In a previous article, I presented some of the reasons why doctors and patients would both benefit from more widespread use of email, along with some of the problems inherent in doing so. This week I will cover some steps that doctors and patients can take to ensure safety and minimize the risk of miscommunication when corresponding via email.
What's Being Done? Some brief guidelines from the American Medical Association and a more detailed analysis by the Massachusetts Health Data Consortium have begun to address some of the issues inherent in doctor-patient email communication. By understanding and following these guidelines, physicians and patients can use email effectively while appreciating some of its limitations.
In addition, Federal regulations known as HIPAA (the Health Information Portability and Accessibility Act) will likely put significant constraints on medical use of email in the near future. HIPAA will probably require patients to sign a written agreement to waive confidentiality before a physician can communicate any part of a patient's record by electronic means without using strong encryption. Although the new attention to privacy is welcome, the regulations could also become a barrier to using email to improve patient-doctor and doctor-doctor communications, while making it far easier for institutions like insurers, government agencies, and employers to access and share the same data.
Personal Encryption -- One solution to email privacy issues is personal encryption. PGP (Pretty Good Privacy) is a venerable suite of public-key programs which can secure email communications channels. It is available free of charge for personal use on Mac OS 8 and 9, various flavors of Windows, and Unix/Linux platforms; commercial versions are offered by Network Associates. Freeware open-source versions are also available. PGP distributions are limited to the United States and Canada because of restrictions on the export of strong cryptography. There is an international version, PGPi, distributed outside the U.S., as well as a fully compatible Gnu public licensed counterpart, Gnu Privacy Guard (GPG or GnuPG) that has been ported to Mac OS X.
The problem with PGP is that it requires both the sender and recipient to install and comprehend PGP or compatible software, generate keys, and reliably distribute their public keys. Key management and distribution can be a pain. Though recent versions of PGP have come a long way in improving their usability (and are well integrated with a number of modern email clients), PGP is still a long way from being user friendly. Two of my patients have actually gone to the trouble to install it and use it, but they are a distinct minority.
The Guerilla Factor -- While institutions drag their administrative feet getting patient care systems running, and government agencies struggle to create byzantine regulations, the Internet, as usual, surges ahead. Instead of fostering instant communication of private personal information between insurers and institutions, the Internet just might make it possible for patients and their physicians to take back ownership of their personal information.
Regular TidBITS readers might recall I was bitten by the server bug a couple of years ago, and set up my own corner of the Internet using a broken PowerBook 5300cs. One of the advantages I saw at the time was that, by hosting my own server, I could at least ensure that email sent to me by patients didn't sit on a commercial server until I picked it up.
I have since recycled a number of old Macs, and my junkyard server farm has grown to six machines. Although most run the Mac OS, I decided that security and privacy issues with medical communication could only effectively be handled using Secure Sockets Layer (SSL), the technology behind secure Web commerce sites. I am on an impossibly tight budget, and there are no free or low-cost SSL servers for the Mac OS (although that is changing with the release of Mac OS X, it requires an expensive machine). So I loaded LinuxPPC on an old Power Mac 7200 and installed Apache-SSL (a process that, despite my experience as a Unix system administrator in the 1980s, revived my respect for the ease-of-use of the Mac OS). I had to fork over $125 to Thawte for a secure server certificate (more than the cost of a complete 7200 from TidBITS sponsor Small Dog Electronics!), but the Guerilla Physician Project now has a secure server.
What is the Guerilla Physician Project doing? Confidentiality is extremely important in the treatment of Huntington's Disease, an inherited genetic disorder, as it is possible to test as genetically positive yet have no symptoms. Someone who might not develop any problems for decades will nonetheless find themselves unemployable and uninsurable, yet testing can be valuable both in helping patients plan their futures and in preparing for early intervention when problems develop. I have set up an electronic communications network for the Huntington's Disease treatment team here. Since the team is a multidisciplinary group involving state and county agencies as well as the university, it would have taken years to get all their IS people together to design and approve a system for secure communication.
Instead, I was able to bring the system online in a few weeks using the Guerilla Physician server, along with open source bulletin board and chat software, and a lot of sweat equity - but with no budget requirements whatsoever. Users of the system need nothing more than an SSL-equipped Web browser, which means they don't have to load any special software onto machines whose program suites are often tightly controlled. Unlike commercial or corporate systems, the data is never in the hands of anyone who is not a licensed health care provider on the treatment team.
The Guerilla Physician is expanding, with new projects to help integrate mental health care in the diverse reaches of rural California. I am also coding a Web-based email system that will enable patients and physicians to communicate using PGP encryption without going through the difficult and sometimes tricky process of installing and using PGP on their own computers. Once this is in place, the potential for a truly private and secure distributed electronic medical record - shared only between patients and their physicians, will be a step closer to reality.
The Future -- The recent release of Mac OS X and the proliferation of broadband Net access might well lower the threshold enough that more doctors will be able to host services like the Guerilla Physician. Medicine is an odd pursuit, in that it can combine the most intimate of personal interactions with some of the world's largest and most impersonal institutions. My hope is that the distributed power of the Internet will be used to restore privacy instead of compromising it.
[Ron Risley is a family doctor, psychiatrist, former communications engineer, and inveterate hacker plying his trades in Sacramento, California.]