Simpson, Roy L. RN, C, CCMA, FNAP, FAAN
WHEN it comes to patient care, “to do or not to do” is the ethical dilemma nurses face. When it comes to information technology, to know or not to know—that is the question. Nurses enter the profession expecting to face questions of ethics and morality at the point of care—not at the point of a computer screen. But in today's cyberworld, the vast, valuable, and accessible information about patients, their diagnosis, and their treatment poses important questions for nurses about ethics, integrity, and trust.
PRIVACY VERSUS TECHNOLOGY: A PROFESSIONAL BALANCING ACT
The sacred right of patient confidentiality and privacy is a fundamental value as old as the profession itself. The Health Insurance Portability and Accountability Act of 1996 (HIPPA) only underscored it. And while HIPPA may guide us legally on patient privacy, what are the moral implications of managing information, the key element of patient privacy? As the first point of patient contact, nurses have a critical role in shaping information ethics—information technology (IT) provides the means to do so.
Nursing's challenge is Western society's challenge: the inevitable collision of individual privacy and technological advancement. Nearly 60 years ago, Orwell warned us about Big Brother. Today, cyberethicists warn us that “personal information in the hands of third parties can do harm,” which “raises ethical questions on at least two grounds”1:
1. The consequentialist approach that holds that no use of information is morally justifiable if it causes more harm to individuals than good.
2. The deontological philosophy that says that no use of information is morally justifiable if it causes any avoidable harm whatsoever.1
Information most certainly has moral implications in healthcare. Indeed, we must manage a daily equation:
* Patient information + Inappropriate Disclosure → Breach of confidentiality
* Patient information + Inaccurate/ Incomplete Data → Possible medical error or comprised patient safety
Florence Nightingale set the standard with her directive that a hospital's first requirement is to do the sick no harm. Since information can either create or prevent harm, nurses are ethically bound to manage it. And that is where things can get murky.
Ethics, of course, are not as clearcut as regulations or laws. Regulations tell us how to behave and what we can expect if we do not. Ethics, on the other hand, guide behavior with moral and conceptual beliefs. A code of ethics does set expectations and a standard for a profession, but it is open to interpretation.2
The American Nurses Association's (ANA's) Code of Ethics is nursing's ethical barometer. Already familiar to us, closer inspection shows that many provisions address or depend heavily on information management and mastery (Table 1).3
HOW INFORMATION TECHNOLOGY SUPPORTS THE CODE
Information technology delivers practice-changing information; it should also help nurses adhere to the highest ethical practice standards. Here's how:
* Confidentiality: Although more secure than paper, electronic medical records are problematic because they can be widely dispersed. The financial service industry has already grappled with major customer privacy violations and leaks, while analysts and consumers alike question both responsibility and liability. As technology enables us to collect and digitize personal data and society and the industry become more and more networked, information's availability becomes almost ubiquitous, its flow potentially unlimited.1Enter HIPPA, aided by advanced IT security. HIPAA says, “electronic transfer of information should be secure and remain confidential.”4 And IT is what makes such patient confidentiality possible with software that encrypts health data, validates who sends/receives it, and authorizes access to it to ensure the right access to the right data by the right people.5Biometrics, which identifies people by biological characteristics, is no longer the stuff of spy tales and futuristic movies. The technology that many colleges use to provide security in campus dormitories is now at use in some fashion in most US hospitals. Biometrics eases HIPAA's “tiered access” requirements, which specify that employees may have access to only that patient information that they need to do their job; eliminates lengthy login and logout procedures; and safeguards data integrity.
* Patient Safety: Inadequate and incorrect information is a major and constant threat to patient safety. Information technology can provide the right information, at the right time, in the right amounts. Its impact on patient safety grows and changes almost daily, encompassing such practice innovations as the following:
- Point-of-care bar coding and other patient identifiers.
- Decision support and alert systems that warn of adverse events—drug interactions, inappropriate doses, and potential side effects—before they happen.
- Point-of-care technologies that allow nurses to document interventions at the bedside, saving time and reducing errors.
- Computerized physician order entry, which replaces easily misinterpreted written orders.6
* Quality and Accountability: Any discussion of quality and accountability stalls at the issue of whether we are further defining the profession or just tracking nurses. There is no question that nursing is a profession. Among other measurements, it meets all 9 benchmarks: a required educational background, adherence to a code of ethics, participation in professional organizations, continued education, knowledge transfer, knowledge sharing, self-regulation, the performance of community service, and the development and application of theory and continuing research.7 It is a slam-dunk. But knowing that we meet the requirements of a profession does not mean our work is done.The development of the Nursing Intervention Classification (NIC) is yet another way IT can advance the profession. NIC, depicting the range of activities nurses carry out daily, strives to make nursing work more visible, and thereby many argue, more valuable.8 Information architects Geoffrey Bowker and Susan Star reviewed the work of a group of nursing scientists developing NIC and found a “tightrope between increased visibility and increased surveillance; between overspecifying what a nurse should do and taking away discretion from the individual practitioner.”9 Sometimes, the devil is in the level of detail. The right IT systems can free nurses from that devil. NIC gives hospital information systems, accounting information systems, and other integrated healthcare information systems a way to describe nursing's valuable contribution.8Error reporting, when used as an instructive and preventive tool, also improves nursing quality and accountability. Twenty-two states now have medical error reporting laws, primarily voluntary. Six have established patient safety centers. National legislation, which could establish a national medical error reporting database, is still high on the healthcare legislative agenda.10
* Competence/Continuing Education: The need for continued education is inherent in the profession. Nurses who stay abreast of their profession and their specialty provide the best care. Today, continued learning can be a daily occurrence, both within and outside the clinical setting. At the point of care, technology alerts both increase patient safety and provide instantaneous, on-the-job learning for nurses. The continued and necessary implementation of evidence-based nursing can bring every nurse the very latest research and protocols available. Most nursing leaders agree the adoption of evidence-based nursing is critical to the profession. Yet, brace yourself, more than half (53%) of US nurses in a recent study reported that they had never identified a researchable problem and almost half were unfamiliar with the term evidence-based practice.11 Over 40% had not glanced at a single professional journal in the last 18 months.7Outside the workplace, the Excelsior College model, the nation's first virtual university, provides quality, accredited online education for nurses. Emphasizing that what we learn is more important than where we learn it, Excelsior has now been teaching nurses for more than a quarter of a century. One key to the Excelsior model is that it provides a viable way to elevate the base education level of nurses by providing credit for prior healthcare knowledge and experience. Students can “roll up,” from practice to an advanced diploma in nursing science, from associate degree to bachelor degrees in nursing, from RNs to MSNs.7 Long-distance learning, made viable by IT, leads a clear path to the goal of establishing the baccalaureate as the degree of entry for the profession.
* Contribution to Practice: Best practice is the best way to practice. As frontline caregivers, nurses must develop, disseminate, and apply best practice. In short, we are responsible for both the care of our patients and the care of our practice. IT-enabled tools like long-distance learning and evidence-based nursing make our contribution to practice imminently possible and more efficient than ever before.
* Informing the Public: Every healthcare provider has come to expect—even dread—the patient who arrives clutching the latest information found online. Of course, patients can access many of the same resources and wealth of information nurses do. Cyberethicists question the reliability of some medical information Web sites and highlight the importance of independent authenticators. At issue again is the ethical question of information doing harm, intentional or otherwise.1 This June, Consumer Reports announced the launch of WebWatch, a rating service for the 20 most popular health Web sites.12 Hosted in partnership with the nonprofit Health Improvement Institute, WebWatch evaluates sites' credibility, privacy policies, ease of use, design, and advertising sponsorship.
* Patients' Rights: Initiatives like the Patient's Bill of Rights, various forms of which have been adopted by most states, reaffirm the healthcare industry's and its practitioners' ultimate responsibility to patients. For example, most states' bills require hospitals to ask admitting patients if they have a living will, healthcare proxy, or durable power of attorney for healthcare. With IT and electronic patient records, this advance directive information can be carefully documented and stored in a patient's electronic record, where caregivers can access and carry it out in life-threatening situations.
HOW SHOULD ETHICS SHAPE INFORMATION TECHNOLOGY?
It is clear that IT can help nurses adhere to the ANA's professional code of ethics. But how should these same ethical concerns guide the development and design of healthcare IT systems?
When it comes to the surrender and management of personal healthcare information, ethicists define the relationship as a social contract with each side bearing specific responsibilities. The first party, the patient, reveals information about his or her physical, biological, and medical status to the second party, a healthcare decision structure (nurse, doctor, hospital). The first party does so to achieve a personal goal—care, treatment, recovery—that he or she believes to be, at the moment, more important than privacy. In the giving of the information, it is assumed the patient is operating under informed consent and is authorizing the second party, the decision structure, to make decisions and take action on the patient's behalf.1
The decision structure also has certain responsibilities. Acting as a fiduciary, the second party is pledging
* not to use the information for a different use than intended,
* not to make the information available to any unauthorized third party,
* not to collect the information secretly,
* to provide a way for the first party to know how the information is collected and used, and
* to provide a way for the first party to correct or amend the information.1
Sound familiar? This social contract follows not only the principles of the Fair Information Practice Act adopted in 1973 by the U.S. Department of Health, Education and Welfare1 but also the letter and intent of HIPPA. ANA's Code of Ethics is certainly in agreement, as is ANA's Position Statement on Privacy and Confidentiality, due to be reviewed this fall. Indeed, this takes these principles a step further by endorsing “strong and enforceable remedies for violations of privacy protections.”13 The International Council of Nursing Code of Ethics concurs, stating, “The nurse holds in confidence personal information and uses judgment in sharing this information” and suggests nurses “use recording and information management systems that ensure confidentiality.”14 Finally, the Internet Healthcare Coalition, in its eHealth Code of Ethics, delineates “fundamental values” for developing an environment of trust in the health Internet: “candor and honesty; quality of information, products, and services; respect for individuals' right to give informed consent; and respect for privacy and protection of confidential information.”15
With widespread professional consensus on the ethical management of information, the implication for the design of healthcare IT systems is also clear. We need systems that provide information to those who need to know, but block all other third parties from accessing or receiving that information. And we now have those systems. But we also still have the moral dilemma of deciding and identifying exactly who the “need to know” people are.
Adoption of a nursing language and classification system, like the NIC, would make the process of identifying who needs to know much easier. Continuing to make nursing interventions more visible, more legitimate, and more universally understood not only helps answer the “who needs to know” question but also elevates the profession, documents the “working memory”8 nurses have traditionally relied on, and fights against the erasure of nursing work.
NURSES HOLD THE KEY
The ethical implications of information and the inviolability of patient privacy predate computers and the Internet by centuries. However, while today's IT systems have the potential to positively impact virtually all areas of patient care, they also create the need to revisit and re-emphasize the moral implications of information. Integrating our Code of Ethics with the IT systems in our daily practice is a priority for today's nurses and essential for maintaining our profession's integrity and the trust our patients extend to us.
© 2006 Lippincott Williams & Wilkins, Inc.