With the increased sophistication of implantable medical devices, an interesting area of health care law is likely to be tested: who holds and is responsible for your health care data?
This issue came to light recently as we have struggled to integrate electronic information downloaded from pacemakers and defibrillators into the patient’s medical record. As I have discussed before, the Center for Medicare and Medicaid Services has agreed to reimburse physicians for the evaluation of data from pacemaker and defibrillator interrogations. But the patient uploads their information to a “server” owned by a company (usually the manufacturer of that device or their designated company). The server then compiles the information for the physician to review. Easy enough.
But CMS requires the graphical information be preserved from the EKG portion of the interrogation to verify billing. As such, this graphical information does not easily transport from one computer system to another. So it stays on the company’s server.
But sometimes we might need that data later, especially in the case of a medical malpractice claim or to verify a bill. Years later, could we get this interrogation data? Perhaps, if we had stored an electronic or paper copy of the original interrogation locally and saved it on our server. But more and more, it seems the medical device companies will also have this data as backup. So I ask, who is responsible for protecting your medical data?
I believe this issue will become more and more common as the era of the electronic medical record takes hold. Your Electronic Medical Record (EMR) will soon be housed in more than one location - a distributed electronic medical record, if you will. But the issues of responsibility for that data, especially in terms of potential liability claims, will remain murky.
Sounds like the old “file-sharing” system like that of the original Napster music sharing web-site – a modified “peer-to-peer” model of the Electronic Medical Record, eh? But will the individual patient be like the Music Industry executives and prevent our “copyrighted” (well, at least private) sensitive medical information to be similarly restricted in its distribution?
I doubt it. The era of EMR “file-sharing” has arrived.