the end of life: a critical issue in the Canadian context. University of New Brunswick Law Journal 2010;60(1):208-29.
16 Canadian Medical Association. Policy resolution GC13-69 - training in advance care planning. Ottawa (ON): The Association; 2013. Available: policybase.cma.ca/dbtw-wpd/CMAPolicy/PublicB.htm (accessed 2016 May 26).
17 Touchie C, De Champlain A, Pugh D, et al. Supervising incoming first-year residents: faculty expectations versus residents' experiences. Med Educ 2014;48(9):921-9.
18 Canadian Medical Association. Policy resolution GC14-19 - advance care plans. Ottawa (ON): The Association; 2014. Available: policybase.cma.ca/dbtw-wpd/CMAPolicy/PublicB.htm (accessed 2016 May 26).
19 Canadian Medical Association. BD14-05-163 Advance care directive functionality. Ottawa (ON): The Association; 2014. Available: policybase.cma.ca/dbtw-wpd/CMAPolicy/PublicB.htm (accessed 2016 May 26).
20 Conversations matter. Edmonton (AB): Alberta Health Services. Available: http://goals.conversationsmatter.ca.s3-website-us-east-1.amazonaws.com/ (accessed 2017 May 19).
21 Health Care (Consent) and Care Facility (Admission) Act, RSBC 1996, c 181, s.3
22 Act respecting end-of-life care, S-32.0001. Government of Quebec. Available : http://legisquebec.gouv.qc.ca/en/ShowDoc/cs/S-32.0001
23 An Act to amend the Criminal Code and to make related amendments to other Acts (medical assistance in dying) S.C. 2016, c.3. Ottawa: Government of Canada; 2016. Available: http://canlii.ca/t/52rs0 (accessed 2016 Oct 17)
24 Riebl v Hughes,  2 SCR 880; Hopp v Lepp,  2 SCR 192.
Clinical photography is a valuable tool for physicians. Smartphones, as well as other devices supporting network connectivity, offer a convenient, efficient method to take and share images. However, due to the private nature of the information contained in clinical photographs there are concerns as to the appropriate storage, dissemination, and documentation of clinical images. Confidentiality of image data must be considered and the dissemination of these images onto servers must respect the privacy and rights of the patient. Importantly, patient information should be considered as any information deriving from a patient, and the concepts outlined therefore apply to any media that can be collected on, or transmitted with, a smart-device.
Clinical photography can aid in documenting form and function, in tracking conditions and wound healing, in planning surgical operations, and in clinical decision-making. Additionally, clinical photographs can provide physicians with a valuable tool for patient communication and education. Due to the convenience of this type of technology it is not appropriate to expect physicians to forego their use in providing their patients with the best care available.
The technology and software required for secure transfer, communication, and storage of clinical media is presently available, but many devices have non-secure storage/dissemination options enabled and lack user-control for permanently deleting digital files. In addition, data uploaded onto server systems commonly cross legal jurisdictions. Many physicians are not comfortable with the practice, citing security, privacy, and confidentiality concerns as well as uncertainty in regards to regional regulations governing this practice.1 Due to concern for patient privacy and confidentiality it is therefore incredibly important to limit the unsecure or undocumented acquisition or dissemination of clinical photographs.
To assess the current state of this topic, Heyns et al. have reviewed the accessibility and completeness of provincial and territorial medical regulatory college guidelines.2 Categories identified as vital and explored in this review included: Consent; Storage; Retention; Audit; Transmission; and Breach. While each regulatory body has addressed limited aspects of the overall issue, the authors found a general lack of available information and call for a unified document outlining pertinent instructions for conducting clinical photography using a smartphone and the electronic transmission of patient information.2
The discussion of this topic will need to be ongoing and it is important that physicians are aware of applicable regulations, both at the federal and provincial levels, and how these regulations may impact the use of personal devices. The best practices supported here aim to provide physicians and healthcare providers with an understanding of the scope and gravity of the current environment, as well as the information needed to ensure patient privacy and confidentiality is assessed and protected while physicians utilize accessible clinical photography to advance patient care. Importantly, this document only focusses on medical use (clinical, academic, and educational) of clinical photography and, while discussing many core concepts of patient privacy and confidentiality of information, should not be perceived as a complete or binding framework. Additionally, it is recommended that physicians understand the core competencies of clinical photography, which are not described here.
The Canadian Medical Association (CMA) suggests that the following recommendations be implemented, as thoroughly as possible, to best align with the CMA policy on the Principles for the Protection of Patient Privacy (CMA Policy PD2018-02). These key recommendations represent a non-exhaustive set of best practices - physicians should seek additional information as needed to gain a thorough understanding and to stay current in this rapidly changing field.
* Informed consent must be obtained, preferably prior, to photography with a mobile device. This applies for each and any such encounter and the purpose made clear (i.e. clinical, research, education, publication, etc.). Patients should also be made aware that they may request a copy of a picture or for a picture to be deleted.
* A patient's consent to use electronic transmission does not relieve a physician of their duty to protect the confidentiality of patient information. Also, a patient's consent cannot override other jurisdictionally mandated security requirements.
* All patient consents (including verbal) should be documented. The acquisition and recording of patient consent for medical photography/dissemination may be held to a high standard of accountability due to the patient privacy and confidentiality issues inherent in the use of this technology. Written and signed consent is encouraged.
* Consent should be considered as necessary for any and all photography involving a patient, whether or not that patient can be directly recognized, due to the possibility of linked information and the potential for breach of privacy. The definition of non-identifiable photos must be carefully considered. Current technologies such as face recognition and pattern matching (e.g. skin markers, physical structure, etc.), especially in combination with identifying information, have the potential to create a privacy breach.
* Unsecure text and email messaging requires explicit patient consent and should not be used unless the current gold standards of security are not accessible. For a patient-initiated unsecure transmission, consent should be clarified and not assumed.
* Transmission of photos and patient information should be encrypted as per current-day gold standards (presently, end-to-end encryption (E2EE)) and use only secure servers that are subject to Canadian laws. Explicit, informed consent is required otherwise due to privacy concerns or standards for servers in other jurisdictions. Generally, free internet-based communication services and public internet access are unsecure technologies and often operate on servers outside of Canadian jurisdiction.
* Efforts should be made to use the most secure transmission method possible. For data security purposes, identifying information should never be included in the image, any frame of a video, the file name, or linked messages.
* The sender should always ensure that each recipient is intended and appropriate and, if possible, receipt of transmission should be confirmed by the recipient.
* Storing images and data on a smart-device should be limited as much as possible for data protection purposes.
* Clinical photos, as well as messages or other patient-related information, should be completely segregated from the device's personal storage. This can be accomplished by using an app that creates a secure, password-protected folder on the device.
* All information stored (on internal memory or cloud) must be strongly encrypted and password protected. The security measures must be more substantial than the general password unlock feature on mobile devices.
* Efforts should be made to dissociate identifying information from images when images are exported from a secure server. Media should not be uploaded to platforms without an option for securely deleting information without consent from the patient, and only if there are no better options. Automatic back-up of photos to unsecure cloud servers should be deactivated. Further, other back-up or syncing options that could lead to unsecure server involvement should be ascertained and the risks mitigated.
4. Cloud storage should be on a Canadian and SOCII certified server. Explicit, informed consent is required otherwise due to privacy concerns for servers in other jurisdictions.
5. AUDIT & RETENTION
* It is important to create an audit trail for the purposes of transparency and medical best practice. Key information includes patient and health information, consent type and details, pertinent information regarding the photography (date, circumstance, photographer), and any other important facts such as access granted/deletion requests.
* Access to the stored information must be by the authorized physician or health care provider and for the intended purpose, as per the consent given. Records should be stored such that it is possible to print/transfer as necessary.
* Original photos should be retained and not overwritten.
* All photos and associated messages may be considered part of the patient's clinical records and should be maintained for at least 10 years or 10 years after the age of majority, whichever is longer. When possible, patient information (including photos and message histories between health professionals) should be retained and amalgamated with a patient's medical record. Provincial regulations regarding retention of clinical records may vary and other regulations may apply to other entities - e.g. 90 years from date of birth applies to records at the federal level.
* It may not be allowable to erase a picture if it is integral to a clinical decision or provincial, federal, or other applicable regulations require their retention.
* Any breach should be taken seriously and should be reviewed. All reasonable efforts must be made to prevent a breach before one occurs. A breach occurs when personal information, communication, or photos of patients are stolen, lost, or mistakenly disclosed. This includes loss or theft of one's mobile device, texting to the wrong number or emailing/messaging to the wrong person(s), or accidentally showing a clinical photo that exists in the phone's personal photo album.
* It should be noted that non-identifying information, when combined with other available information (e.g. a text message with identifiers or another image with identifiers), can lead to highly accurate re-identification.
* At present, apps downloaded to a smart-device for personal use may be capable of collecting and sharing information - the rapidly changing nature of this technology and the inherent privacy concerns requires regular attention. Use of specialized apps designed for health-information sharing that help safeguard patient information in this context is worth careful consideration.
* Having remote wipe (i.e. device reformatting) capabilities is an asset and can help contain a breach. However, inappropriate access may take place before reformatting occurs.
* If a smartphone is strongly encrypted and has no clinical photos stored locally then its loss may not be considered a breach.
* In the event of a breach any patient potentially involved must be notified as soon as possible. The CMPA, the organization/hospital, and the Provincial licensing College should also be contacted immediately. Provincial regulations regarding notification of breach may vary.
Approved by the CMA Board of Directors March 2018
i Heyns M†, Steve A‡, Dumestre DO‡, Fraulin FO‡, Yeung JK‡
† University of Calgary, Canada
‡ Section of Plastic Surgery, Department of Surgery, University of Calgary, Canada
1 Chan N, Charette J, Dumestre DO, Fraulin FO. Should 'smart phones' be used for patient photography? Plast Surg (Oakv). 2016;24(1):32-4.
2 Unpublished - Heyns M, Steve A, Dumestre DO, Fraulin FO, Yeung J. Canadian Guidelines on Smartphone Clinical Photography.
Inherent in all health care professional Codes of Ethics is the duty to provide care to patients and to relieve suffering whenever possible. However, this duty does not exist in a vacuum, and depends on the provision of goods and services referred to as reciprocal obligations, which must be provided by governments, health care institutions and other relevant bodies and agencies. The obligation of government and society to physicians can be seen as comparable to the obligations of physicians to their patients.
The recent experience of Canadian physicians during the SARS epidemic in Toronto has heightened the sensitivities of the medical profession to several issues that arose during the course of dealing with that illness. Many of the lessons learned (and the unanswered questions that arose) also apply to the looming threat of an avian flu (or other) pandemic. Canadian physicians may be in a relatively unique position to consider these issues given their experience and insight.
The intent of this working paper is to highlight the ethical issues of greatest concern to practicing Canadian physicians which must be considered during a pandemic. In order to address these issues before they arise, the CMA presents this paper for consideration by individual physicians, physician organizations, governments, policy makers and interested bodies and stakeholders. Although many of the principles and concepts could readily be applied to other health care workers, the focus of this paper will be on physicians.
Policies regarding physicians in training, including medical students and residents, should be clarified in advance by the relevant bodies involved in their oversight and training. Issues of concern would include the responsibilities of trainees to provide care during a pandemic and the potential effect of such an outbreak on their education and training.
A. Physician obligations during a pandemic
The professional obligations of physicians are well spelled out in the CMA Code of Ethics and other documents and publications and are not the main focus of this paper. However, they will be reviewed and discussed as follows.
Several important principles of medical ethics will be of particular relevance in considering this issue. Physicians have an obligation to be beneficent to their patients and to consider what is in the patient's best interest. According to the first paragraph of the CMA Code of Ethics (2004), "Consider first the well-being of the patient".
Traditionally, physicians have also respected the principle of altruism, whereby they set aside concern for their own health and well-being in order to serve their patients. While this has often manifested itself primarily as long hours away from home and family, and a benign neglect of personal health issues, at times more drastic sacrifices have been required. During previous pandemics, many physicians have served selflessly in the public interest, often at great risk to their own well-being.
The principle of justice requires physicians to consider what is owed to whom and why, including what resources are needed, and how these resources would best be employed during a pandemic. These resources might include physician services but could also include access to vaccines and medications, as well as access to equipment such as ventilators or to a bed in the intensive care unit. According to paragraph 43 of the CMA Code of Ethics, physicians have an obligation to "Recognize the responsibility of physicians to promote equitable access to health care resources".
In addition, physicians can reasonably be expected to participate in the process of planning for a pandemic or other medical disaster. According to paragraph 42 of the CMA Code of Ethics, physicians should "Recognize the profession's responsibility to society in matters relating to public health, health education, environmental protection, legislation affecting the health and well-being of the community and the need for testimony at judicial proceedings". This responsibility could reasonably be seen to apply both to individual physicians as well as the various bodies and organizations that represent them.
Physicians also have an ethical obligation to recognize their limitations and the extent of the services they are able to provide. During a pandemic, physicians may be asked to assume roles or responsibilities with which they are not comfortable, nor prepared. Paragraph 15 of the CMA Code of Ethics reminds physicians to "Recognize your limitations and, when indicated, recommend or seek additional opinions or services".
However, physicians have moral rights as well as obligations. The concept of personal autonomy allows physicians some discretion in determining where, how and when they will practice medicine. They also have an obligation to safeguard their own health. As stated in paragraph 10 of the CMA Code of Ethics, physicians should "Promote and maintain your own health and well-being".
The SARS epidemic has served to reopen the ethical debate. Health care practitioners have been forced to reconsider their obligations during a pandemic, including whether they must provide care to all those in need regardless of the level of personal risk. As well, they have been re-examining the obligation of governments and others to provide reciprocal services to physicians, and the relationship between these obligations.
B. Reciprocal obligations towards physicians
While there has been much debate historically (and especially more recently) about the ethical obligations of physicians towards their patients and society in general, the consideration of reciprocal obligations towards physicians is a relatively recent phenomenon.
During the SARS epidemic, a large number of Canadian physicians unselfishly volunteered to assist their colleagues in trying to bring the epidemic under control. They did so, in many cases, in spite of significant personal risk, and with very little information about the nature of the illness, particularly early in the course of the outbreak. Retrospective analysis has cast significant doubt and concern on the amount of support and assistance provided to physicians during the crisis. Communication and infrastructure support was poor at best. Equipment was often lacking and not always up to standard when it was available. Psychological support and counselling was not readily available at the point of care, nor was financial compensation for those who missed work due to illness or quarantine. Although the Ontario government did provide retrospective compensation for many physicians whose practices were affected by the outbreak, the issue was addressed late, and not at all in some cases.
It is clear that Canadian physicians have learned greatly from this experience. The likelihood of individuals again volunteering "blindly" has been reduced to the point where it may never happen again. There are expectations that certain conditions and obligations will be met in order to optimize patient care and outcomes and to protect health care workers and their families.
Because physicians and other health care providers will be expected to put themselves directly in harm's way, and to bear a disproportionate burden of the personal hardships associated with a pandemic, the argument has been made that society has a reciprocal obligation to support and compensate these individuals.
According to the University of Toronto Joint Centre for Bioethics report We stand on guard for thee, "(The substantive value of) reciprocity requires that society support those who face a disproportionate burden in protecting the public good, and take steps to minimize burdens as much as possible. Measures to protect the public good are likely to impose a disproportionate burden on health care workers, patients and their families."
Therefore, in order to provide adequate care for patients, the reciprocal obligation to physicians requires providing some or all of the following:
Prior to a pandemic
- Physicians and the organizations that represent them should be more involved in planning and decision making at the local, national and international levels. In turn, physicians and the organizations that represent them have an obligation to participate as well.
- Physicians should be made aware of a clear plan for resource utilization, including:
- how physicians will be relieved of duties after a certain time;
- clearly defined roles and expectations, especially for those practicing outside of their area of expertise;
- vaccination/treatment plans - will physicians (and their families) have preferential access based on the need to keep caregivers healthy and on the job;
- triage plans, including how the triage model might be altered and plans to inform the public of such.
- Physicians should have access to the best equipment needed and should be able to undergo extra training in its use if required.
- Politicians and leaders should provide reassurances that satisfy physicians that they will not be "conscripted" by legislation.
During a pandemic
- Physicians should have access to up-to-date, real time information.
- Physicians should be kept informed about developments in Canada and globally.
- Communication channels should be opened with other countries (e.g. Canada should participate in WHO initiatives to identify the threats before they arrive on our doorstep).
- Resources should be provided for backup and relief of physicians and health care workers.
- Arrangements should be made for timely provision of necessary equipment in an ongoing fashion.
- Physicians should be compensated for lost clinical earnings and to cover expenses such as lost wages, lost group earnings, overhead, medical care, medications, rehabilitative therapy and other relevant expenses in case of quarantine, clinic cancellations or illness (recognizing that determining exactly when or where an infection was acquired may be difficult).
- Families should receive financial compensation in the case of a physician family member who dies as a result of providing care during a pandemic.
- In the event that physicians may be called upon in a pandemic to practice outside of their area of expertise or outside their jurisdiction, they should to contact their professional liability protection provider for information on their eligibility for protection in these circumstances.
- Interprovincial or national licensing programs should be developed to provide physicians with back-up and relief and ensure experts can move from place to place in a timely fashion without undue burden.
- Psychological and emotional counselling and support should be provided in a timely fashion for physicians, their staff and family members.
- Accommodation (i.e. a place to stay) should be provided for physicians who have to travel to another locale to provide care; or who don't want to go home and put their family at risk, when this is applicable, i.e. the epidemiology of the infectious disease causing the pandemic indicates substantially greater risk of acquiring infection in the health care setting than in the community.
- Billing and compensation arrangements should ensure physicians are properly compensated for the services they are providing, including those who may not have an active billing number in the province where the services are being provided.
After a pandemic
- Physicians should receive assistance in restarting their practice (replacing staff, restocking overhead, communicating with patients, and any other costs related to restarting the practice).
- Physicians should receive ongoing psychological support and counselling as required.
C. How are physician obligations and reciprocal obligations related?
Beyond a simple statement of the various obligations, it is clear that there must be some link between these different obligations. This is particularly important since there is now some time to plan for the next pandemic and to ensure that reciprocal obligations can be met prior to its onset. Physicians have always provided care in emergency situations without questioning what they are owed. According to paragraph 18 of the CMA Code of Ethics, physicians should "Provide whatever appropriate assistance you can to any person with an urgent need for medical care".
However, in situations where obligations can be anticipated and met in advance, it is reasonable to expect that they will be addressed. Whereas a physician who encounters an emergency situation at the site of a car crash will act without concern for personal gain or motivation, a physician caring for the same patient in an emergency department will rightly expect the availability of proper equipment and personnel.
In order to ensure proper patient care and physician safety, and to ensure physicians are able to meet their professional obligations and standards, the reciprocal obligations outlined above should be addressed by the appropriate body or organization.
If patient and physician well-being is not optimized by clarifying the obligations of physicians and society prior to the next pandemic, in spite of available time and resources necessary to do so, there are many who would call into question the ethical duty of physicians to provide care. However, the CMA believes that, in the very best and most honourable traditions of the medical profession, its members will provide care and compassion to those in need. We call on governments and society to assist us in optimizing this care for all Canadians.
Principles concerning physician information (CMA policy – approved June 2002)
In an environment in which the capacity to capture, link and transmit information is growing and the need for fuller accountability is being created, the demand for physician information, and the number of people and organizations seeking to collect it, is increasing.
Physician information, that is, information that includes personal health information about and information that relates or may relate to the professional activity of an identifiable physician or group of physicians, is valuable for a variety of purposes. The legitimacy and importance of these purposes varies a great deal, and therefore the rationale and rules related to the collection, use, access and disclosure of physician information also varies. The Canadian Medical Association (CMA) developed this policy to provide guiding principles to those who collect, use, have access to or disclose physician information. Such people are termed “custodians,” and they should be held publicly accountable. These principles complement and act in concert with the CMA Health Information Privacy Code (1), which holds patient health information sacrosanct.
Physicians have legitimate interests in what information about them is collected, on what authority, by whom and for what purposes it is collected, and what safeguards and controls are in place. These interests include privacy and the right to exercise some control over the information; protection from the possibility that information will cause unwarranted harm, either at the individual or the group level; and assurance that interpretation of the information is accurate and unbiased. These legitimate interests extend to information about physicians that has been rendered in non-identifiable or aggregate format (e.g., to protect against the possibility of individual physicians being identified or of physician groups being unjustly stigmatized). Information in these formats, however, may be less sensitive than information from which an individual physician can be readily identified and, therefore, may warrant less protection.
The purposes for the use of physician information may be more or less compelling. One compelling use is related to the fact that physicians, as members of a self-regulating profession, are professionally accountable to their patients, their profession and society. Physicians support this professional accountability purpose through the legislated mandate of their regulatory colleges. Physicians also recognize the importance of peer review in the context of professional development and maintenance of competence.
The CMA supports the collection, use, access and disclosure of physician information subject to the conditions outlined below.
Purpose(s): The purpose(s) for the collection of physician information, and any other purpose(s) for which physician information may be subsequently used, accessed or disclosed, should be precisely specified at or before the collection. There should be a reasonable expectation that the information will achieve the stated purpose(s). The policy does not prevent the use of information for purposes that were not intended and not reasonably anticipated if principles 3 and 4 of this policy are met.
Consent: As a rule, information should be collected directly from the physician. Subject to principle 4, consent should be sought from the physician for the collection, use, access or disclosure of physician information. The physician should be informed about all intended and anticipated uses, accesses or disclosures of the information.
Conditions for collection, use, access and disclosure: The information should:
be limited to the minimum necessary to carry out the stated purpose(s),
be in the least intrusive format required for the stated purpose(s), and its collection, use, access and disclosure should not infringe on the physician’s duty of confidentiality with respect to that information.
Use of information without consent: There may be justification for the collection, use, access or disclosure of physician information without the physician’s consent if, in addition to the conditions in principle 3 being met, the custodian publicly demonstrates with respect to the purpose(s), generically construed, that:
the stated purpose(s) could not be met or would be seriously compromised if consent were required,
the stated purpose(s) is(are) of sufficient importance that the public interest outweighs to a substantial degree the physician’s right to privacy and right of consent in a free and democratic society, and
that the collection, use, access or disclosure of physician information with respect to the stated purpose(s) always ensures justice and fairness to the physician by being consistent with principle 6 of this policy.
Physician’s access to his or her own information: Physicians have a right to view and ensure, in a timely manner, the accuracy of the information collected about them. This principle does not apply if there is reason to believe that the disclosure to the physician will cause substantial adverse effect to others. The onus is on the custodian to justify a denial of access.
6. Information quality and interpretation: Custodians must take reasonable steps to ensure that the information they collect, use, gain access to or disclose is accurate, complete and correct. Custodians must use valid and reliable collection methods and, as appropriate, involve physicians to interpret the information; these physicians must have practice characteristics and credentials similar to those of the physician whose information is being interpreted.
7. Security: Physical and human safeguards must exist to ensure the integrity and reliability of physician information and to protect against unauthorized collection, use, access or disclosure of physician information.
8. Retention and destruction: Physician information should be retained only for the length of time necessary to fulfill the specified purpose(s), after which time it should be destroyed.
9. Inquiries and complaints: Custodians must have in place a process whereby inquiries and complaints can be received, processed and adjudicated in a fair and timely way. The complaint process, including how to initiate a complaint, must be made known to physicians.
10. Openness and transparency: Custodians must have transparent and explicit record-keeping or database management policies, practices and systems that are open to public scrutiny, including the purpose(s) for the collection, use, access and disclosure of physician information. The existence of any physician information record-keeping systems or database systems must be made known and available upon request to physicians.
11. Accountability: Custodians of physician information must ensure that they have proper authority and mandate to collect, use, gain access to or disclose physician information. Custodians must have policies and procedures in place that give effect to the principles in this document. Custodians must have a designated person who is responsible for monitoring practices and ensuring compliance with the policies and procedures.
(1) Canadian Medical Association. Health Information Privacy Code. CMAJ 1998;159(8):997-1016.
Patients have a right to privacy and physicians have a duty of confidentiality arising from the patient-physician relationship to protect patient privacy. The right to privacy flows from the principle of respect for patient autonomy, based on the individual's right to conduct and control their lives as they choose.1 When approaching any ethical question around privacy, the principle of respect for patient autonomy must be balanced against other competing principles (e.g. beneficence, non-maleficence).
The protection of privacy and the concomitant duty of confidentiality are essential to foster trust in the patient-physician-relationship, the delivery of good patient care and a positive patient care experience. Privacy protection is an important issue for Canadians,2 and research suggests that patients may withhold critical health information from their health care providers because of privacy concerns.3 Patients will be more willing to share complete and accurate information if they have a relationship of trust with their physician and are confident that their information will be protected.4
In today's ever-evolving technological environment and due to the shift away from the traditional (paternalistic) physician-patient relationship, patients, physicians and other public and private stakeholders are using and sharing personal health information in new and innovative ways. This raises new challenges for clinical practice and, crucially, how to navigate expanded uses of data via the use of new technologies and the requirements of patient privacy.
Institutions, clinics, and physician-group practices may share responsibility with the physician for the protection of patient information. There is thus a tension between physician and institutional responsibilities to protect patient information, challenged by the rapidly changing use and adoption of new technologies. While this will continue to redefine expectations of privacy and confidentiality, there are several foundational principles that remain unchanged.
SCOPE OF POLICY
The Canadian Medical Association (CMA) Principles for the Protection of Patients' Personal Health Information aim to provide guidance on key ethical considerations pertinent to the protection of patient information in a way that takes into account a physician's (including medical learner) ethical, professional, and legal obligations. The Principles are not designed to serve as a tool for legislative compliance in a particular jurisdiction or to provide a standard of care. Physicians should be aware of privacy legislation in the jurisdiction in which they practice, the standards and expectations specified by their respective regulatory authorities (including Privacy Commissioners), publications and risk management education provided by the CMPA as well as policies and procedures of any given setting (e.g., a regional health authority or a hospital).
SUBSTANTIVE PRINCIPLES THAT GUIDE THE OBLIGATIONS OF THE PHYSICIAN TO PROTECT PATIENT PRIVACY
* Trust is the cornerstone of the patient-physician relationship and plays a central role in providing the highest standard of care.
* Physicians and their patients build relationships of trust that enable open and honest dialogue and foster patients' willingness to share deeply personal information (often) in conditions of vulnerability.
* Physicians can cultivate and maintain patient trust by, unless the consent of the patient has been obtained to do otherwise, collecting health information only to benefit the patient, by sharing information only for that purpose, and by keeping patient information confidential; patient trust has been found to be the most powerful determinant of the level of control patients want over their medical records.5
* To maintain trust, physicians must consider the duty to care and the duty not to harm the patient in evaluating privacy requirements.
* The extent to which a patient expects (and may tolerate a loss of) privacy and confidentiality is culturally and individually relative.6
* Physicians owe a duty of confidentiality to their patients; there is both an ethical (respect for autonomy) and a legal basis imposed by privacy legislation) for this duty.
* The duty to maintain patient confidentiality, like trust, is fundamental to the therapeutic nature of the patient-physician relationship; it creates conditions that allow patients to openly and confidently share complete health information, resulting in a stronger physician-patient relationship and better delivery of care.7
* The duty to maintain patient confidentiality means that physicians do not share the health information with anyone outside of the patient's circle of care, unless authorized to do so by the patient.1,8 There are varying interpretations of what constitutes the patient's circle of care; this depends on the facts of the situation and the jurisdiction.9
* Privacy requirements raise complex issues in learning environments and quality improvement initiatives. It is desirable that any of the patient's physicians who will have ongoing care interactions with the patient can remain included in information-sharing about the patient.
* Shared electronic health records present challenges to confidentiality. For example, patients may wish to limit some aspects of their record to only some providers within their circle of care.10
* In practice, respecting privacy and the duty of confidentiality govern the physician's role as data steward, responsible for controlling the extent to which information about the person is protected, used or disclosed.11 A central rule to balancing a patient's right to privacy and the duty of confidentiality is the "minimum necessary" use and disclosure of personal health information, whereby a data steward should use or disclose only the minimum amount of information necessary to fulfil the intended purpose. In some circumstances, de-identifying or aggregating personal health information before use or disclosure can minimize the amount of information disclosed.12
* The duty to maintain patient confidentiality is not absolute and is subject to exceptions in limited circumstances,13 i.e., when required or permitted by law to disclose information (see below in Data Stewardship: Collection, use and disclosure of personal health information).
* Patient consent is an important mechanism for respecting patient autonomy; obtaining voluntary and informed consent to share patient information is fundamental to the protection of privacy and the duty of confidentiality.
* Physicians are generally required to obtain informed consent from the patient before they can disclose the patient's personal health information. Consent is only informed if there is disclosure of matters that a reasonable person in the same circumstances would want to know, including 1) to whom the patient information will be disclosed, 2) whether it could be disclosed to other third parties, and 3) the purpose for which it could be used or disclosed.
* While informed consent is required as a general rule, physicians may infer that they have the patient's implied consent to collect, use, disclose and access personal health information 1) for the purpose of providing or assisting in providing care (i.e., share only the necessary information with those involved within the patient's circle of care); and 2) to store personal health information in a medical record (i.e., paper, electronic, or hospital-based). Physicians will want to consider if it is appropriate in the circumstances to advise the patient when a disclosure has been made.
* When the patient is a minor, the physician must consider whether it is the parent or the child who determines the use and disclosure of the minor's personal health information. A young person who is deemed to understand fully the implications of a decision regarding proposed collection, use or disclosure of personal health information is generally deemed to have control over their personal health information with respect to the decision.
* Where the patient is not capable to provide the required consent (e.g. is deemed to be incompetent), physicians must seek consent from the patient's substitute decision-maker.
4. Physician as data steward
* As data stewards, physicians have the responsibility to understand their role in protecting patient privacy and appropriate access to patient information.
* The information contained in the medical record belongs to the patient who has a general right of access to their personal health information, and the right to control the use and further disclosure and to the continued confidentiality of that information.
* A data steward (e.g., physician, institution or clinic) holds the physical medical record in trust for the care and benefit of the patient.14
* Physicians should provide their patients access to their medical record, if requested.15 (See below in Data Stewardship: Access to personal information).
* Physicians ought to have appropriate access to personal health information and have the ability to provide their patients with access to their medical record. Appropriate access should be interpreted to include access for patient follow up (as part of the duty to care) and review for the purpose of improving patient care.
* Physicians should consider consulting available resources to assist them in fulfilling their duties as data stewards.
PROCEDURAL PRINCIPLES THAT GUIDE THE APPLICATION OF PHYSICIAN OBLIGATIONS
Physicians must manage personal health information in compliance with relevant legislation that establishes rules governing the access, collection, use, disclosure, and retention of personal health information, provincial privacy laws, and professional expectations and regulations specified by their respective regulatory authorities.
1. Data Stewardship: Access to personal information
* Patients have a right of reasonable access to the personal health information in their medical record (i.e., paper, electronic, or hospital-based) under the control or in the custody of a physician, institution, or clinic.
* In exceptional situations, physicians can refuse to release the information in the patient's medical record.
2. Data Stewardship: Collection, use and disclosure of personal health information
* There are circumstances where there are required (e.g., monitoring of claims for payment, subpoenas) and permitted disclosures of personal health information without patient consent (e.g., where the maintenance of confidentiality would result in a significant risk of substantial harm to the patient or to others).
* Security safeguards must be in place to protect personal health information in order to ensure that only authorized collection, use, disclosure or access occurs.
* Physicians play an important role in educating patients about possible consensual and non-consensual uses and disclosures that may be made with their personal health information, including secondary uses of data for, e.g., epidemiological studies, research, education, and quality assurance, that may or may not be used with explicit consent.
3. Data Stewardship: Retention of personal health information
* Personal health information should be retained for the period required by any applicable legislation and as specified by their respective regulatory authorities. It may be necessary to maintain personal health information beyond the applicable period where there is a pending or anticipated legal proceeding related to the care provided to the patient.
* Likewise, physicians should transfer and dispose of personal health information in compliance with any applicable legislation and professional expectations outlined by their respective regulatory authorities.
* Physicians are encouraged to seek technical assistance and advice on the secure transfer, disposal, and/or selling of electronic records.15
4. Data Stewardship: Use of technology
* Physicians should obtain patient consent to use electronic means and/or devices for patient care (e.g., sending digital photographs) and for communicating patient information (e.g., the use of email). To obtain informed consent, physicians should explain to patients that there are necessary benefits and risks in using technologies in clinical contexts. The CMPA has provided a written consent form to that effect that can be included in the patient's medical record.
* As a general practice, physicians are encouraged to make use of technological innovations and must evaluate whether the technology is appropriate for patient care and has reasonable safeguards to protect patient privacy.
Approved by the CMA Board of Directors December 2017
See also Background to CMA Policy Principles for the Protection of Patient Privacy
1 Martin JF. Privacy and confidentiality. In: ten Have H, Gordijn B (Eds). Handbook of global bioethics. New York: Springer, Dordrecht; 2014. p.119-37.
2 Office of the Privacy Commissioner of Canada. Canadians and privacy final report. Gatineau: Office of the Privacy Commissioner of Canada; 2009. Available: https://www.priv.gc.ca/information/por-rop/2009/ekos_2009_01_e.asp (accessed 2017 Nov 17).
3 Canadian Medical Protective Association (CMPA). Privacy and a wired world - Protecting patient health information. Ottawa: CMPA; 2011 Dec. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2011/privacy-and-a-wired-world-protecting-patient-health-information (accessed 2017 Nov 17).
4 Royal College of Physicians and Surgeons of Canada (RCPSC). Duty of confidentiality. Ottawa: RCPSC; 2017. Available: http://www.royalcollege.ca/rcsite/bioethics/cases/section-3/duty-confidentiality-e (accessed 2017 Dec 15).
5 Damschroder LJ, Pritts JL, Neblo MA, Kalarickal RJ, Creswell JW, Hayward RA. Patients, privacy and trust: patients' willingness to allow researchers to access their medical records. Soc Sci Med 2007;64:223-35.
6 Campbell JI, Eyal N, Musiimenta A, Haberer JE. Ethical questions in medical electronic adherence monitoring. J Gen Intern Med 2016;31:338-42. Available: https://link.springer.com/content/pdf/10.1007%2Fs11606-015-3502-4.pdf (accessed 2017 Nov 17).
7 Crook MA. The risks of absolute medical confidentiality. Sci Eng Ethics 2013;19:107-22.
8 Cohen I, Hoffman A, Sage W (Eds). The Oxford Handbook of U.S. Health Law. New York: Oxford University Press; 2015.
9 Canadian Medical Protective Association (CMPA). The voice of professionalism within the system of care. Ottawa: CMPA; 2012 Oct. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2012/the-voice-of-professionalism-within-the-system-of-care (accessed 2017 Nov 17).
10 Canadian Medical Protective Association (CMPA). Did you know? Patients can restrict access to their health information. Ottawa: CMPA; 2017 Nov. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2017/did-you-know-patients-can-restrict-access-to-their-health-information (accessed 2017 Nov 17).
11 Francis JG, Francis LP. Privacy, confidentiality, and justice. J Soc Philos 2014;45:408-31.
12 Burkle CM, Cascino GD. Medicine and the media: balancing the public's right to know with the privacy of the patient. Mayo Clin Proc 2011;86:1192-6.
13 Canadian Medical Protective Association (CMPA). When to disclose confidential information. Ottawa: CMPA; 2015 Mar. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2015/when-to-disclose-confidential-information (accessed 2017 Nov 17).
14 Canadian Medical Protective Association (CMPA). Releasing a patient's personal health information: What are the obligations of the physician? Ottawa: CMPA; 2012 Oct. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2012/releasing-a-patient-s-personal-health-information-what-are-the-obligations-of-the-physician (accessed 2017 Nov 17).
15 Canadian Medical Protective Association (CMPA). Protecting patient health information in electronic records. Ottawa: CMPA; 2013 Oct. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2013/protecting-patient-health-information-in-electronic-records (accessed 2017 Nov 17).
(c) 2017 Canadian Medical Association. You may, for your non-commercial use, reproduce, in whole or in part and in any form or manner, unlimited copies of CMA Policy Statements provided that credit is given to Canadian Medical Association.
BACKGROUND TO CMA POLICY
PRINCIPLES FOR THE PROTECTION OF PATIENT PRIVACY
See also CMA Policy on Principles for the Protection of Patient Privacy
The advent of Electronic Medical Records, the rapid spread of mobile health apps, and the increasing use of social media within the health care community, have each created new challenges to maintaining a duty of confidentiality within the physician-patient relationship. These technologies present both opportunities and challenges with respect to medical professionalism.1 The permeation of these types of interactions into everyday life now places physicians in new situations that some find difficult to navigate.2 These challenges will only increase in the coming years, as the use of online technologies in health care is continuously growing.3 Canada is only in the early stages of managing the emerging issues of technology-induced errors that compromise privacy in the health care setting.4 Therefore, this paper will briefly discuss the importance of protecting privacy, followed by an overview of the main challenges to maintaining privacy as the physician-patient relationship evolves at the backdrop of emerging technologies.
Privacy and Confidentiality
The overlapping, but not identical, principles of the protection of privacy and the duty of confidentiality are essential to the physician-patient relationship. These principles not only foster trust, but also the delivery of effective and lasting care. Rooted in the Hippocratic Oath, the modern-day right to privacy flows from the principle of autonomy, which attributes to individuals the right to conduct and control their lives as they choose.5 Privacy protection is an important issue to Canadians,6 with research suggesting that patients may even withhold critical health information because of privacy concerns.7 Health care professionals are bound by legal and ethical standards to maintain privacy and confidentiality of patient information.8 Physicians must therefore be aware of the implications of privacy legislation specific to their jurisdiction.7 The duty to protect patient privacy is important to uphold, as health information can potentially be identifiable and sensitive; the confidentiality of this information must therefore be protected to ensure that patient privacy is not breached. 9 While the traditional, and largely obsolete, models of the physician-patient relationship involve a unidirectional flow of information, the ease at which patients can now access medical information through the Internet, and the use of social media within the health care community, have reinterpreted how information is communicated from physician to patient, and vice versa.10 We must therefore re-define expectations of privacy and confidentiality, first by distinguishing one from the other.
The terms "privacy" and "confidentiality" are often used interchangeably by both researchers and clinicians. Several bioethics discussions on the distinction between these terms places confidentiality under the umbrella of privacy.11 While confidentiality involves the information itself, which is disclosed or not, privacy is about the impact of that disclosure on the person.9 Privacy seems to be more intimately linked to the individual, focusing on the circumstances under which the information is used.12-13 Confidentiality, on the other hand, is a duty that health professionals have towards their patients to not share the information exchanged during their encounter, unless authorized by the patient.5,12 In practice, the duty of confidentiality governs the physician's role as data stewards, responsible for controlling the extent to which information about the person is protected, used or disclosed.14 As one paper describes, "privacy is invaded, confidentiality is breached."13
From a patient perspective, it is important to respect and protect privacy because it allows individuals time and space to share their concerns without feeling judged or misunderstood,11 resulting in a stronger physician-patient relationship and better delivery of care. However, from a research perspective, a fine balance must be struck between using accurate information while still upholding the privacy rights of individuals.11 As such, the argument for absolute confidentiality puts a near impossible burden on research clinicians.11 Moreover, from a public safety perspective, a physician may be morally and legally required to break confidentiality in order to protect both the patient and others who may be involved. The challenge is to balance the traditional goal of confidentiality - to protect patient privacy and interest - with that of third parties and public health.5 Therefore, a central rule to balancing confidentiality with a patients' right to privacy is the "minimum necessary" use and disclosure of personal health information, whereby a data steward should use or disclose only the minimum amount of information necessary to fulfil the intended purpose.8 It is equally important to recognize that the extent to which a patient may tolerate a loss of privacy is culturally and individually relative.15 Health care providers have a legal and ethical obligation to keep patient health information private, sharing it only with the authorization of the patient.16 Informed consent, therefore, appears to be a fundamental requirement to upholding confidentiality and patient privacy rights.
While emerging privacy issues touch many areas of practice, this section will emphasize three of the most prominent issues in recent literature: access and use of information, electronic medical and health records and, online communication and social media.
1. Technological change and institutional data stewardship
In today's ever-evolving technological environment, including the emergence of shared electronic health records, online communication, social media, mobile applications, and big data, physicians, patients and other public and private stakeholders are using and sharing personal health information in new and innovative ways. The traditional (paternalistic) model of the physician-patient relationship involved a bidirectional flow of information. However, the ease at which patients can now access medical information from alternative sources via the Internet, and the use of social media within the health care community, has redefined how information is communicated from physician to patient, and vice versa.10 This raises new challenges for clinical practice, specifically how to navigate expanded access of data via the use of new technologies and the requirements of patient privacy by effectively managing security concerns.
In many situations, the physician may not be the sole or primary custodian of (i.e., control access to) the patient's records once the health information is collected. Institutions, clinics, and physician-group practices may also have responsibility for patient information and therefore play an important role in ensuring it is protected. There is thus a grey area between physician and institutional responsibilities to protect patient information, challenged by the rapidly changing use and adoption of new technologies, such as electronic health and medical records. While this will continue to redefine expectations of privacy and confidentiality, there are several foundational principles that remain unchanged.
2. Electronic medical and health records
Medical records are compiled primarily to assist physicians and other health care providers in treating patients.16 Yet, they are particularly vulnerable to privacy breaches when this information is exposed to secondary uses, including epidemiological studies, research, education and quality assurance. As contemporary information management and stewardship have had to evolve in response to emerging technology, the parameters of the "medical record" have grown increasingly ambiguous.17 With the proliferation of a wide variety of new health information technology (including electronic health and medical records), concerns about quality and safety have been raised.4 There is evidence that if such technology is not designed, implemented and maintained effectively, it may result in unintended consequences, including technology-induced errors and breaches of patient privacy.4 Reports involving Canada Health Infoway have even pointed to health information technology as a tool that may sometimes reduce rather than enhance patient safety, most often due to human factors. 4 As a result, recommendations have been made to develop a reporting system that would allow health professionals to anonymously report human errors resulting from the use of health information technology - a challenge in itself, as the distinction between human and technological error is often blurred.4 In Canada, a number of efforts have been undertaken by several organizations, including Health Canada and Canada's Health Informatics Organization.4 Yet, services aimed at improving health information technology safety, from a national level, remain poor.4 As a result, organizations like Canada Health Infoway have promoted the need for collaborative efforts to improve health information technology safety standards in Canada, 4 so to ensure that the current and future uses of "medical record" data are accurate and respectful of patient privacy.
3. Access and use of personal health information for research
The courts have long established that health information belongs to the patient.18 As a result, privacy ownership refers to the belief that patients own their private information as well as the right to control access to this information.19 As in other jurisdictions, the overarching challenge in Canada is to strike a balance between enabling access to health and health-related data for research while still respecting Canadians' right to privacy and control over the confidentiality of their information.20 The integrity of healthcare information is fundamental, given that it is the basis on which treatment decisions are made both in research and in clinic. 9 There are three principles upon which information security is based: 9 1) only authorized people have access to confidential information; 2) information must be accurate and consistent, may only be modified by authorized people in ways that are appropriate; 3) information must be accessible by authorized users when needed. Canadian research ethics have demonstrated that beneficial work can be done while maintaining confidentiality to sensitive personal health information.21 Yet, the challenge remains to create a uniform system for accessing data and performing data-based research due to 1) the lack of consistency and clarity in Canada's ethical and legal framework and, 2) varied interpretations of key terms and issues across the country.21 For example, the term "non-identifiable data" remains ambiguous across provinces and is subject to interpretation by data custodians, who may consider their legal duty to protect privacy as precluding access to data.21 This lack of legal clarity has contributed to varied cautious and conservative interpretations of data access legislation.21 National uniform guidelines on the appropriate access, disclosure and use of personal health data would allow data stewards to advance their research while respecting their patients' right to privacy.
4. Online communication with patients and social media
Social media and online communication is pervasive in Canadian society; from Facebook to Twitter, social media has changed the way people interact and disseminate information.21 There is currently widespread discussion among health care professionals and academics regarding the role that social media and online communication should play in the physician-patient relationship.22 A growing number of physicians have embraced the opportunities of interconnectivity that social media affords, implementing their own privacy procedures to reflect this new type of data collection, use and storage.7 While evidence has been lacking on whether the use of social media does improve patient outcomes,22 there is no denying that patients are seeking health care information from online platforms, including social media.22 This type of communication poses a unique set of opportunities and challenges for physicians: while the use of social media could increase physician reach and patient engagement, it can also blur boundaries between one's personal and professional life.22 Although patient-physician online communication is currently limited, physicians still feel that they are encountering an ethical dilemma, especially when they find themselves in boundary crossing situations, like a friend request from a patient.2 Physicians are particularly concerned that, through online communication, they may be exposed to medico-legal and disciplinary issues, especially with respect to patient privacy.2 Given different studies have suggested that unprofessional uses of social media are not uncommon,23 physicians who choose to communicate with patients online or through social media must remember that they are still governed by the same ethical and professional standards that remain paramount.22
As technology continues to evolve, so too will the traditional parameters of the patient-physician relationship. The physician's ethical and professional obligation to protect patient privacy, however, must remain paramount at the backdrop of technology use. Simply banning social media and online communication would neither eliminate risk, nor benefit patient care outcomes. 24 Instead, institutions should establish stringent policies that outline how to prevent or minimize the effects of privacy breaches associated with social media and online communication.25 This should also include a tracking mechanism to help balance the obligation to privacy with evolving technology.25
See also CMA Policy on Principles for the Protection of Patient Privacy
1 Farnan JM, Snyder Sulmasy L, Worster BK, Chaudhry HJ, Rhyne JA, Arora VM. Online medical professionalism: patient and public relationships: policy statement from the American College of Physicians and the Federation of State Medical Boards. Ann Intern Med 2013;158(8):620-627.
2 Brown J, Ryan C. How doctors view and use social media: a national survey. J Med Internet Res 2014;16:e267. Available: https://doi.org/10.2196/jmir.3589 (accessed 2017 Nov 17).
3 Lambert KM, Barry P, Stokes G. Risk management and legal issues with the use of social media in the healthcare setting. J Healthc Risk Manag 2012;31(4):41-47.
4 Kushniruk AW, Bates DW, Bainbridge M, Househ MS, Borycki EM. National efforts to improve health information system safety in Canada, the United States of America and England. Int J Med Inform 2013;82(5):e149-160.
5 Martin JF. Privacy and confidentiality. In: ten Have H, Gordijn B (Eds). Handbook of global bioethics. New York: Springer, Dordrecht; 2014. p.120-1.
6 Office of the Privacy Commissioner of Canada. Canadians and privacy final report. Gatineau: Office of the Privacy Commissioner of Canada; 2009. Available: https://www.priv.gc.ca/information/por-rop/2009/ekos_2009_01_e.asp (accessed 2017 Nov 17).
7 Canadian Medical Protective Association (CMPA). Privacy and a wired world - Protecting patient health information. Ottawa: CMPA; 2011 Dec. Available: https://www.cmpa-acpm.ca/en/advice-publications/browse-articles/2011/privacy-and-a-wired-world-protecting-patient-health-information (accessed 2017 Nov 17).
8 Burkle CM, Cascino GD. Medicine and the media: balancing the public's right to know with the privacy of the patient. Mayo Clin Proc 2011;86:1192-6.
9 Williams PA. Information security governance: a risk assessment approach to health information systems protection. Stud Health Techol Inform 2013;193:186-206.
10 Borza LR, Gavrilovici C, Stockman R. Ethical models of physician-patient relationship revisited with regard to patient autonomy, values and patient education. Rev Med Chir Soc Med Nat Iasi 2015;119(2):496-501.
11 Crook MA. The risks of absolute medical confidentiality. Sci Eng Ethics 2013;19(1):107-122.
12 Cohen I, Hoffman A, Sage W (Eds). The Oxford handbook of U.S. health law. New York: Oxford University Press; 2015.
13 Francis L. Privacy and confidentiality: the importance of context. The Monist; 91(1);2008:52-67.
14 Francis JG, Francis LP. Privacy, confidentiality, and justice. J Soc Philos 2014;45:408-31.
15 Campbell JI, Eyal N, Musiimenta A, Haberer JE. Ethical questions in medical electronic adherence monitoring. J Gen Intern Med 2016;31:338-42. Available: https://link.springer.com/content/pdf/10.1007%2Fs11606-015-3502-4.pdf (accessed 2017 Nov 17).
16 Canadian Medical Association (CMA). Medical record confidentiality, access and disclosure. Ottawa: CMA; 2000. Available: https://www.cma.ca/Assets/assets-library/document/en/advocacy/policy-research/CMA_Policy_The_medical_record_confidentiality_access_and_disclosure_Update_2000_PD00-06-e.pdf (accessed 2017 Oct 30).
17 Fenton SH, Manion F, Hsieh K, Harris M. Informed Consent: Does anyone really understand what is contained in the medical record? Appl Clin Inform 2015;6(3):466-477.
18 Canada. Supreme Court. McInerney v MacDonald. Dom Law Rep. 1992 Jun 11;93:415-31.
19 Petronio S, Dicorcia MJ, Duggan A. Navigating ethics of physician-patient confidentiality: a communication privacy management analysis. Perm J 2012;16(4):41-45.
20 Council of Canadian Academies (CCA). Accessing health and health-related data in Canada. Ottawa: The Expert Panel on Timely Access to Health and Social Data for Health Research and Health System Innovation, Council of Canadian Academies; 2015. Available: http://www.scienceadvice.ca/uploads/eng/assessments%20and%20publications%20and%20news%20releases/Health-data/HealthDataFullReportEn.pdf (accessed 2017 Nov 17).
21 Canadian Medical Association (CMA). Social media and Canadian physician: Issues and rules of engagement. Ottawa: CMA; 2011. Available: https://www.cma.ca/Assets/assets-library/document/en/advocacy/CMA_Policy_Social_Media_Canadian_Physicians_Rules_Engagement_PD12-03-e.pdf (accessed 2017 Oct 30).
22 Eysenbach G. Medicine 2.0: Social networking, collaboration, participation, apomediation, and openness
J Med Internet Res 2008;10(3):e22.
23 Mayer MA, Leis A, Mayer A, Rodriguez-Gonzalez A. How medical doctors and students should use social media: A review of the main guidelines for proposing practical recommendations. Stud Health Technol Info 2012;180:853-857.
24 Moses RE, McNeese LG, Feld LD, Feld AD. Social media in the health-care setting: Benefits but also a minefield of compliance and other legal issues. Am J Gastroenterol 2014;109(8):1128-1132.
25 Yang YT, Silverman RD. Mobile health applications: The patchwork of legal and liability issues suggests strategies to improve oversight. Health Aff (Millwood) 2014;33(2):222-227.