Abstract
As interest in the use of electronic medical record data for clinical research has increased, the protection of personal health information has become increasingly important. The Privacy Rule, established by the Health Insurance Portability and Accountability Act in 1996, proposed the concept of Protected Health Information (PHI) to restrict the use of personal health information from clinical settings. Because researchers and patients are not familiar with PHI despite its importance, our study aimed to find out the effect of the different knowledge, attitudes and levels of trust regarding personal health information on the use of them for clinical research. We collected 267 paper and online surveys from three groups: a clinical researcher group (n = 113), a non-clinical researcher group (n = 72) and a patient group (n = 82). The collected data were analyzed using one-way ANOVA depending on the three groups. We calculated the percentages of correct answers and incorrect answers to 40 questions related to PHI to determine the level of knowledge. Although the three groups had significantly different knowledge of PHI (p < 0.01), all three groups correctly understood that social security numbers and bank account numbers were Protected Health Information. In contrast, all three of the groups misunderstood that the physician’s name, discharge date, and admission date were not non-PHI items. In addition, the three groups had significantly different attitudes and levels of trust regarding the use of PHI for clinical research (p < 0.05); however, all of the groups had favorable attitudes toward using and disclosing medical data in clinical research. Interestingly, although the three groups strongly agreed regarding the protection of the confidentiality of PHI, the patient groups trusted that hospitals would maintain a high level of PHI protection. The attitude toward using health information for clinical research was found to be favorable, but all of the groups were confused regarding date items. These results indicate that more education about PHI is required to protect identifiable health information. In particular, researcher groups, including both clinical and non-clinical researchers, must completely understand the protection of personal information to gain trust from patient groups.
Similar content being viewed by others
References
Annas GJ (2003) HIPAA regulations-a new era of medical-record privacy? N Engl J Med 348(15):1486–1490
Baumer D, Earp JB, Payton FC (2000) Privacy of medical records: IT implications of HIPAA. ACM SIGCAS Comput Soc 30(4):40–47
Bélanger F, Crossler RE (2011) Privacy in the digital age: a review of information privacy research in information systems. MIS Quar 35(4):1017–1042
Brownstein JS, Murphy SN, Goldfine AB, Grant RW, Sordo M, Gainer V, Colecchi JA, Dubey A, Nathan DM, Glaser JP, Kohane IS (2010) Rapid identification of myocardial infarction risk associated with diabetes medications using electronic medical records. Diabetes Care 33(3):526–531
Caine K, Hanania R (2013) Patients want granular privacy control over health information in electronic medical records. J Am Med Inform Assoc 20:7–15
Choi IY, Lee JY, Choy S, Kim SK (2007) Comparison of the perception on health information privacy protection for electronic health record among patients, healthcare providers and administration groups. J Korean Soc Med Inform 13(03):197–205
Choi IY, Park SH, Park BJ, Chung BH, Kim CS, Lee HM, Byun SS, Lee JY (2013) Development of prostate cancer research database with the clinical data warehouse technology for direct linkage with electronic medical record system. Prostate Int 1(2):59–64
Crawford AG, Cote C, Couto J, Daskiran M, Gunnarsson C, Haas K, Haas S, Nigam SC, Schuette R (2010) Prevalence of obesity, type II diabetes mellitus, hyperlipidemia, and hypertension in the United States: findings from the GE centricity electronic medical record database. Popul Health Manag 13(3):151–161
Holman CDJ, Bass AJ, Rouse IL, Hobbs MST (1999) Population-based linkage of health records in Western Australia: development of a health services research linked database. Aust N Z J Public Health 23(5):453–459
Kim SH, Chung KY (2013) Medical information service system based on human 3D anatomical model. Multimed Tools Appl. doi:10.1007/s11042-013-1584-8
King T, Brankovic L, Gillard P (2012) Perspectives of Australian adults about protecting the privacy of their health information in statistical databases. Int J Med Inform 81(4):279–289
Kuo KM, Ma CC, Alexander JW (2013) How do patients respond to violation of their information privacy?. The Health Inform Manag J. 1–13 see doi:10.12826/18333575.2013.0011.Ma
Kurtz G (2003) EMR confidentiality and information security. J Healthc Inf Manag 17(3):41–48
Lee SM (2008) The medical treatment information and medical treatment information protection. Kookmin Law Review
Leestma R (2003) Implementing technological safeguards to ensure patient privacy. Caring: Natl Assoc Home Care Mag 22(2):16–18
Liao KP, Cai T, Gainer V, Goryachev S, Zeng-treitler Q, Raychaudhuri S, Szolovits P, Churchill S, Murphy S, Kohane I, Karlson EW, Plenge RM (2010) Electronic medical records for discovery research in rheumatoid arthritis. Arthritis Care Res 62:1120–1127
Longstaff D (2005) Contentious crop: harvesting information from electronic health records, Australian National University: Australian Primary Health Care Research Institute
Meingast M, Roosta T, Sastry S (2006) Security and privacy issues with health care information technology. Engineering in medicine and biology society, 2006. EMBS ’06. 28th Annual International Conference of the IEEE. 5453–5458
Murff HJ, FitzHenry F, Matheny ME, Gentry N, Kotter KL, Crimin K, Dittus RS, Rosen AK, Elkin PL, Brown SH, Speroff T (2011) Automated identification of postoperative complications within an electronic medical record using natural language processing. JAMA 306(8):848–855
Ness RB (2007) Influence of the HIPAA privacy rule on health research. JAMA 298(18):2164–2170
O’Connor K (1994) Confidentiality, privacy and security concerns in the modern healthcare environment. Aust Comput J 26(3):70–74
Office of the Federal Privacy Commissioner, Australian Government. Getting in on the Act: the Review of the Private Sector Provisions of the Privacy Act 1988, 2005
Park MY, Yoon DY, Lee KY, Kang SY, Park IH, Lee SH, Kim WJ, Kam HJ, Lee YH, Kim JH, Park RW (2011) A novel algorithm for detection of adverse drug reaction signals using a hospital electronic medical record database. Pharmacoepidemiol Drug Saf 20(6):598–607
Privacy Protection Act, Article 10465 (March 29, 2011)
Rothstein MA (2007) Health privacy in the electronic age. J Legal Med 28(4):487–501
Rothstein MA (2010) Is deidentification sufficient to protect health privacy in research? Am J Bioeth 10(9):3–11
Terry NP (2009) What’s wrong with health privacy. J Health Biomed Law 5:1–32
Whiddett R, Hunter I, Engelbrecht J, Handy J (2006) Patients’ attitudes towards sharing their health information. Int J Med Inform 75:530–541
Willison DJ, Schwartz L, Abelson J, Charles C, Swinton M, Nothrup D, Thabane L (2007) Alternatives to project-specific consent for access to personal information for health research: what is the opinion of the Canadian public? J Am Med Inform Assoc 14:706–712
Wilson JF (2006) Health insurance portability and accountability act privacy rule causes ongoing concerns among clinicians and researchers. Ann Intern Med 145(4):313–316
Acknowledgments
This study was supported by a grant of the Korea Health technology R&D Project, Ministry of Health & Welfare, Republic of Korea (A112022).
Conflict of interest
We declare that we have no conflicts of interest.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Rho, M.J., Jang, K.S., Chung, KY. et al. Comparison of knowledge, attitudes, and trust for the use of personal health information in clinical research. Multimed Tools Appl 74, 2391–2404 (2015). https://doi.org/10.1007/s11042-013-1772-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-013-1772-6