Nice to hear a radio programme about lifecourse epidemiology and longitudinal studies this week. It’s not often that population health gets such a measured presentation. I was particularly pleased to hear reference (24 mins onward) to the potential of using existing data from patient records to give new insights to health, disease and clinical care, not least because my PhD will involve doing just that.
There are, of course, ethical considerations. Maintaining patient confidentiality is key, and data needs to be securely stored. Obtaining individual consent for retrospective use of data not is pragmatic for the researcher, but some patients may rightly object. These are not small considerations.
But it can be argued that it’s unethical not to use this data. Say I have a hypothesis that a particular surgical procedure is causing harm. I could set up a study and recruit the relevant patients, getting them to sign consent forms. I may not plan to collect any data beyond what is already in the care record. It might take me 5 years to recruit enough patients to help me answer the question. Alternatively, I could look at the last five year’s worth of existing data. Patients would not need to be hassled, admin costs could be avoided and spent on other research, answers could be found sooner, and clinical practice improved to provide better care without such a long delay.
There are things we can do to protect patients. I will never see directly identifiable data such as names, addresses and NHS numbers, for example. To have access to data from which a nosey person could deduce identity (e.g. by combining birth and death dates with the first part of the postcode) requires justification and extra safeguards. The actual data is a lot drier than you might imagine, and the identity of individual people behind the records is far from my mind as I’m grappling with statistical package commands.
There’s a lot of potential here. The technology is available, and the methodology is there, although there are areas for improvement in its deployment. The governance, however, hasn’t quite caught up. To do this kind of work, one must (quite rightly) apply to an ethics committee for approval. Any researcher can tell you that ethics application forms are long, repetitive and at times puzzling, but at least if you’re setting up a clinical trial the questions are well-tailored. The kind of work I will be doing does not fit neatly into some of the standard questions, which makes the ethics application process somewhat confusing, especially as the data is from a nationwide database, and ethics and governance structures tend to have a local focus.
Just to add to the fun, my lack of NHS or university contract requires me to obtain a ‘research passport’. The first trip to HR with a bundle of paperwork enabled me to prove that I don’t have a criminal record (a fair request). The second trip included presenting paperwork from occupational health not only declaring me fit for work but listing all my vaccinations. I thought that was the end of it, but apparently the next stage is to get the form signed by the ‘relevant NHS trust’. Is that the trust in which I live? The two who are partners on the grant that funds me? The one in which the clinical lead of the database I will work with is based? Or every trust in the country, given that the data is nationwide? These processes aren’t clear, and finding the right person to give the correct answer is not always easy.
In the same way that the specific ethical considerations of, say, clinical trials, are reflected in how they are governed, I think there is a need to refine the process for working with electronic patient records, as this work will become increasingly common. There is a risk, otherwise, that the broad focus of these processes will distract from some of the issues more pertinent to this area.