Trust in Healthcare: The Key to Our Future Technology Ecosystem

Gus Malezis
Feb 26, 2018

Next week, healthcare IT leaders will gather at the HIMSS18 Conference and Exhibition (March 5-9 in Las Vegas), the industry's largest health information and technology conference. Among the many pressing issues of the day, one theme will likely receive particular attention from healthcare IT leaders: trust. More specifically, establishing and maintaining trust in the ever-expanding healthcare technology ecosystem.

What exactly do we mean by “trust”? Think about it this way: imagine our world in five years, or even 10 years from now. What does that look like, in terms of healthcare IT, and our patient interaction and information records? For starters, we will, or should, have a system based on a highly inclusive, highly trusted, and longitudinally complete patient health information record (PHR). This PHR should be of high trust and high confidence, and be available anytime, anyplace, and from anywhere. It will be inclusive of all interactions a patient has had, across a complete timeline and across all relevant service networks and points of care delivery. It’s complete, it’s readily available – in real time, from any location – it’s…trusted.

Compare that with present state, in which we lack a trusted – or even consistent – identity, and we lack the convenient and easy access to PHRs that are dispersed across varying service networks, points of care, and across time. The scenario that comes to mind is that of a young child in need of some non-trivial care treatment – let’s say for asthma. Perhaps during a first visit, a GP carries out a preliminary examination followed by a set of base tests, including bloodwork. As the GP centers in on the diagnosis, the GP, or the parent – or both – may proceed to a specialist for further assessment and validation. Here the specialist will proceed with a ground-up assessment, repeating many of the steps taken previously by the GP, and then extending into a more intensive part of the process.

The parent, and likely the child, would observe the duplicity in the process; a time-consuming, expensive and frustrating exercise, but given lack of trust, a very necessary aspect. In cases involving an incomplete or uncertain diagnosis, this process may be repeated a third and perhaps even fourth time – further exacerbating the elements of time, expense, and frustration. Trust has a significant role to play in resolving this circular and expensive process, and in leading promptly to a more accurate diagnosis, treatment, and resolution.

What do we need in order to achieve that level of trust? It starts with data integrity. When we look at an EHR, a patient chart, or any other PHR data source, we must trust that the data provided is accurate and undisturbed – that it refers to the right person, and that the data has observed a defined and clear chain of custody that ensures its integrity. That way, trust is preserved at the next levels of patient care. This includes the systems that support data integrity, such as security and compliance.

In a simpler example, let’s say you send me an email. How do I know that it actually came from you? How do I trust the email and its content? Except for the email address (a non-validated data structure), it’s not validated or certified. Does it truly represent you as a person? We simply trust that the infrastructure in the middle is there to ensure that the data – the email – gets from you to me untampered. For EHRs, we must have a similar level of trust in the chain of custody to rely on the integrity of where data originates.

Imprivata Confirm ID is one of the technologies that takes an end-to-end approach in building trust, and the chain of custody, starting with identity-proofing the relevant clinician who is issuing prescriptions. Identity-proofing validates that the clinician has the authority and the credentials to support that prescription – then it triggers a system to log movement of that e-prescription. The key is that the software tracks all of those pieces – it provides proof that the chain of custody has not been broken.

That is strong example of what we need across healthcare IT – a secure, compliant, and efficient design that ensures identity and data integrity across the chain of custody.

A trusted EHR or PHR data set ensures identity and data, so clinicians don’t have to re-check information – a big efficiency improvement over current protocols that involve multiple extra/repeat tests because clinicians don’t trust the records they’re referencing. The lack of trust forces them to re-do tests – duplicative efforts that slow down and add cost to the system. We must eliminate such overlap.

This need typifies every aspect of healthcare delivery. With mobility now the norm, we must extend health records to every portable device, giving practitioners access to data wherever they are. We are constantly expanding the reach of healthcare tech systems to areas where it hasn’t been developed before. Roving nurses now have technology at their fingertips – they can access PHI from anywhere, not just on a laptop or desktop. The functionality of mobility and access is now available to healthcare practitioners, and the technology has matured sufficiently that we can use it on the delivery floor.

But we must trust it.

Right now, patient care is expanding beyond the four walls of the hospital, with a growing slate of providers contributing to the delivery of care, and endpoints extending beyond the enterprise. The healthcare world has become decentralized, and we need new security and workflow efficiency solutions. The only way we can succeed in this new world is by establishing trust across networks – people, technology, and information.