Legal Issues Relating to a Cardiac Surgery Database Peter Francis, LLB Francis Abourizk Lightowlers, Commercial and Technology Lawyers, Melbourne, Victoria, Australia
The proposed Cardiac Surgery Database project is a venture shared between the Victorian Department of Human Services and the Australasian Society of Cardiac and Thoracic Surgeons (ASCTS). The aim is to provide a readily available and comprehensive information base on cardiothoracic procedures carried out in Victoria, with a view to raising the standards of cardiothoracic surgery, and to facilitate long-term patient care. Important issues for consideration are ownership and protection of the Database and the information within it, as well as the patient consent process, privacy and patient access to data, commercial use of the Database for ongoing funding, risk management, and protection of the ASCTS and surgeons from litigation. (Heart, Lung and Circulation; 10 (Suppl.): S14–S17) Key words: database, legal, privacy, risk management.
Introduction The proposed Cardiac Surgery Database will allow stakeholders to gain valuable insights into the area of patient treatment through the compilation of data related to patient symptoms, treatments, surgical techniques, outcomes and circumstantial factors. The corollary of gaining these benefits is that a nest of legal issues relating to the ownership, gathering, holding and use of the data is uncovered. Six of these legal issues will be examined: 1 The ownership of the Database and the data contained therein. 2 The consent process. 3 Privacy and patient access to the data in the Database. 4 The commercial use of the Database for ongoing funding. 5 The protection of the Australasian Society of Cardiac and Thoracic Surgeons (ASCTS) and surgeons from litigation. 6 Litigation and risk management. Correspondence: Peter Francis, Francis Abourizk Lightowlers, 7th Floor, 395 Collins Street, Melbourne, Victoria 3000, Australia. Email:
[email protected]
Databases: Definition and the Issue of Ownership A database is a collection of information usually, but not necessarily, structured according to categories and able to be retrieved readily. The information in the database may be public or private or a mix of both. A database will typically but not necessarily be in digital form. There are a number of sources of legal rights that may subsist in the database. These include copyright, the law of confidential information, the law of passing off, and laws preventing misleading and deceptive conduct. The point is that data, or more particularly, its method of presentation, can effectively be owned.
Consent Processes The law relating to patient information is developing rapidly. Legislation already exists which allows patient data to be accessed by third parties only under very limited circumstances. Patient information is private. Broadly speaking, a surgeon does not have the right to use patient information without the consent of the patient other than in the course of providing treatment. Therefore, the written consent of all patients must be
Heart, Lung and Circulation 2001; 10 (Suppl.)
obtained for the use of their records in the Cardiac Surgery Database. This is true for both current and former patients: their consent, or in the case of a deceased patient, the consent of the family, must be obtained.
A Separate Consent Form? Before undergoing an operation in a hospital, a patient has to sign a form in which he or she consents to the operation, the anaesthetic and any necessary emergency treatments. Some hospitals use this opportunity to obtain consent for other matters. For example, on the form currently used at the Royal Melbourne Hospital (RMH), patients are also asked to give their permission to appear in audio and visual material. A patient’s consent must be voluntary, informed and specific. Regarding data collection for the Database, there is no legal requirement that a form separate from the preoperative consent form be used, as long as consent to the collection of data and the manner of its use is an additional, clearly separate consent item. The RMH consent to appearing in audio and visual material is an admirable example of this, as it requires separate completion and separate signing. A separate form may cause difficulties, and extra legal protection will not be gained by its use; this should be kept in mind when considering the question whether permission for records to be used in the preparation of the Database should be sought through the preoperative consent form or through a separate consent form. However, amending existing preoperative forms may convey to patients the impression that consent to their details being transferred to the Database is a precondition of their obtaining the treatment to which they are being asked to consent. Patients, nervous because they are facing a frightening and/or urgently needed procedure, might sign their consent to have their data included in the Database without making a properly considered choice. Either scenario may (legally as well as ethically) impugn the validity of the consent. Use of a separate form, while making it obvious that what a patient is signing is separate from, and secondary to, their approval of his or her actual operation, may ward off a significant number of potential consenters, and may thereby compromise the efficiency and statistical accuracy of the Database. The functionality of the Database may be undermined without the participation of a significant proportion of patients. The results of one study that examined patient attitudes to the consent process suggest that a fear of low level participation may be misplaced. That study, conducted by Gray et al. in 1990, showed that 88% of patients not only agreed to their medical records being used for the purposes of medical research, but actually
P. Francis. Legal issues relating to a Database
S15
thought that this might just as well happen without their consent.1 Thus, this study suggests that a high level of voluntary participation could be expected in research that does not involve any extra examinations or medical tests for the patient. Patients also have an interest in the best medical care available. If the consent form outlines the reasons for the database being established, and if the treating surgeon stresses the same in consultations with the patient, it can be expected that most patients would not be deterred by a separate consent form. There are several reasons why patients would support the Database, and the inclusion of their data in it: (i) it would give them the opportunity to find out more about their prognosis following the application of specific surgical techniques; (ii) it would facilitate establishment of the best care options; and (iii) it would provide the opportunity to guarantee better surgeon supervision by peer control and other factors. In short, cardiothoracic patients could expect to enjoy the prospect of better care. In addition, a dedicated Database consent form could provide the opportunity for setting out at greater length the aims and purposes of the Database. In terms of administration, it would presumably be easier to include a separate consent form than to arrange for the current preoperative consent forms to be amended. In the perhaps unlikely event that it is impossible to get the consent of the necessary number of participants for the Database, there is another option for the ASCTS, at least with respect to Victorian patients. Under the Health Services Act 1998 (Victoria) there is a provision for public hospital files to be used without patients’ consent for the purpose of research. However, there are several requirements that need to be met. First of all, the research needs to be approved by an ethics committee. The committee needs to be satisfied that the confidentiality of the collected data is guaranteed. It also needs to be assured that the information obtained will not be used for any purpose other than the approved research. While there are good chances that the Database project would be approved by the ethics committee, this would eventually exclude the commercial use of the Database. The issue of the manner in which patient consent is obtained needs to be decided by the ASCTS in conjunction with hospitals after a careful review of all options available.
Patients’ Rights to Privacy and Access The information is gathered, treated according to law and entered into the Database. Do patients have a right of access? The short answer according to the law as it presently stands is no. Under the Freedom of Information
S16
P. Francis Legal issues relating to a Database
Legislation, patients currently have the right to access their medical records from public hospitals. This right relates to patients’ health information and does not extend to secondary material derived from their records. Information that is sufficiently de-identified falls outside the ambit of the existing and newly proposed Health Records Legislation. This does not, however, apply to the raw, identified information. Therefore, patients would not have a right of access to the information on the Database if such information had been obtained from public hospital records. The Database is about surgeons and operation techniques, not about patients. For data collections, health privacy principles apply, so patients could not access the Database. For medical records created outside the public hospital environment, it has been established by the courts that patients have no general right of access. There is therefore no issue of any ‘flow-on’ rights to access the Database. However, some jurisdictions have tried to amend this position. In August 2000, the Victorian State Government introduced a Bill into Parliament to establish a framework to protect the privacy of the individual’s health information, and to provide individuals with an enforceable right of access to their own health information. Similar legislation had already been passed both in New South Wales (Privacy and Personal Information Protection Act 1998 (NSW)) and in the Australian Capital Territory (Health Records (Privacy and Access) Act 1997 (ACT)). The proposed ‘Health Record Bill’ will cover all health information held by organisations in Victoria, including both public and private organisations that hold health information but do not provide a health service. If the Bill is passed into law, all information must comply with the Health Privacy Principles (HPP). As outlined in the Bill, all information within the Cardiac Surgery Database not only needs to be collected with the consent of the patients, but also needs to be deidentified, so that patient identity can not be determined by third parties. If the Database is to be national, this will be a requirement in any event, as it is already a requirement under the NSW and ACT legislation. Deidentification of data collected for the Database will still allow the inclusion of some detailed patient information such as: (i) sex; (ii) date and country of birth; (iii) suburb and state of residence; (iv) ethnicity; (v) occupation and income; (vi) height and weight; (vii) date of hospital admission and discharge; and (viii) operative procedures carried out. Patients may arguably remain identifiable through the aggregate of information that is necessary for the Database to remain useful, so the ASCTS must be conscious of this issue.
Heart, Lung and Circulation 2001; 10 (Suppl.)
While it may be possible to exclude a patient’s right to access the data under the Health Records Bill contractually through the consent form, it may also be advisable for the ASCTS to become involved in finalising the Bill. The ASCTS may ask, for example, whether the information to which it is proposed to allow patient access is that by which an individual’s identity becomes immediately apparent or can reasonably be ascertained. The overview issued in relation to the draft Bill cites examples as including ‘lists of health information with sufficient details (not necessarily name or address) so that another person could readily work out from the information the identity of individuals’. This may conceivably encompass the data contained on the Database.
Commercial Use of the Database for Ongoing Funding The two main options for the ASCTS in realising the commercial potential of the Database are: (i) to grant insurance companies, pharmaceutical companies and other interested companies access to the Database; and (ii) to sublicense the design and structure of the Database and the Database technology to other medical societies, which might also want to follow up on operation success and other parameters. This technology may include the processes developed by the ASCTS to enter the data into the Database. Although the data can be used commercially, it will be subject to constraints. For example, funding agreements for the commercialisation of such data will be subject to the rules of the ASCTS. With respect to any financial dealing, consideration should always be given to taxation implications. From a practical point of view, the ASCTS must also obtain consent for the commercial use of the Database from information providers (including hospitals, surgeons and other hospital staff, and patients). It will have to de-identify patients to protect their privacy and obtain agreements with the users of the Database that protect the confidentiality of the data.
Protection of the Database The Database will contain, as already discussed, an array of sensitive information that needs to be protected. Protection is also needed for the ASCTS, which might be sued for breach of confidence in case of a leakage to the media of sensitive information about patients, surgeons or hospitals. Common strategies for limiting the risk of litigation include thorough legal compliance procedures, liability insurance and the obtaining of indemnities from likely potential litigants.
P. Francis. Legal issues relating to a Database
Heart, Lung and Circulation 2001; 10 (Suppl.)
Protection of Data and Ownership The ASCTS, as the owner of the Database, has the ability to, and eventually will need to, restrict access to it. Any party who wishes to gain access should be asked to sign an agreement setting out strict obligations of confidentiality with respect to the data. Such undertakings will allow users to appreciate the sensitive nature of the data. Stringent security mechanisms, especially in storing the data, are required to protect access to the Database. Further protective measures could include the assertion of copyright. Attachment of the copyright symbol to documents will serve to inform users and the like of the ownership of the data.
Defamation and Misleading and Deceptive Conduct: Breach of Confidence The potential for defamation and actions based on false and misleading conduct will be minimised if access to the Database is granted only under restricted terms, that is, with users undertaking not to publish data in relation to performance of specific surgeons or hospitals. A preventative measure additional to the secure storage of the data would be to mark all material related to the database ‘Confidential’. Anyone gaining unauthorised access to such material might then be liable to an action of breach of confidence, if the elements of breach of confidence are made out. These elements are: (i) that the material has a quality of confidence about it; (ii) that the information was imported in circumstances imposing an obligation of confidence; and (iii) that there has been, or will be, an unauthorised use of information to the detriment of the ASCTS.
Protection from Litigation from Surgeons It is also important to avoid the exposure of the ASCTS to defamation action and other tortious actions, for example those under the Trade Practices Act. These could be instigated by surgeons or hospitals whose performance might be described in reports issued on the basis of the data contained in the database. In order to protect the ASCTS, it is important that suitable interpretative tools are used and that care is exercised in the interpretation of statistics generated from the database.
Litigation The topic that most brings surgeons and lawyers together is litigation, in particular, surgeons suing surgeons. There is nothing legally new here although the advent of the Database throws the issue of litigation
S17
into sharp relief. Public statements about a surgeon’s reputation, statements that endanger the protection of his or her livelihood (such as the publication of inaccurate information sourced from the Database), or information that is critical of a surgeon’s performance, may be highly defamatory. The Database has real risks associated with it; risks for the ASCTS and risks for the surgeons. There are also risks for the Directors of the ASCTS and its officers, particularly the Database management team.
The Society, Its Directors and Their Duties A society, akin to a corporation, is a separate legal entity capable of suing and being sued. But unlike a corporation, a society is a non-profit making entity and therefore cannot take part in trading activities for the sole purpose of creating profit. Funds generated from its activities must be reinvested to promote and further its objectives and aims. The directors of a society are the individuals making the day-to-day management decisions, and they have certain duties imposed on them by the law. Generally, directors must always act in the best interest of the society and treat the society’s interests as paramount. In particular, directors should avoid situations of insolvent trading. Insolvency means that the society is in the process of winding up. When a society is insolvent, the directors are suspended from their duties and powers, and creditors’ interests become paramount. Therefore any director exercising his or her power during insolvency is punishable at law. A director can be made personally liable for acts of insolvent trading. In some circumstances, directors can also be personally liable for debts incurred fraudulently or dishonestly. Therefore the law places rather high expectations on directors.
Risk Management Risks are manageable so long as appropriate measures are adopted. These comprise in-built safeguards such as incorporation of strict standards within the rules of the ASCTS, and agreements relating to the development, maintenance, administration and use of the Database. Other strategies include expert risk analysis in order to devise and implement strategies to reduce risk, insurance, and the exercise of due care and diligence.
Reference 1. Gray NJ, Hill D, Lovell RR. Privacy and medical research: Most people support current practice. MJA 1990; 153: 740.