Electronic Prescriptions, Proxy Collection and Privacy Issues for Pharmacists

The Electronic transfer of prescription information is in the first stages of implementation, with most of us who work in community pharmacy having access to (most likely) the eRx system. In this program, electronically dispensed (not hand written) prescriptions can be scanned by the bar code on the bottom of  a new script, or at the top of a repeat form and the information  contained on this prescription is safely and accurately downloaded into our dispensing software. This is a handy tool as it ensures continuity between what has been prescribed, quantity and instructions when prescription information is entered, reducing human data entry errors.

The eventual product of this program will involve a paperless system where prescriptions are “written” and connected to a patients ehealth record, this script information will then be held in a secure database until the time that the patient would like it to be dispensed. This information would then be downloaded securely to the pharmacies dispensing software through access to the patients ehealth record. This will be of such great importance when/ if the system gets off the ground and will help it work as a well oiled machine.

But I had a thought when I was driving home from University today. This paperless system sounds fantastic and will relieve some of the paperwork headaches that we all face when working in pharmacies…however, in terms of patients and the collection/request for scripts to be dispensed, privacy issues for Pharmacists may come to light.

When a doctor sees a patient, access to that patients health record is all they will need..they would not under any circumstances need to access this persons husband,brother, mother’s record if that person was not present with the original patient. Essentially doctors are not to access someones health information on the request of another patient. Even more, a doctor would never prescribe a medication for someone on the request of someone else (family, friend etc.)

The situation presented in a pharmacy is really quite different, and it opens the pharmacist profession up to more risks than they already face. Say for example, Mrs Jones comes into your pharmacy now, she has a pile of prescriptions for her and also another list for her husband. You would not think twice about dispensing these items and allowing her to collect her husband’s items on his behalf. His consent to have her collect his prescriptions is implied to us by her bringing them in along with hers- and if they are elderly/on concession they would have the same benefit number so we understand they have family connection.

Scenario Two: Mrs and Mr Jones have signed themselves up for eHealth records and are now excited about not having remember where all of their prescriptions are, they can simply go to any pharmacy and have them filled no paperwork required. Mrs Jones comes in to your pharmacy and requests 3 scripts for herself and 2 for her husband. In order to have access to this information you need to access their ehealth records, but only Mrs Jones is present. So accessing her information is no problem as you have consent from her, however how is it justified to access her husbands ehealth record on her request when he is not present? They are family yes, and previously we would have assumed implied consent, but is that really in line with the privacy principles regarding healthcare providers access to eHealth records? A doctor would not do this..so why should pharmacists be put in the risky situation this involves?

If the patient is unknown to us this could be even more awkward and lead to anger on the patients side, if they feel as though pharmacists are keeping them from information they are entitled to.

I am unsure how much thought and planning has been put in to this dilemma, however I did notice that according to the PCEHR Act (2012), commanding access over ehealth records can be granted to an authorised or nominated representative of the consumer, such as a parent of a child under 18 years, or a carer for someone with disabilities or an elderly family member/patient. However, does this mean that when signing up for an ehealth record, in order to avoid these kinds of issues consumers need to name a proxy who can request access to health information and scripts on their behalf? If this is the case, family members would be the most easily serviced, but how about that new couple who haven’t really been dating very long and the last thing that they would think of would be ehealth records. Then one gets sick and needs a script filled..how would this person go about accessing this script on their partners behalf? Through a phone call sure, but this may not be the most effective answer…how can we be sure this person is who they say they are when we cannot see them in front of us?

Further, how can we be certain that our customers will even think to name family members as authorised individuals who can ask for such things as their scripts being filled? Pharmacists cannot allow themselves to be in a situation where liability due to unauthorised access to a patients ehealth record is suspected, even if this may not be the case, if consent cannot be determined than access cannot be granted. And thus could potentially lead to anger on the part of the customer which could negatively impact the business.

Customers need to be adequately  informed of what is expected of them in regards to this before this program were to get up and running on a large scale!

There are so many unanswered questions in this area of eHealth, in some ways it seems that by making life easier in some ways we will also be making life harder in other ways….a double edged sword one might say.  No matter which way it goes more problems arise, but there is a need to bring our healthcare system into the 21st Century.

I am interested to know your thought on this topic…how would Pharmacists maintain the integrity of patient privacy if this new system was implemented on a large scale?