Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
14
Health Care Ethics (Bioethics)
Presenters: Angcual, Shaine A.
Mariano, Ezek M.
Chapter 7
ETHICAL ISSUES TO TECHNOLOGY AND DELIVERY OF HEALTH CARE
Data Protection and Security
- Data Protection is the act of protecting information, both sensitive and personal sensitive to unauthorized access and use.
- Security is typically defined by three main attributes: availability, integrity and confidentiality.
- The primary distinction between security and protection is policy. Security policy, as implemented by the system administrator, determines whether or not a person may use a system. However, the user’s access to certain data resources is determined by the protection policy.
- Security provides a technique for protecting both users and system resources from unauthorized external entities into functionality. Protection provides a framework for controlling access to data, processes, programs, and other resources.
Implications to practice
Healthcare provides rely heavily on the open exchange of information among all participants - whether the customer, the healthcare professional, or the health institution. Clients are more likely to offer complete and accurate data when they are convinced that their information is safe secure in the hands of their healthcare practitioner. A health organization that values data privacy is one that
cares about its patients.
DATA PRIVACY ACT (National Privacy Commission, 2021)
DPA
Republic Act No. 10173 is also known as the Data Privacy Act of 2012 (DPA). It
(1) protects the privacy of individuals while ensuring free flow of information to promote innovation and growth;
(2) regulates the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of personal data; and
(3) ensures that the Philippines complies with international standards set for data protection through National Privacy Commission.
Who are covered by the DPA?
The DPA applies to the processing of all types of personal information and to any natural or juridical person involved in personal information processing, including personal information controllers and processors.
Does the hospital or health care setting need a Data Privacy Officer?
Appointing a Data Protection Officer (DPO) is a legal requirement for personal information controllers (PICs) and personal information processors (PIPs) under the Data Privacy Act of 2012.
What is Privacy Notice?
A privacy notice is a statement made to a data subject that describes how the organization collects, uses, retains and discloses personal information. It is sometimes referred to as a privacy statement, a fair processing statement, or privacy policy. As a privacy notice aims to inform the public, it must be easy-to-read, transparent and compelling.
PRIVACY NOTICE VS. CONSENT
Privacy Notice VS. Consent
Health providers must understand that availability and accessibility of a privacy notice is not equivalent to obtaining consent of a data subject. A privacy notice is only meant to inform data subjects of the intended collection and processing by an entity. Meanwhile, a privacy consent is an indication of will, whereby the data subject agrees to the processing of his or her information.
What is a Privacy Impact Assessment (PIA)?
- Privacy Impact Assessment (PIA) is a process undertaken and used to evaluate and manage impacts on privacy of a particular program, project, process, measure, system or technology product of a PIC or PIP.
- PIA helps a PIC or PIP navigate the process of understanding the personal data flows in the organization. It identifies and provides an assessment of various privacy risks, and propose measures intended to address them.
What is a Privacy Management Program?
Privacy Management Program (PMP) refers to a process intended to embed privacy and data protection in the strategic framework and daily operations of a PIC or PIP, maintained through organizational commitment and oversight of coordinated projects and activities.
Data Processing Guidelines
- What is the consent of the data subject?
- What are the guidelines in collecting and accessing personal data?
- What do I need to keep in mind when storing clients’ information?
- How many personal data be disposed of?
What is the consent of the data subject?
To protect privacy, the law requires organizations to notify and furnish their data subjects with the following information before they enter personal data into any processing system, or at the next practical opportunity:
1. Description of the personal data to be entered into the system
2. Purposes for which data will be processed (e.g. direct marketing, statistical, scientific etc.)
3. Basis for processing, especially when it is not based on consent (e.g. public health and safety, mandatory reporting of illness, disease surveillance)
4. Scope and method of the personal data processing
5. Recipients to whom data may be disclosed
6. Methods used for automated access by the recipient and the extent to which such access is authorized
7. Identify and contact details of the PIC or its representative
8. The duration for which data will be stored
9. Existence of the rights of the data subjects
What are the guidelines in collecting and accessing personal data?
As the Commission has often said, health practitioners and anyone involved in the delivery of health care services must gather only the required personal information. Recipients should not be saddled with personal data obligations that go beyond the bare minimum, since this would simply slow the delivery of relief in this time of need. Access to health data must be granted solely on a “need-to-know” basis, which implies that only individuals on the health team must have the minimum and essential access to execute their tasks.
What do I need to keep in mind when storing clients’ information?
The DPA and its IRR provides that personal data shall not be retained longer than necessary:
1. For the fulfillment of the declared, specified, and legitimate purpose, or when the processing relevant to the purpose has been terminated;
2. For the establishment, exercise or defense of legal claims; or
3. For legitimate business purposes, which must be consistent with standards followed by the applicable industry or approved by appropriate government agency.
Likewise, retention of personal data shall be allowed in cases provided by law.
For members of the Health and Hospitals Sector, reference may be made to DOH Memorandum Circular No. 70, series of 1996 for the Revised Disposition Schedule of Medical Records.
In addition, a PIC must implement reasonable and appropriate organizational, physical and technical measures intended for the protection of personal information against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing.
How many personal data be disposed of?
Under the IRR, personal data shall be disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public, or prejudice the interests of the data subjects. The DPA penalizes improper disposal of personal information and sensitive personal information.
How many personal data be disposed of?
Relevant Issues and Concerns of Data Privacy to COVID-19 Response
1. What are the guidelines when conducting contact tracing?
2. Can I share information about COVID-19 patients?
3. Can I publicly disclose the identities of COVID-19 patients?
1. What are the guidelines when conducting contact tracing?
What are the guidelines when conducting contact tracing?
On 17 April 2020, DOH released Department Memorandum No. 2020 – 0189, or the Updated Guidelines on Contact Tracing of Close Contacts of Confirmed Coronavirus Disease (COVID-19) Cases, which contains provisions on how to properly conduct effective contact tracing while being mindful of data privacy and rights of data subjects. In line with this, the Commission, through NPC PHE Bulletin No. 13, emphasized that successful contact tracing can only happen when there is mutual trust between public health authorities and the citizenry. The public must give accurate information for contact tracing to be effective. But for the public to respond, they must rely on authorities to balance the risks to their rights and security and the promised benefits to public health, with the assurance that their data is processed fairly, lawfully, and securely.
Further, organizations must ensure that processing systems and applications used in the implementation of contact tracing must be designed with data privacy in mind. Functions meant to protect the rights of data subjects must be integral to the system and should not be made as a mere feature. This is called privacy by-design. And this is also why digital contact tracing systems or applications should undergo thorough Privacy Impact Assessment (PIA) so that risks and vulnerabilities may be identified and resolved at the earliest time possible.
2. Can I share information about COVID-19 patients?
Can I share information about COVID-19 patients?
Following the declaration of health emergency in the country, NPC issued PHE Bulletin No. 6 stating that sharing and disclosure of data related to COVID-19 patients must only be done to the proper authority. And while there are laws that allow for the sharing of information about COVID-19 patients from one institution to another, PICs must ensure that such is kept to a minimum extent keeping in mind the three general data privacy principles: transparency, legitimate purpose, and proportionality. It must be noted as well that in instances when a Data Sharing Agreement (DSA) is not mandated by law, PICs and PIPs may still opt to execute it if they have to detail the terms and conditions of the data sharing or to outline security measures.
3. Can I publicly disclose the identities of COVID-19 patients?
Can I publicly disclose the identities of COVID-19 patients?
Contact tracing does not require public disclosure of identities of COVID-19 patients. Unbridled disclosure of patients’ personal data to the public has been proven to cause actual harm such as physical assault, harassment, and discrimination. The DPA has never been a hindrance to contact tracing. It does not prevent the processing of personal data when necessary to fulfill their mandates.
Benefits and Challenges of Technology
Benefits and Challenges of Technology
1) Improved Care Coordination
2) Improved Population Health Management
3) Improved Patient Education
Challenges of Technology in Healthcare
a. Healthcare Organizations
o The inability to precisely measure intangible patient and cost advantages makes valuing and justifying capital spending on new technologies problematic. When compared to broad deployments, remote monitoring may be viewed as a compromise.
o Proponents say that reducing needless hospitalization can reduce healthcare expenses, which may be especially important in chronic illness management. This is advantageous from a utilitarian standpoint in terms of achieving successful outcomes for as many patients as feasible. However, the evidence reveals that remote monitoring does not save costs for the great majority of people.
o Most studies according to Zarif (2022) show little, if any, cost reductions and occasionally increased expenses; nevertheless, favorable clinical results for chronic illness treatment have been observed. According to Rawl’s Difference Principle, the literature is not in favor of cost-cutting measures that help the majority of the most vulnerable people. It has been proposed that remote monitoring may possibly incur higher expenditures for underrepresented communities. As a result, it is vital to avoid developing a false feeling of organizational autonomy, which might lead to a shift in the healthcare organization’s role from a patient-centered to a profit-centered agenda.
o Interoperability is a concern raised by the idea of “new” technology. Integration and cross-access of data and use between multiple systems or even different versions may be problematic due to the timeframes involved.
Healthcare Organizations
b. Healthcare Providers
o Despite the fact that healthcare technology offers great opportunities to enhance healthcare outcomes, improper use must be addressed. The technological imperatives relate to the inevitability of new technology and its necessary character, which indicates the necessity for adoption for social benefit.
o This raises the moral plight of utilizing the patient as a way of achieving end-of-life prevention, so breaching one of the core guiding principles of medical ethics: autonomy. To get deeper into this, we must look at the origins of morality. The use of the imperative suggests a hasty decision with minimal leeway.
Healthcare Providers
c. Patients
Patients
• The implications of the moral obligation bleed over into the issues that patients face. The necessity to assure appropriate use of costly equipment (at least during the early adoption period) and the moral obligation to use new technology directly contradicts the need to protect patient autonomy, as drawn from the application of personalities to healthcare systems.
• Their manifestation is their one-of-a-kind worth, which includes inherent attributes like free will. The person's participation in decisions centered on them has the ability to achieve their causal potential. Thus, the challenge to the moral imperative is a clear breach within the patient-centered paradigm of modern medicine.
• The acceptance of technical value does not mean our subjection to the technological imperative and loss of autonomy. Zarif (2022) on Cassell contends the value-ladenness of technology stems from its inherent features, which correlate to human nature's shortcomings. Thus, managing the value-ladenness of technology involves governance of our values and self-control, whereas managing its ethical issues necessitates management of our ethos.
Current Technology: Issues and Dilemma
Privacy and Security
Privacy and Security
The issue of privacy and security will always be in question once technology is applied in the healthcare setting. Autonomy and transparency relates to this issue as to what choice can the patient make. According to Shaw and Donia (2021) it is in the interest of technology developers and other supporters of digital health to keep attention focused on technical challenges that can be contained and addressed using technical approaches.
Sociotechnical Health
Sociotechnical Health
Shaw and Donia (2021) defined Sociotechnical as to the observation that issues pertaining to technologies such as applications of digital health are never solely about the material technology itself, but about the mutual dependencies between technologies and the social arrangements in which they are built and used. By the same token, "social arrangements" are always infused with various technologies, ranging from the chairs and whiteboards in design rooms to the smartphone applications and videoconferencing software that mediate human interactions. The term "sociotechnical" thus denotes a broadening of focus from the issues defined by a technology itself, to the broader universe of issues opened up by the recognition that technologies are built and embedded in the social world in ways that profoundly shape and are shaped by human life.
Application Software
Shaw and Donia (2021) identified the ethical issues at the level of application software include effectiveness, usability, and other issues related to the functioning and direct use of the digital health offering.
Applicattion Software
Material devices and Supply chains
The actual materials used to build and distribute the devices through which humans interact with digital health technologies are frequently overlooked in ethical analyses, but they are crucial for a comprehensive view of a digital health ethics. The materials used to manufacture smartphones and other digital devices are extracted from earth and shipped internationally, reinforcing low-wage labor in low-income countries while benefiting primarily large corporations in high income countries (Shaw and Donia 2021).
Infrastructures
This refers to the hardware and software required to operate digital devices. Shaw and Donia (2021) added that infrastructures include the buildings in which health care providers work when delivering virtual care, the cables and wires that enable digital signals to travel over distance, and the corporate structures of the organizations that ma communication available. Ethical issues relevant to infrastructure includes a lack of high-speed internet availability precludes a particular community from accessing digital health care.
Individual Health-Related Practices
Shaw and Donia (2021) highlighted that digital technologies are used in a variety of Health-related applications, many of which are intended to promote healthy activity and the management of disease among individual people. Digital health technologies are often infused with self-tracking mechanisms that have the impact of encouraging people to self-police their own actions and habits, meaning that they have heightened awareness about whether and how their action align with expected social norms.
Interpersonal Relationships
Digital health technologies have the potential to have a wide range of effects on interpersonal relationships.
One prominent example is the significant impact of social media applications on public understanding of health-related science and policy.
Health-related social media use has the potential to foster interpersonal networks that reinforce specific epistemic viewpoints on health-related issues, potentially harming public health. Another case in point is the impact of technology-mediated communication on the relationship between a health care provider and a patient.
Organizational Policies
The operation of health care systems is very much in the public interest, broadening the range of ethical issues deemed relevant to the ethical analysis of digital health. One important point to mention here is the impact of organizations such as insurance companies that use digital health technologies to collect information about individual behaviors and shape their product offerings accordingly.
In conclusion, digitalization of the healthcare setting workflow is here to stay. Relevant socio-technical approach of ethical analysis must be done to avoid overshadowing the concerns brought about by the using technology. Usability and ethical use can always go hand in hand given the proper moral and ethical stand point of developers and healthcare professionals.