I thought it was about time to write a post about the woes of doctor-patient email.

wantemail

Last week, a friend was having some issues with his phone, so his family doctor’s office couldn’t get in touch to inform him of the date of his specialist’s appointment. He didn’t know about the trouble until he popped in for a visit, which was when his doctor asked him – if he didn’t hear by a certain date – to call the specialist himself.

A good solution to the problem, but I couldn’t help wondering why email wasn’t an option. I mean, practices routinely collect our emails now, but I still don’t see them used very often. What if my friend kept having phone issues? What if he forgot to call?

Later, after the appointment had been worked out, he told me that the specialist ended up sending him an email with instructions on how to prepare for the procedure. This was appreciated, and got us both thinking about what exactly are the barriers to doctor-patient email.

What counts as private info? How do other providers deal with this around the world?

Let’s look at what’s out there.

Honestly, the scientific literature makes it seem like HIPAA-compliant secure email has been tried in a bunch of places. However, I’ve been finding it difficult to get details from health provider websites. Which is really unfortunate, since that’s where I would presume patients would look first.

Here are a few that have half-decent information:

  • Crystal-Run Healthcare in NY
    Microsoft Outlook + Proofpoint
      – Emails encrypted if contents match certain keywords in a database
      – Patients receive email with link to secure portal
  • University of California San Francisco Faculty of Medicine
    UCSF-developed (apparently)
      – Emails encrypted if subject line starts with: "ePHI: ", "PHI: " or "Secure: " (how very Google-esque!)
      – Patients receive email with link to secure portal
  • Steward Family Medicine in Anchorage, AK
    Doesn’t say which company
      – Patients can use their non-secure email like Gmail, Hotmail, etc., but they have to sign a waiver
  • University of Arkansas Family Medicine
    eDocAmerica
      – Patients sign agreement, receive link to secure web portal to send/receive emails
      – Nurse receives all emails and routes them to appropriate doctor 
  • MIT Medical
    Patient Online (looks like developed by MIT)
      – Online registration for secure web portal

If anybody can add to this list, please do.

In the meantime, some observations:

  • Certainly, “regular” email is out of the picture unless some kind of consent is obtained
  • Lots and lots of companies providing secure email “portal” solutions. Some will get the doctor to “tag” secure messages. Others will run a search against a database of “sensitive” words.
  • Patients’ emails probably don’t go directly to the doctor in many cases – are sorted beforehand
  • There is a lot of overlap between secure email and an all-in-one platform like Hello Health (which I’ve avoided with the intention of focusing on email only)

Okay, what about doctor-patient email in Ontario?

Dr. Greiver’s blog, though now sadly ended, is an excellent, honest resource for this. Because – honestly – things aren’t going so well.

Basically, she has been informally communicating by email with patients for > 10 years. She has a website for her family practice, where the practice’s email address is prominently featured. Most patients use this email, which is managed by an employee.

But growing demand and, of course, privacy make things hairy.

The Quality Improvement and Innovation Partnership, which supports Ontario’s Family Health Teams, said this:

A clinic email address for general inquiries would be adequate and admin staff could manage the inbox. However, for services like prescription renewals, medical advice (non urgent of course) or any other service that involves a healthcare professionals, a more secure line of communication is necessary.

Unfortunately, the available options raise other questions. If we go with portals:

  • Web portals (like those used in the US, above) are secure, but the cost is not negligible, including $20 that must be paid by the patient every year. Mydoctor.ca for more info.
  • How does she get everyone who are married to the “unsecure” option to switch?
  • To what extent do the portals support linking to outside media and resources?

ONEmail in many fragments

ehealthontario

There’s also something called ONEmail by eHealth Ontario, which appears to be a secure email system for physicians in the OntarioMD directory to share patient information. But what about with the patients themselves? Dr. Greiver says:

I have secure email via SSHA’s ONEmail system; however, it periodically needs a new password, I don’t look at it very often, and it won’t forward a message to let me know that there is mail for me. I don’t know anyone who uses it, because it is not very useful right now. It will probably be good for secure messaging between health care providers, but not for patients since the information goes outside of the system.

On top of that, ONEmail is even mystifying for emails between doctors:

My office administrator recently received a letter from a specialist in MS Word, emailed to our office address drgreiveroffice@rogers.com . We talked about what to do with it, and decided to copy and paste the note into “comments” in the incoming correspondence part of the EMR; no printing, no scanning, no OCR, and no OCR-related errors. It is not quite as good as a direct electronic import into the chart like labs, but is so much better than fax.

 

I would really like to use secure email, but the SSHA email system is very impractical so nobody uses it—you have to change your password every six weeks, you can’t have a general office email for people to send things to, it won’t forward a notification that there is something waiting for you. I don’t use it. It looks like it was designed by security experts, with no emphasis on the practical aspects of a communication system. The results are a continuing lack of electronic communication; you get the system you plan for.

This all makes me kind of upset.

On the one hand, privacy is certainly one of the most delicate issues in health care, so we shouldn’t expect leaps and bounds. I can get fired up when Hello Health talks about ‘disruptive innovation’ yet I know that these interesting projects are only sporadic campfires – like Atul Gawande’s demonstration farms that preluded an agricultural revolution. Who knows if another revolution is in the cards? Remember: in Canada, Medicare essentially started with one fired-up guy in one province (Saskatchewan Premier Tommy Douglas). So anything is possible, but probabilistically speaking, it will come verrry slowly.

On the other hand, I believe that we have a responsibility to innovate. At least we can continue the conversation. Point out what works and what doesn’t. Like Dr. Greiver, who apparently emailed ONEmail and didn’t get a particularly helpful message in return.

In closing, I’d like to ask you:

Have you had any experiences with doctor-patient email? Do you like the portal idea? Is Canada (or the rest of the world) doing well on this front?

–Elizabeth

Related posts:

  1. On the (Selective) Persistence of Paper
  2. Should IT Be Part of the Doctor’s Job?
  3. It’s Not “Patient Empowerment” If You Feel Powerless: A Story About Today
  4. Mount Sinai Hospital’s VitalHub, the Latest in iPhone + EMR
  5. Bant: A Stylish Diabetes iPhone App from Toronto’s University Health Network

Tags: , , , , , , ,