Patient Consent AJGP Article

Secondary use of general practice data: Obtaining patient consent

Over the years, healthcare has seen a shift from paper-based health records to digitised health information. This has led to an aggregation and collation of patient data, creating both possibilities and challenges for the healthcare system in Australia.  

Protecting patient rights 

Healthcare researchers, policymakers and providers can all agree that digitising general practice health information has created new analytical possibilities for them like: 

  • Creation of proactive preventive interventions 
  • Helping quality improvement initiatives
  • Identifying at-risk populations 
  • Promoting efficiencies in care delivery 
  • Generating proactive preventive interventions 

Of course, to reach these potential possibilities, patients need to provide the right to use their data for secondary purposes at a general practice level. As the healthcare system must address current challenges including caring for an ageing population and managing chronic diseases, compiling this valuable data is going to be increasingly important.  

In order to increase the chances of patients consenting to the secondary use of their general practice data, they must first be educated on their rights, the use for their data and its privacy.  

When registering, patients need to be informed that their de-identified data may be used for secondary purposes. It is important to convey to patients that general practices have the responsibility of protecting their data and ensuring it is always accessed and used in a secure manner.  

Patient consent for data use

Obtaining patient consent will require implementing policies and procedures for managing data access requests. It is important that these be supported by clinical information systems (CIS) and include functionalities that permit the removal of patient data for non-consenting patients.  

Utilising technology that can identify what data is permitted to be used and which cannot will play an important role in ensuring data remains secure and patient rights are respected. To do so, the CIS will need to: 

  • Identify consensual patient data 
  • Allow for permitted data extraction 
  • Ensure protection of data used 

The Hello Health platform enables general practices to denote a patient’s secondary data use and the level of that use. This is coupled with its application program interface preventing the use or extraction of this data in the case of a non-consenting patient. This flag will honour their choice and will not share the private data with third-party applications.  

More and more negative headlines are currently hitting the media concerning healthcare data privacy leaks and patient data being used without consent. This makes it increasingly important to ensure the technology you use can protect your patient’s data and prevent further horror stories.