Operational Considerations for Patient Generated Health Data

The rapidly expanding healthcare Internet of Things, including remote monitoring technology, wearables, and apps, is empowering consumers to use their personal health information to manage their own health to a greater extent than ever before. We have always provided tools to consumers in support of accessing and sharing health information as active participants in their care. As digital innovation expands, so are the data sources, formats, content, and types of patient generated health data (PGHD). This article discusses management considerations for maintaining a balance between the added value of PGHD and the integrity of the electronic health record.

The Current PGHD Landscape

Health information professionals are seeing an influx of PGHD by way of many third-party applications collecting and monitoring health status and physiological output through connected medical devices. We also see increased interest among providers to survey patients about their experience and collect clinical outcomes-based data to learn and improve care.

Those of us who manage the content of the legal health record (LHR) and the designated record set (DRS) should be aware of the various PGHD our organizations are receiving and ensure it adds to the integrity and value of the patient’s health record.

Organizing Efforts

The work in front of us includes the following:

1. Updating organizational policies and procedures to address PGHD and identifying requirements for consistent management.
2. Setting up processes to determine if and how data needs to be validated for reliability or clinical pertinence.
3. Applying agreed upon classification rules for easy access and usability.

Address PGHD in Your Policies

Your organization will want to define PGHD in a way that allows users to view it in support of clinical decision-making. How we decide this and where we locate PGHD in the health record is dependent on both validity and use.

For example, you may decide that for PGHD to be considered part of your LHR, it must be formally reconciled or validated by a clinician. The information would then be routinely included in the authorized ROI output as part of the LHR. Otherwise, it could be characterized as external data, created outside the patient encounter; and, although available to both provider and patient, it would remain part of the DRS. These decisions should be reflected in your policies.

The PGHD that comes into the electronic health record (EHR) directly from the patient portal generally includes personally created messages and photos from the patient as well as data originated through a provider order such as remote patient monitoring (RPM) programs, or provider-requested surveys and questionnaires. Regardless of the type of PGHD, it is important to identify where this information will be filed within the EHR and to educate all users on how they can quickly access it. In some cases, the location of specific information may not be intuitive, and providers could miss pertinent information from the patient.

Validate or Reconcile

It is helpful to have a process to track and review each new type of PGHD added to the EHR and determine the degree of validation or reconciliation you want or need.

Consider using secure validation methods and tools ranging from reliable electronic processes to manual provider review (when necessary) before adding it to your LHR. You may have certain data that can be auto-reconciled based on trusted sources.

Especially with provider-ordered RPM results, surveys and questionnaires processes should be set up in advance to determine if, when, and how a provider will review and validate the data. Will all monitoring data points be incorporated into the EHR or a subset based on certain time frames? Will there be electronic alerts to providers to follow up on critical patient responses? You may want to add informational disclaimers to the record to qualify certain results.

Classification of PGHD

All PGHD should be identified and classified for optimal user access. Documents that are scanned into the EHR should follow a classification scheme for consistent location and fast retrieval. Staff outside of health information management who may assist with document imaging should be educated on classification procedures. Consider whether all PGHD is centrally located or filed throughout the record based on category of data types and use. For example, data coming in through apps and devices may be in flow sheet rows or scanned documents in the media tab, while patient-reported outcome surveys are filed elsewhere in the EHR.

Setting Patient Expectations

Patients should be made aware of how their health information will be used in advance and should understand, for example, if their daily weight sent through a third-party app will be viewable in their EHR. Some providers offer patients third-party app options to support them with follow-up care at home, such as in the case of parents and newborns. In these cases, you will want to involve your legal team in providing language for patients to read and understand who is responsible for the availability, accuracy, or content of the application before they sign up.

Not all information received directly from a patient may be deemed clinically pertinent or relevant. What happens if you receive unsolicited PGHD that is not clinically relevant? Processes should be in place to review and validate this information routinely as necessary. Do you have technical limitations on accepting certain media types? For example, an organization may choose not to accept personal video recordings due to storage and retention issues. Communicating to patients in advance on what information is acceptable and feasible to bring into the record should be clear. We want our patients to understand the benefits and limitations of the data they send us. Language could be added to a logical place in the portal or through other forms of patient messaging. If possible, patients should be encouraged to ask their provider if it is appropriate to send certain information, such as photographs, at the time of the current health issue.

You may ask, “Does an organization have an obligation to file everything received from a patient into their medical record?” Again, it is important to make sure patients are aware and understand your policies on what information would be considered pertinent and what you may choose to retain or discard. Just like outside documentation you receive from other healthcare organizations, policies should outline scope of relevant documentation you choose to add to the EHR. You may want to discuss this topic with your health record committee and seek advice from your legal colleagues, when necessary.

Governance

Given the array of considerations for PGHD, a governance structure provides guidance on everything from evaluating the strategic alignment of potential PGHD applications and programs to handling requests to correct or delete PGHD. This responsibility might lie with your existing health record committee or maybe a sub-group within your virtual care unit. For the most productive conversations, include representation from the following areas as necessary: health information management, clinical leadership, virtual care, information technology, legal, compliance, and information security.

The governance group may also be responsible for evaluating compliance with policies, determining LHR versus DRS issues, and assessing information security risk of third-party applications or vendors.

Other Considerations

At times, PGHD may need to be reviewed for sensitive data depending on location of information viewed in the EHR and how it may be used. To help avoid unintended exposure, encourage patients to review data ahead of time for things such as Medicare numbers, Social Security numbers, or other personal identifiers or sensitive information.

Amending would not typically be applied to PGHD as part of the DRS since it originated outside of the organization. If a patient or provider informs you the information is incorrect, assess the type of data and whether the information can be updated. If it does not need to be updated, determine the risks of removing it from view versus leaving it. In either case, add a notation that the data was/is incorrect.

The Key Role of Health Information Professionals

Health information professionals help our organizations by defining PGHD in accordance with organizational policy, ensuring pertinent, value-add data from the patient is available to providers, and recommending where it is best located in the EHR for easy access. Health information professionals also keep watch over the appropriateness of the data coming in to assure integrity of the record.

For Further Discussion

AHIMA members, log in to Access and visit the Trending Topics community to discuss how you would approach the three different scenarios below involving PGHD. If you’re not an AHIMA member and you would like to become one, click here.

How would you think about the following scenarios, and what considerations might apply? 

• Mary is concerned about the red patch of skin on her leg but unable to get an appointment with her dermatologist for three months. Concerned her lesion needed more urgent attention, she takes a photo and uploads it to her provider via the patient portal. Within hours, she is contacted by the practice and scheduled for an appointment. Should this PGHD become part of the legal health record?
• Providers would like their patients to monitor blood pressure at home using a smartphone app connected to a heart-monitoring device. The results are securely sent to the patient’s electronic health record. Should this PGHD be part of the legal health record?
• Prior to surgery, surgical patients are sent multi-page questionnaires that ask a variety of medical history and functional questions. The surveys continue post-surgery on a periodic basis for several years to track changes and outcomes. Patients submit the questionnaires via the patient portal or email. Should this PGHD be part of the DRS? Why or why not?

Resources

• HealthIT.gov. “Patient-Generated Health Data.” March 21, 2018. https://www.healthit.gov/topic/scientific-initiatives/patient-generated-health-data.
• Wickard, Amanda. “Are We Ready to Treat Patient-Generated Health Data?” Journal of AHIMA September 6, 2018. https://journal.ahima.org/are-we-ready-to-treat-patient-generated-health-data/
• Austin E, Lee JR, Amtmann D, Bloch R, Lawrence SO, McCall D, Munson SA, Nery-Hurwit M, Lavallee DC. “Use of patient-generated health data across healthcare settings: implications for health systems.” JAMIA Open. 2019 Nov. doi: 10.1093/jamiaopen/ooz065.
• Heath, Sara. “What Is Patient-Generated Health Data, Why Is It Important?” Patient Engagement HIT. April 26, 2021. https://patientengagementhit.com/news/what-is-patient-generated-health-data-why-is-it-important
• Fountain, Vernessa. “Using Data Provenance to Manage Patient-Generated Health Data.” Journal of AHIMA 85, no.11 (November 2014): 28-30.
• “Defining EHI and the Designated Record Set in an Electronic World.” AHIMA EHI Task Force Report. AMIA, EHRA, AHIMA. 2021

Deborah Adair (dadair@partners.org) is the executive director of digital enterprise HIM at Mass General Brigham.