Ontario’s Diabetes Initiative: Big Brother Carries a Stethoscope
Hi there. We’re the Ontario Government. We know you have diabetes but don’t worry we’re here to help. We’re going to send “The Diabetes Testing Report” to your doctor. It will tell him or her when you last had three important tests: blood sugar test (A1C), cholesterol test (LDL), and retinal eye exam. If you don’t want us to do this, you can contact our general service provider, Service Ontario, to “opt out”. Please do so by 11 June 2010.
This is the gist of a Public Notice that I understand appeared in newspapers in Ontario on the 24-25 April 2010 weekend. You can download a copy of the Notice here. It simply references the “Government of Ontario” so it’s not clear whether this initiative is being conducted by the Ministry of Health and Long Term Care (“MOHLTC”) or eHealth Ontario. Given their close relationship (after the events of last year), it’s difficult to know where to place the dividing line between the two.
There are a number of nagging questions associated with this initiative.
1. Where did they get this data?
The first inkling of this initiative cropped up in November 2009 when the then CEO of eHealth Ontario, Rob Devitt, announced a Baseline Diabetes Dataset Initiative, indicating that someone, somewhere, through data mining, had compiled a list of 906,577 patients and their almost 9000 family doctors.
Did MOHLTC use its own OHIP (billing) database to extract this information? It appears yes. MOHLTC used its own major source of information to identify individuals who were beneficiaries of the A1C and LDL tests and eye exams. The Health Insurance Act requires confidentiality with respect to billing information, subject to that Act, the Personal Health Information Protection Act (“PHIPA”) and the Freedom of Information and Protection of Privacy Act (“FIPPA”).
2. Has MOHLTC violated FIPPA?
It is doubtful that FIPPA applies directly at all. MOHLTC is a FIPPA Custodian and PHIPA applies to all of the Ministry’s records containing personal health information (“PHI”), including “mixed” records. The only “cross-walk” is via s.43(1)(f) of PHIPA whereby an institution subject to FIPPA is permitted to disclose PHI for the original or a consistent purpose [FIPPA, s. 42(1)(c)]; for law enforcement purposes [FIPPA, s. 42(1)(g)]; or to the federal government for audit purposes [FIPPA, s. 42(1)(n)].
Under s. 42, disclosure is permitted for the purpose for which it is collected or a consistent purpose. One may question whether using PHI – collected for billing administration purposes – for the purpose of establishing this diabetes database is a consistent purpose. Using information for other purposes is one of the things that people fear about large government databases.
3. Has MOHLTC violated PHIPA?
MOHLTC is a “health information custodian” for the purposes of PHIPA and consent is required unless PHIPA otherwise authorizes the collection, use and disclosure without consent.
PHIPA has a long series of provisions that permit disclosure without consent. None of them seem to fit quite right. Section 38(1)(a) of PHIPA permits disclosure “to a health information custodian… if the disclosure is reasonably necessary for the provision of health care and it is not reasonably possible to obtain the individual’s consent in a timely manner, but not if the individual has expressly instructed the custodian not to make the disclosure” (Emphasis added)
Is it not reasonably possible to obtain an individual’s consent in a timely manner? This is not a population-screening program where that argument might be made. Physicians are to be provided with this information. One might wonder if physicians should have been asked to enroll patients in the program after discussing the issue with them.
Section 39 of PHIPA permits disclosures for the purposes of health or other programs. The most obvious provisions appear to be 39(1)(c) - disclosure to a registry – and (d) – disclosure where the “disclosing custodian and recipient custodian provide health care or assist in the provision of health care”. MOHLTC is not a “prescribed person” that operates a registry as described in 39(1)(c) and it seems a stretch to consider the three specific requirements of 39(1)(d) cover this situation.
I emphasize disclosure here but it is to be noted that there are permitted uses under PHIPA for health information custodians. Section 37(1)(c) permits health information custodian use of personal health information “for planning or delivering programs or services that the custodian provides” while 37(1)(d) permits use “for the purpose of risk management, error management or for the purpose of activities to improve or maintain the quality of care or to improve or maintain the quality of any related programs or services of the custodian”. It’s arguable that these provisions give cover to the MOHLTC for use; however use is very distinct from disclosure.
4. For physicians, is verification of the information a violation of the Policy on Confidentiality of Personal Health Information of the College of Physicians and Surgeons of Ontario?
Under that Policy, physicians can share information with others involved within the patient’s circle of care without asking for the patient’s consent. In the context of this initiative, this suggests that the government forms part of the “circle of care”. According to the Policy, “[t]he patient’s express consent is required for providing his or her personal health information outside of the circle of care, except where otherwise directed by statute.” It doesn’t seem to me that verification of personal health information under this initiative is either required or authorized by law.
I’m informed that the OMA has endorsed this initiative and indicated to its members:
“As part of the BDDI, each family physician in Ontario will be asked to verify a list of diabetic patients from their practice. A one-time payment, based on the number of diabetics within each practice and only available to family physicians, will be made to those who return their verified list to the Ministry.
Family physicians who return their verified list will then receive a “Diabetes Test Report,” which will indicate the last date each of their diabetic patients received an A1C, LDL or retinal eye exam, as well as data on how many of their patients received these three tests within the recommended guideline period.”
Physicians are not required to discuss the Initiative with their patients. I can’t help but wonder if anyone has thought about whether this is a violation of basic medical ethics?
5. Is MOHLTC violating the Canadian Charter of Rights and Freedoms?
Even if legislation permits the MOHLTC (or eHealth Ontario for that matter) to undertake this initiative, one issue to consider is whether this initiative violates the “reasonable expectation of privacy” found in s. 7 of the Charter. There is a “balancing of interests” test – found in R. v. Oakes – and it would be interesting to see what analysis, if any, was done. This isn’t a database for research purposes meant to benefit society as a whole; this is a government database for managing the healthcare of individuals. Isn’t that a little too intrusive into the lives of people to do so without the basic requirement of consent?
6. What is the position of the Information and Privacy Commissioner of Ontario?
There is no evidence of any privacy impact assessment having been conducted. Having said that, I would find it hard to believe that MOHLTC did not consult with the IPC on this initiative. If yes, did MOHLTC follow the guidance provided by the IPC?
The shame of it all is not what they want to do but how. What stood out for me were the words “opt out”, especially an “opt out” that has a deadline of approximately six weeks from the date of the Public Notice. If the program is so good, why not ask people with diabetes to participate first? If you’re paying physicians to verify the information, could you not pay them to discuss and enroll people into the program? If a fundamental aspect of privacy is consent, when did the MOHLTC get the consent of the patients concerned? And if they didn’t, shouldn’t they – as a matter of common decency – have done so? Is this paternalistic approach a harbinger of things to come?
No one told me Orwell’s Big Brother would come in the guise of wearing a white coat and carrying a stethoscope.