The Paradox of Integration: A Narrative Review on the Ethics and Security of the Centralized Patient Profile in Multidisciplinary Healthcare
Abstract
Background: The drive towards value-based, coordinated care has made the integrated Centralized Patient Profile (CPP) a cornerstone of modern health informatics. This profile aggregates deeply sensitive data from nursing narratives, epidemiological histories, genetic lab results, and administrative sources, creating a comprehensive yet ethically complex digital persona. Aim: This review aims to critically analyze the ethical, legal, and practical challenges inherent in managing the CPP across multidisciplinary boundaries. It focuses on the tensions between data utility for care and the imperative of privacy and security. Methods: A narrative synthesis methodology was employed, analyzing literature from 2010-2024 sourced from PubMed, IEEE Xplore, ACM Digital Library, and grey literature (legal, policy, and technical reports). Thematic analysis was conducted across the domains of ethics, law, security, and clinical practice. Results: The CPP creates a "paradox of integration": while it enhances care coordination, it simultaneously exacerbates risks of privacy harm, discriminatory misuse, and unauthorized access. Key challenges include defining the "right to know" across disciplines, protecting particularly sensitive data (genetic, social), and implementing technically robust yet clinically usable segmentation controls. Current legal frameworks like HIPAA are insufficient for governing complex, inferred data within CPPs. Conclusion: Realizing the CPP's promise requires a paradigm shift from monolithic data sharing to ethical, "privacy-by-design" architectures with granular, context-aware access controls. This must be underpinned by reformed policies, interdisciplinary ethics training, and a culture that balances seamless care with vigilant data stewardship.
Full text article
References
1. Acar, A., Aksu, H., Uluagac, A. S., & Conti, M. (2018). A survey on homomorphic encryption schemes: Theory and implementation. ACM Computing Surveys (Csur), 51(4), 1-35. https://doi.org/10.1145/3214303
2. Adler‐milstein, J., & Pfeifer, E. (2017). Information blocking: is it occurring and what policy strategies can address it?. The Milbank Quarterly, 95(1), 117-135. https://doi.org/10.1111/1468-0009.12247
3. Ancker, J. S., Edwards, A. M., Miller, M. C., & Kaushal, R. (2012). Consumer perceptions of electronic health information exchange. American journal of preventive medicine, 43(1), 76-80. https://doi.org/10.1016/j.amepre.2012.02.027
4. Avdagovska, M., Menon, D., & Stafinski, T. (2020). Capturing the impact of patient portals based on the quadruple aim and benefits evaluation frameworks: scoping review. Journal of medical Internet research, 22(12), e24568. https://doi.org/10.2196/24568
5. Blease, C., Salmi, L., Rexhepi, H., Hägglund, M., & DesRoches, C. M. (2022). Patients, clinicians and open notes: information blocking as a case of epistemic injustice. Journal of Medical Ethics, 48(10), 785-793. https://doi.org/10.1136/medethics-2021-107275
6. Brkić, M., Dinu, H. S., Mirković, A., Sabirović, A., Khan, S., & Svetinović, D. (2023, November). Cyber Vulnerabilities in Blockchain Electronic Health Records: An In-Depth Threat Analysis. In 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) (pp. 0784-0791). IEEE. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361458
7. Burris, S., Ashe, M., Levin, D., Penn, M., & Larkin, M. (2016). A transdisciplinary approach to public health law: the emerging practice of legal epidemiology. Annual review of public health, 37(1), 135-148. https://doi.org/10.1146/annurev-publhealth-032315-021841
8. Caine, K., & Tierney, W. M. (2015). Point and counterpoint: patient control of access to data in their electronic health records. Journal of general internal medicine, 30(Suppl 1), 38-41. https://doi.org/10.1007/s11606-014-3061-0
9. Cavoukian, A. (2009). Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario, Canada, 5(2009), 12.
10. Childress, J. F., & Beauchamp, T. L. (2022). Common morality principles in biomedical ethics: responses to critics. Cambridge Quarterly of Healthcare Ethics, 31(2), 164-176. doi:10.1017/S0963180121000566
11. Clayton, E. W., Evans, B. J., Hazel, J. W., & Rothstein, M. A. (2019). The law of genetic privacy: applications, implications, and limitations. Journal of Law and the Biosciences, 6(1), 1-36. https://doi.org/10.1093/jlb/lsz007
12. Cohen, I. G. (2019). Informed consent and medical artificial intelligence: what to tell the patient?. Geo. LJ, 108, 1425.
13. Cohen, I. G., & Mello, M. M. (2018). HIPAA and protecting health information in the 21st century. Jama, 320(3), 231-232. doi:10.1001/jama.2018.5630
14. Dagher, G. G., Mohler, J., Milojkovic, M., & Marella, P. B. (2018). Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology. Sustainable cities and society, 39, 283-297. https://doi.org/10.1016/j.scs.2018.02.014
15. Hermes, S., Riasanow, T., Clemons, E. K., Böhm, M., & Krcmar, H. (2020). The digital transformation of the healthcare industry: exploring the rise of emerging platform ecosystems and their influence on the role of patients. Business Research, 13(3), 1033-1069. https://doi.org/10.1007/s40685-020-00125-x
16. Hornum, M. S., Steinsbekk, A., & Nøst, T. H. (2023). Views on patient portal use for adolescents in mental health care-a qualitative study. BMC Health Services Research, 23(1), 132. https://doi.org/10.1186/s12913-023-09156-6
17. Hsieh, F. S. (2021). A dynamic context-aware workflow management scheme for cyber-physical systems based on multi-agent system architecture. Applied Sciences, 11(5), 2030. https://doi.org/10.3390/app11052030
18. Hu, V. C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., & Scarfone, K. (2014). Guide to attribute based access control (ABAC) definition and considerations. NIST special publication, 800(162), 1-54.
19. Jin, J., Ahn, G. J., Hu, H., Covington, M. J., & Zhang, X. (2009, June). Patient-centric authorization framework for sharing electronic health records. In Proceedings of the 14th ACM symposium on Access control models and technologies (pp. 125-134). https://doi.org/10.1145/1542207.1542228
20. Keshta, I., & Odeh, A. (2021). Security and privacy of electronic health records: Concerns and challenges. Egyptian Informatics Journal, 22(2), 177-183.https://doi.org/10.1016/j.eij.2020.07.003
21. Lenartz, A., Scherer, A. M., Uhlmann, W. R., Suter, S. M., Hartley, C. A., & Prince, A. E. (2021). The persistent lack of knowledge and misunderstanding of the Genetic Information Nondiscrimination Act (GINA) more than a decade after passage. Genetics in Medicine, 23(12), 2324-2334. https://doi.org/10.1038/s41436-021-01268-w
22. Mittelstadt, B. (2019). The ethics of biomedical ‘big data’analytics. Philosophy & Technology, 32(1), 17-21.https://doi.org/10.1007/s13347-019-00344-z
23. Mittelstadt, B. D., & Floridi, L. (2016). The ethics of big data: current and foreseeable issues in biomedical contexts. The ethics of biomedical big data, 445-480. https://doi.org/10.1007/978-3-319-33525-4_19
24. Mohammad Amini, M., Jesus, M., Fanaei Sheikholeslami, D., Alves, P., Hassanzadeh Benam, A., & Hariri, F. (2023). Artificial intelligence ethics and challenges in healthcare applications: a comprehensive review in the context of the European GDPR mandate. Machine Learning and Knowledge Extraction, 5(3), 1023-1035. https://doi.org/10.3390/make5030053
25. Obermeyer, Z., Powers, B., Vogeli, C., & Mullainathan, S. (2019). Dissecting racial bias in an algorithm used to manage the health of populations. Science, 366(6464), 447-453. https://doi.org/10.1126/science.aax2342
26. Ploug, T., & Holm, S. (2015). Meta consent: a flexible and autonomous way of obtaining informed consent for secondary research. Bmj, 350. https://doi.org/10.1136/bmj.h2146
27. Price, W. N., & Cohen, I. G. (2019). Privacy in the age of medical big data. Nature medicine, 25(1), 37-43. https://doi.org/10.1038/s41591-018-0272-7
28. Prince, A. E., & Roche, M. I. (2014). Genetic information, non-discrimination, and privacy protections in genetic counseling practice. Journal of genetic counseling, 23(6), 891-902. https://doi.org/10.1007/s10897-014-9743-2
29. Rocher, L., Hendrickx, J. M., & De Montjoye, Y. A. (2019). Estimating the success of re-identifications in incomplete datasets using generative models. Nature communications, 10(1), 3069. https://doi.org/10.1038/s41467-019-10933-3
30. Rothstein, M. A. (2016). The end of the HIPAA privacy rule? Currents in contemporary bioethics. The Journal of Law, Medicine & Ethics, 44(2), 352-358. https://doi.org/10.1177/1073110516654128
31. Shaban-Nejad, A., Michalowski, M., & Buckeridge, D. L. (2018). Health intelligence: how artificial intelligence transforms population and personalized health. NPJ digital medicine, 1(1), 53. https://doi.org/10.1038/s41746-018-0058-9
32. Shahid, J., Ahmad, R., Kiani, A. K., Ahmad, T., Saeed, S., & Almuhaideb, A. M. (2022). Data protection and privacy of the internet of healthcare things (IoHTs). Applied Sciences, 12(4), 1927. https://doi.org/10.3390/app12041927
33. Staunton, C., Slokenberga, S., & Mascalzoni, D. (2019). The GDPR and the research exemption: considerations on the necessary safeguards for research biobanks. European Journal of Human Genetics, 27(8), 1159-1167. https://doi.org/10.1038/s41431-019-0386-5
34. Veinot, T. C., Mitchell, H., & Ancker, J. S. (2018). Good intentions are not enough: how informatics interventions can worsen inequality. Journal of the American Medical Informatics Association, 25(8), 1080-1088.
35. Yaqoob, I., Salah, K., Jayaraman, R., & Al-Hammadi, Y. (2022). Blockchain for healthcare data management: opportunities, challenges, and future recommendations. Neural Computing and Applications, 34(14), 11475-11490. https://doi.org/10.1007/s00521-020-05519-w
36. Zhang, R., Liu, G., Kang, H., Wang, Q., Tian, Y., & Wang, C. (2021). Improved Bell–LaPadula model with break the glass mechanism. IEEE Transactions on Reliability, 70(3), 1232-1241. https://doi.org/10.1109/TR.2020.3046768
37. Zaidi, M., Amante, D. J., Anderson, E., Ito Fukunaga, M., Faro, J. M., Frisard, C., ... & Lemon, S. C. (2022). Association between patient portal use and perceived patient-centered communication among adults with cancer: cross-sectional survey study. JMIR cancer, 8(3), e34745. https://doi.org/10.2196/34745
Authors
Copyright (c) 2024 Fadiyah Ali Ayishi, Ali Mohammed Al Rayiq, Zohour Hussain Hussain Mobarki, Yousef Abdullrahman Bajunayd, Mohammed Nasser Qasimi, Gasem Jaber Mohammed Alhamzi, Najoud Zain Othman Al Hadi, Safa Mohammed Khard, Mariam Mohammed Yahya Somaily, Asaad Munwer Al mutairi, Almontaserbella Abdulhadi Suror, Abdullah Abdulaziz Ibrahim Alghamdi
This work is licensed under a Creative Commons Attribution 4.0 International License.