Representation of e-mail and social media exchanges
This page documents an Open MnM Hot Topic, i.e. a methodology issue requiring a resolution from Modeling and Methodology.
Contents
Introduction
In recent discussions, the idea has arisen that e-mail, but also Facebook or Twitter posts/chats are becoming increasingly interesting as a source of secondary clinical information. This could include patient-provider communication (usually in addition to face-to-face or telephone encounters), but also contact person-provider communication (e.g. when it comes to family members asking questions on behalf of juvenile or elderly patients), provider-provider communication (professional consultations) and even patient-patient communication (groups for sharing patient experiences).
We believe there should be a standardized way to model this type of exchange, most likely as an Act with classCode INFRM, with the source and destination of the exchange marked as participants. The next question then becomes how you identify these participants. An obvious way would be to simply identify them via their e-mail, Twitter or Facebook accounts (whichever applies). This would make an application interface (plug-in) between the messaging/social media application and the clinical application quite simple (although privacy and security would certainly be a major concern). Of course these can be treated as telecom addresses, but the question then arises whether social media (Twitter, Facebook, etc). are covered by RFC 1738? Alternatively, we could treat this as true IDs, in which case there needs to be an OID (preferably universally used) for e-mail accounts (separate OID for each provider?) and for the major social media… Has this ever been discussed in HL7?
By the way, I think there is a very real marketing opportunity here too. There is reality where social media are increasingly used (whether appropriate or not) for the abovementioned type of communication. Some of that information exchange is certainly relevant for inclusion in a patient’s EHR (and/or PHR). I think Facebook and Twitter might be seriously interested in investigating their role in the healthcare arena. Before you know it, we could have them join our ranks as active participants (and benefactors ;-) in HL7 development. HL7 cannot direct which media are used for healthcare exchange, but it should certainly support any media that are used in practice. In this case, we see media that were not intended for healthcare use per se, becoming more and more important as an exchange mechanism. The boundary between healthcare and social media is becoming flexible and we should be prepared for that.
Security issues
Peter Hendler:
There is a huge problem with this and patient privacy. There is no way we (USA) would ever be able to discuss any clinical information with patients on non secure social media. Not even for them to tell us about head ache or for us to tell them to take an aspirin. No Personal Health Information (PHI) ever over any non secured channel.
Maybe in other countries it would be allowed but we are not allowed to use any non secured system for any PHI what so ever, and the fines are $250,000 for every single breach.
Tom de Jong:
Well, first of all, I’m not suggesting that Twitter or Facebook make for a safe communications channel to exchange clinical information. But fact is that in many countries there are experiments (sometimes controlled by authorities, but usually spontaneous) to give electronic communications a place in the dialogue between patients and providers. The most common example are doctors that allow patients to ask them questions via e-mail (in Holland this is perfectly allowed, even when the e-mail is not sent over a secure channel). But we also have a use case where a nursing home allows family members to communicate with staff via social media. That’s information that could very well be relevant for the patient’s record.
It’s hard to predict what these experiments will lead to, but the fact that a channel is deemed unsafe has rarely stopped developments in the past. That’s what people said of the phone 100 years ago. If it’s convenient, I’m sure it will be used. The challenge is then to make the channel safer.
Klaus Veil:
I agree with Tom - I think there is no suggestion to use Social Media for official exchanges of Personal Health Information (PHI). Other countries also have patient privacy legislation and penalties ...
However, there is a growing use of Social Media for access and authorisation (eg OAuth for accessing the Blue Button: http://motorcycleguy.blogspot.com.au/2012/09/abbi-security.html, OpenID, etc.) which we cannot ignore.
Also, end users are increasingly using their Social Media worlds to communicate what they wish to share, often on a one-to-one basis. I see many people now use Twitter Direct Messaging and Facebook Messages (which even support attachments) instead of e-mail and SMS/Texts. So if we are OK with people communicating one-to-one via e-mail/SMS/Texts, we need to be prepared for the same one-to-one communication via Twitter's and Facebook's e-mail equivalents.
So Tom has given a good heads-up for HL7 to look at new communications channels that are already being quite widely used and I agree that we need to seriously look at this.
Peter Hendler:
Your probably right, and it will be developed in other countries (then the USA) but we could be prosecuted for making PHI breachable. We can't email our patients at all. We have secure portal using HTTPS. Our patients leave us questions, and we leave them answers. The regular email is involved to the extent that the patient will receive and email limited to the information, "you have a message". Then they log into the secure portal. Unsecured Email, Twitter or anything is strictly prohibited from containing any medical information.
I suppose we could use Twitter to send the message "you have a message" and then they'd have to log in securely to the https portal.
Tom de Jong:
To all the people who replied that it was very dangerous, or even illegal, to use social media to exchange healthcare information: I never intended to promote usage of social media for that purpose, I just wanted us to be aware that it happens and to be prepared for dealing with it. Moreover, although all the attention focussed on social media, what I wrote was just as much applicable to an ‘old-fashioned’ e-mail exchange. I assure you the use case for including threads/chats in the EHR is very real, or just around the corner, in the Netherlands and elsewhere.
Klaus Veil:
HL7 definitely has an opportunity (and I believe the obligation) to provide the standards for capturing any person-relevant data exchanges no matter how they are communicated. I believe that the issues of privacy and security should be left to the realms and organisations policies as well as the lower layers of the communications stack...
How to model e-mail and social media exchanges
Question: What would be the ‘standard’ way of modelling this type of thread/chat between healthcare parties, say as part of a patient record transfer?
How to identify the authors in the exchange
Question: How do you identify the participants in such an exchange? Grahame pointed at http://www.iana.org/assignments/uri-schemes.html for URI schemes. That would work if the participants are ‘identified’ by their telecom address. The other option would be to assign OIDs to internet service providers (for e-mail) or social networks, and then using the combination of the OID and the account name as a unique identifier.
Grahame Grieve:
well, can you identify people this way? An unidentified person, with a name and a telecom address?
the alternative is to extend II to allow a URI in the root....
Twitter-address in http is: http://twitter.com/@GrahameGrieve
Registry for URI schemes: http://www.iana.org/assignments/uri-schemes.html. This is not authoritative.
External sources with example use cases
http://healthcaremadesimple.ca/
http://well.blogs.nytimes.com/2012/10/08/texting-the-teenage-patient/
