The National Electronic Health Record: Where’s my info going?

First of all, if you want to know the basics of the National Electronic Health Record (HCEN), see this official YouTube video: https://www.youtube.com/watch?v=IXP0FlzU69M&feature=player_embedded. Secondly, check this other page, from AGESIC, the Communications and Information Technology Agency that is nested within the Presidency: https://www.agesic.gub.uy/innovaportal/v/7654/1/agesic/la-historia-clinica-electronica-nacional-cada-vez-mas-cerca.html. Then look at the date of publication (this also appeared in the press): 03/04/2019. By that date, ‘stage 4’ of HCEN had already taken off – on 27 March. This means that 2.15 million personal health records, representing 18 million data points, went up as ‘metadata’ to the HCEN ‘platform’. These records belong to those affiliated to the 14 healthcare providers (IAMPPs – previously ‘Mutualistas’) that have at least 50 thousand members. This includes CASMU, La Española and Médica Uruguaya, amongst other behemoth organisations, plus the larger Emergencias Móviles, like UCM, SEMM and SUAT. The following stage, which took off on 30 April 2019, included all providers with less than 50 thousand members (IAMPPs and Insurances like SUMMUM, MP, The British Hospital Scheme, BlueCross, Seguro Americano and the remaining smaller Emergencias Móviles). Therefore, if you are affiliated with any local health plan under the Sistema Nacional Integrado de Salud, your ‘metadata’ will be uploaded to the platform. And please note: THIS IS NOT SOMETHING YOU CAN AVOID, although you can tweak the access filters to your info as I’ll describe below.

Let’s answer the basic question: WIIFME!? (What’s In It For Me?). Where’s my benefit? Does this expose my health info into an anybody-can-come-and-grab cloud? The answer is clearly NO: the information that is in the platform DOES NOT contain any ‘granular’ info or specific details about the contents of your file. Therefore, doctors’ notes, test results, medication lists and past and present diagnoses will NOT be listed. It will only state – and ONLY upon request by an authorised health professional – that on date dd/mm/yyyy, there’s an x-ray done at XXX hospital, or that on date dd/mm/yyyy, you had a consultation with a dermatologist, and so on. There will be NO ACCESS to the specific data, which will always be hosted in the electronic repository of your contracted healthcare provider. THIS GRASS-ROOTS INFORMATION WILL ONLY BE PROVIDED IF, AND ONLY IF, a healthcare professional like, for example, your contracted Emergencia Móvil, or a doctor who’s seeing you at an emergency service 500 km from your home, after you had an accident or any acute illness, deems this more ‘granular’ (detailed) info necessary for any decision that has to be made in your best health interests. And it’s ONLY the relevant information which will be released, NOT the whole electronic bulk of your personal file. This is a significant first and solid step into what’s called INTEROPERABILITY, which is the possibility that different electronic records can ‘talk’ to each other and share needed information, which can avoid duplication of tests, identify previous allergies, the possibility of drug interactions and side effects, the fact that you may have only one kidney or that your appendix is absent since you were ten years old. Few would argue that being able to have this info at hand will be harmful. In fact, harm can clearly happen in a data-absent situation.

I mentioned above that there’s no way to block the uploading of the ‘metadata’ (data about your data) to the HCEN platform. However, YOU CAN BLOCK access to the contents, what I mentioned above as the ‘granular’ data: notes, results, medications, operations, diagnoses, etc. This is where the situation becomes somewhat complex. You have to access this page: https://tramites.gub.uy/ampliados?id=5483, which describes what to do if you want to block access to the fine-level data described above. Remember, this is an OPT-OUT situation: YOU ARE BY DEFAULT ASSIGNED A ‘YES’ TO HAVE YOUR DATA ACCESSED. Therefore, you can either BLOCK IT ALL in one click OR PARTIALLY in a tailored way (assigning access only to certain professionals or to your contracted Emergenica Móvil, plus giving a limited timeframe for access). This can be done electronically if you have a chip-containing new Cédula de Identidad or personally, going to one of the PUNTOS DE ATENCION CIUDADANA: http://portal.gub.uy/wps/portal/peu/subhomes/pac where you can register your identity electronically and later continue with the blocking process.

One caveat: EVEN IF YOU BLOCK ACCESS (to all or to part of your records) the regulations state that IN THE EVENT OF A DIRE EMERGENCY, the attending healthcare professional is entitled to ‘break the glass’ and reach out for what critical information may be stored on the platform and in the personal file that your provider custodies. Besides from the stated emergency access to blocked information, the Ministry of Public Health (MSP) and the Judiciary system, may need to access your data for clear and specified reasons. This latter access by the MSP and the Judiciary is nothing new: copies of your old paper file were always within an arm’s reach of these agencies.

I don’t have an electronic cédula – yet, but I think that I’ll certainly change my ‘vitalicia’ vintage model for one of these sleek IDs shortly, as much can be done electronically, to wade through governmental red tape. I did, however, go with my cédula to one of these Puntos de Atención Ciudadana and had mi electronic ID registered in Usuario gub.uy: https://tramites.gub.uy/ampliados?id=4991.

Not very many of my family members or prior patients are aware of what’s going to happen with the data in their health records. In spite of this, I’ve been getting occasional calls and e-mails asking what to do: “Doc, what do I do with my health info? Do you suggest I block access to it by HCEN?” First of all, I tell them what I’ll do: I won’t OPT-OUT and therefore my info will be available to whatever healthcare professional believes may be necessary to make important decisions. Not everybody will feel this way and may prefer to OPT-OUT for a while, while watching what happens with the HCEN system. Eventually, it’ll be in our best interests that we receive future medical care with all the needed information at hand, so only a handful of wary patients will keep the lock closed – a lock that can be opened, if ever, in dire need. To state my personal view on this issue, I consider it my right that my health provider organisation upload the metadata of my file to HCEN and then I’ll decide if I want to block access to any specifics although, as I mentioned above, I’ll leave mine fully available in case of any need.

One important fact to know is that access to one’s data will have absolute and full traceability. Any patient can have a list of all those who accessed their file, with date, time and what was specifically accessed. If this access is considered not in the patient’s health interests or was unjustified, civil and even criminal charges, can be pressed on the perpetrator, be it an individual health professional, a private or public organisation or a government agency.

Note: All the information detailed above is accessible from the Presidency and AGESIC websites and open to the public. In spite of this, as a patient and prior clinician, I believe that some of the details and minutiae of the HCEN programme, needed some further clarification, plus adding how I personally feel about the sharing of my own medical metadata and clinical information.

Relevant laws and decrees:

·       Ley 19355 Art 466 19/12/2015.

·       Decreto Reglamentario 242/017 31/08/2017.

·       Ley 19679 Art 194 (Rendición de Cuentas) 15/10/2018.

·       Decreto Reglamentario 122/019 29/04/2019.