Download PDF
Appl Clin Inform 2023; 14(05): 878-882
DOI: 10.1055/a-2161-0800
Adolescent Privacy and the Electronic Health Record

Electronic Health Record Adolescent Confidentiality in a Safety Net Setting

Jacqueline Guan-Ting You
1   Department of Pathology, Massachusetts General Hospital/Brigham and Women's Hospital, Boston, Massachusetts, United States
2   Department of Medicine, Brigham and Women's Hospital, Boston, Massachusetts, United States
,
Julia Esther Potter
3   Department of Pediatrics, Mass General Hospital for Children, Boston, Massachusetts, United States
,
Rebecca Grochow Mishuris
2   Department of Medicine, Brigham and Women's Hospital, Boston, Massachusetts, United States
4   Digital, Mass General Brigham, Somerville, Massachusetts, United States
› Author Affiliations
› Further Information
Also available at
 
 PDF Download Permissions and Reprints

Abstract

Background The 21st Century Cures Act provides improved access to one's medical record but presents new challenges to adolescent confidentiality in the domain of health care information technology. Adolescent patients, who have the right to confidential care in certain areas as dictated by state law, face the prospect of parents and guardians erroneously accessing their confidential health information.

Objectives Our institution, the largest safety net hospital in our region, sought to quantify the proportion of adolescent patient portal accounts likely being accessed by guardians and to implement corrective measures for the patient portal sign-up process in our electronic health record (EHR) system.

Methods We manually reviewed our institution's adolescent patient portal accounts based on email addresses associated with adolescents' accounts. We implemented EHR changes to address the potential for breach of confidentiality as a result of adolescent patient portal account creation by guardians. One intervention was creating a “guardrail rule” to prevent guardians from creating adolescent patient portal accounts with their own email addresses. After email reminders to adolescent patients to update their accounts, we deactivated accounts with concern for erroneous guardian access.

Results Sixty percent of our institution's adolescent patient portal accounts had possible direct access by guardians. Following requests to update account access, 425 (18.8%) of accounts had email addresses updated by adolescent patients and 1,830 (81.2%) accounts were deactivated.

Conclusion More nuanced EHR functionality for adolescent patients and their guardians can help health care systems provide confidential, patient-centered care for adolescents, while allowing guardians to access appropriate health information to facilitate care. There is an opportunity for a national consensus on how adolescents and their guardians can access health information by patient portal.


#

Keywords

adolescent medicine - confidentiality - patient portals - electronic health records - HIPAA - 21st Century Cures Act

Background and Significance

The Office of the National Coordinator for Health Information Technology Cures Act Final Rule (21CCA) was designed to increase patients' access to their medical records.[1] However, the rule did not comment definitively on adolescent confidentiality, an area complicated by heterogeneity in state-level protections of adolescents[2] around sensitive issues such as consent for contraceptive care[3] [4] and reproductive health.[5] Even before the Final Rule, institutions varied in their approach to adolescent electronic health record (EHR) accounts in key areas, such as adolescent access to the patient portal (“portal”), age of patient allowed portal access, degree of guardian access to the portal, and type of information deemed sensitive.[6] A significant portion of adolescent care centers around confidential issues: one study estimates that 25% of adolescent patient notes contain confidential information.[7] Adolescent confidential care may be compromised by guardians accessing adolescent portal accounts. Studies suggest 64 to 80% of adolescent portal accounts are erroneously used directly by guardians.[8] [9] [10] With adolescents and adults, an estimated 20 to 60% of portal messages are written by caregivers but sent using the patient's account.[11] Guardian access to the adolescent accounts provides access to sensitive information, such as test results for pregnancy and sexually transmitted infections. This has ethical implications for domains such as substance use[12] and reproductive care.[13] [14] [15]


#

Objectives

We sought to characterize the extent of potential confidentiality concerns related to adolescent portal access and to implement EHR measures to safeguard adolescent confidentiality in a safety-net academic medical center.


#

Methods

Boston Medical Center (Boston, Massachusetts, United States) used a phased approach to evaluate adolescent portal confidentiality and implement key portal enhancements to safeguard confidentiality. We engaged stakeholders from adolescent care, privacy, compliance, legal, clinical informatics, and IT to quantify the problem and develop and implement solutions. This group worked with a family advisory group and adolescent provider group to determine perceptions and needs around adolescent and proxy access to the portal, and crafted clinician communications and patient-/family-oriented messages as EHR measures were enacted. This messaging aligned with existing adolescent clinic practices at our institution around confidentiality, such as signage and conversations explaining confidential adolescent care.

The key steps described below occurred over 3 to 6 months and required about 40 IT analyst hours, implemented in order as follows:

Phase 0: Account manual review. We queried a list of active portal accounts for adolescents aged 12 to 17 from November 2021 to November 2022. Based on criteria ([Supplementary Appendix A], available in online version), one author manually categorized email addresses associated with these accounts as either likely belonging to the adolescent, unlikely to belong to the adolescent, or uncertainty about whether it belongs to the adolescent, with adjudication from a second author as needed. This manual review took 10 hours.

Phase 1: Guardrail rule implementation. The EHR team implemented a rule in the portal enrollment logic to increase direct adolescent access to portal accounts. With this rule, when a new adolescent portal account is requested in clinic, the email/phone number must be different from that of the guardian email/phone number in the EHR. If they are the same, the system will not send an enrollment link for the adolescent portal account. The rule is provided by our EHR vendor. While this does not fully prevent direct guardian use of adolescent accounts, a similar rule has previously been shown to decrease portal activation by guardians.[16]

Phase 2: Revising adolescent and proxy account settings. We held focus groups with families and pediatricians and surveyed other local organizations that care for adolescents. Massachusetts defines the age of majority as 18[17] but does not define adolescence legally with variation in age-specific minor rights.[2] There is no minimum age for adolescents to consent to family planning and reproductive health care[18] other than abortion (above 16).[19] Historically, our institution had designated age 12 as the cutoff age, as it is the lower age boundary for our adolescent clinic and the age at which confidential social history taking without guardians frequently occurs. In planning our interventions, we found that families considered 12 years old to be too young to direct most, if not all, health care, and that other local organizations did not start “adolescent” access restrictions until age 13. We therefore changed our institution's cutoff for adolescent accounts from age 12 to 13 years old (with the adolescent age range now 13–17 years old). We implemented an automatic rollover from child proxy to adolescent proxy access at 13, no longer requiring the guardian to reenroll as the patient aged. Existing patients between 12 to 13 years old and their guardians received a one-time notification that their accounts were being converted to child proxy access ([Supplementary Appendix B], available in online version). Subsequent patients turning age 13 and their guardians will receive a notification 1 week prior to the patient's 13th birthday informing them of proxy status conversion and providing instructions for adolescent enrollment in their own account.

Phase 3: Deactivation of suspect adolescent accounts. Our analysts deactivated adolescent accounts where the email address was unlikely to belong to the adolescent, or if we were uncertain about whether it did (as assessed in Phase 0). Prior to deactivation, we sent staggered portal message reminders (15, 7, 2, and 1 day prior to deactivation) to these adolescent accounts to underscore the importance of the adolescent holding the primary account and how to enable a proxy account (see sample email in [Supplementary Appendix C], available in online version).


#

Results

In September 2022, 36% of adolescents (13–17 years old) with visits in pediatrics or family medicine in the past 3 years had an active portal account; of those, 32% had a proxy account. 4,455 adolescent portal accounts were associated with an email address: 60% were classified as potentially accessed by guardians (the associated email address classified as either being “unlikely to belong to the adolescent” or “unsure”; [Fig. 1]). Of these accounts, 2,255 accounts received email notifications in Phase 3 of our implementation requesting that accounts be updated to be associated with an email address belonging to the adolescent. The remaining 422 flagged accounts belonged to adolescents who turned 18 (considered an adult) between our initial review and Phase 3 of the project. Of the accounts notified to update the email address, 425 (18.8%) did have an email address updated after the notifications were sent, and ultimately 1,830 (81.2%) accounts were deactivated ([Fig. 2]). A total of 5% (232/4,687) of adolescent portal accounts did not have associated email addresses, so we were unable to assess whether the patient or guardian was accessing these accounts. Nine months after this process, in August 2023, 44% of adolescents had an active portal account, with 36% of those having a proxy account.

Zoom Image
Fig. 1 Classification of adolescent patient portal accounts with email addresses. Manual classification of adolescent patient portal accounts showed that 60% of our hospital's adolescent patient portal accounts were potentially accessed by guardians.
Zoom Image
Fig. 2 Portal message reminders and subsequent deactivation. Flagged accounts were sent staggered portal message reminders to create proxy accounts for guardians and to change the email address on the adolescent portal account. Our EHR analysts ultimately deactivated 81% of flagged accounts in which email addresses were not changed after reminders. EHR, electronic health record.

#

Discussion

Over half of adolescent portal accounts at our institution were potentially compromised by guardian direct access. These data, and our overall proxy usage, are comparable to that of other institutions.[8] [9] [10] [20] These findings signal a significant gap between intention—maintaining adolescent confidentiality that adheres to state laws—and practice. While other institutions have also instituted EHR changes around adolescent confidentiality in response to the 21CCA,[8] [9] [10] [16] our phased approach to safeguard confidentiality while also supporting guardian needs to facilitate care in an urban safety net setting demonstrates feasibility of implementation with relatively fewer information systems resources and among a diverse patient population.[8] [20] Although our overall percentage of adolescents with portal accounts is higher than others reported in the literature,[21] it supports the applicability and necessity of confidentiality safeguards across diverse populations. However, one potential limitation is that the subgroup of patients with portal accounts may not reflect the overall demographics of our safety net hospital's adolescent patient population. Specifically, those who may be less likely to have portal access include those who do not have access to a mobile device or a stable internet connection due to socioeconomic barriers[22] and those for whom language barriers pose obstacles to accessing portals.[21]

During family advisory group meetings, family members of adolescents voiced a strong interest in maximizing guardian access to adolescent records. We were unfortunately unable to obtain adolescent representation in discussions of updating our adolescent proxy access and relied on the advocacy and perspectives of adolescent clinic physicians. Prior to this project, our institution's proxy accounts only provided access to immunizations and the plan of care, lacking functionalities for messaging clinicians; requesting refills; viewing appointments; viewing key information such as medications, test results, and medical history; or viewing notes—all of which are accessible under an adolescent portal account. To balance adolescent confidentiality with guardians' rights to health information, we sought to secure adolescent privacy and expand proxy access to general health information. We hypothesized that guardians were accessing adolescent portal accounts directly due to lack of proxy access to appropriate health information. Therefore, we implemented messaging that allowed guardians to send and receive messages through the portal and allowed all users to determine whether the patient and/or guardian would be included in the recipient list of any given message. Proxy communication with obstetrics/gynecology and family planning is disabled in the portal due to concerns for inadvertent disclosure of sensitive results such as sexually transmitted infection laboratory results, pregnancy status, and birth control refills that should not be disclosed to guardians. Adolescents retain the ability to message these departments' clinicians. We did not collect postdeactivation feedback broadly, although have reconciled one case in which the adolescent patient appropriately appealed for reactivation and are not aware of negative impact to patient care.

Future directions include more nuanced EHR measures. The guardrail rule could be enhanced to prevent guardians from bypassing the rule (e.g., enrolling with shared email accounts that the guardian has access to). Our criteria for flagging patient accounts relied on patients' registered names and did not necessarily account for patients with significantly different preferred names; for institutions looking to prevent sign up by guardians, sign-up rules based on name similarity may not capture this subset of patients. Our current proxy implementation does not account for adolescents with severe intellectual or developmental disabilities, an important patient population with complexities in portal access that will be addressed in further iterations.

To further enhance proxy portal functionality, we will designate expanded health information that guardians can view but block certain confidential items, such as certain medications, results, diagnoses, visit notes, and appointments, in the proxy portal view. Adolescents can view these confidential items, except for those withheld under existing 21CCA information blocking exceptions. Specific challenges exist in implementing confidentiality in visits notes; for example, determining whether to use confidential sections or restricting access to the entire visit as confidential. In addition, identifying and maintaining these designated confidential items requires multidisciplinary input. As these are not standardized nationally, we have developed our own list and will have to maintain it over time. Furthermore, there is ambiguity in handling proxy access to data such as gender identity, sexual orientation, and preferred pronouns. Implementing these confidential items not only presents maintenance concerns but also presents opportunities for national organizations to define or standardize these items. Collaboration may address confidentiality concerns with interoperability, as sensitive items may be inadvertently disclosed. Ongoing patient education about portals and rights to confidentiality are crucial to increased uptake and trust among a vulnerable patient population.


#

Conclusion

With the advent of routine portal use, organizations must confront the challenges that portals pose to adolescent confidentiality. While improving access to health information, portals may unintentionally breach confidentiality unless safeguards are in place. Multidisciplinary stakeholder involvement is crucial to optimize IT systems to balance health information access and confidentiality for adolescent patients. EHR vendors are key partners who can collaboratively build confidential and patient-centered proxy portal features. There is a national opportunity to standardize patient portal policies concerning adolescent confidential care.


#

Clinical Relevance Statement

EHR implementation changes can provide adolescents with confidential, patient-centered care.


#

Multiple-Choice Questions

  1. Approximately what percentage of adolescent portal accounts were potentially accessed by guardians?

    • 10%

    • 20%

    • 60%

    • 90%

    Correct Answer: The correct answer is option c. Approximately 60% of adolescent portal accounts were potentially accessed by guardians.

  2. Which of the following stakeholders were involved in securing the confidentiality of adolescent portal accounts as described by this paper?

    • Adolescent providers

    • Clinical informatics

    • Privacy

    • Adolescent guardians

    • All of the above

    Correct Answer: The correct answer is option e. All of the above. Stakeholders including adolescent providers, clinical informatics, EHR team, privacy, compliance, legal, and adolescent guardians (through a family advisory group) were involved in updating the hospital's approach to adolescent confidentiality with portal accounts.


#
#

Conflict of Interest

None declared.

Protection of Human and Animal Subjects

Not applicable.


Supplementary Material


Address for correspondence

Jacqueline You, MD
Department of Pathology, Massachusetts General Hospital
55 Fruit Street, Boston, MA 02114
United States   

Publication History

Received: 12 May 2023

Accepted: 25 August 2023

Accepted Manuscript online:
28 August 2023

Article published online:
01 November 2023

© 2023. Thieme. All rights reserved.

Georg Thieme Verlag KG
Rüdigerstraße 14, 70469 Stuttgart, Germany


   Permissions and Reprints
Zoom Image
Fig. 1 Classification of adolescent patient portal accounts with email addresses. Manual classification of adolescent patient portal accounts showed that 60% of our hospital's adolescent patient portal accounts were potentially accessed by guardians.
Zoom Image
Fig. 2 Portal message reminders and subsequent deactivation. Flagged accounts were sent staggered portal message reminders to create proxy accounts for guardians and to change the email address on the adolescent portal account. Our EHR analysts ultimately deactivated 81% of flagged accounts in which email addresses were not changed after reminders. EHR, electronic health record.