Many nations are currently facing the question of how to provide affordable, efficient health care access. Currently, low and middle-income countries (LMICs), with their many rural and hard-to-reach communities, are at the forefront of concern for world health officials, as they continue to suffer from a host of life-threatening conditions. In fact, although the World Bank notes that the mortality rate for children under five worldwide lowered from 12 million in 1990 to 6.6 million in 2012, the numbers remain excessively high in LMICs.
Some of the most prevalent conditions are preventable with education, decent standards of living, and a sturdy health system. While standards of living and health care access have seen only minimal improvements in LMICs over the last decades, mobile phone coverage in these areas has grown exponentially, rising to nearly equal the population count in many countries. It makes sense that a health technology that is able to capitalize on widespread connectivity has proliferated quickly. In a short time, it has gained support from health care professionals and institutions concerned with reducing global poverty, as well as the public at large.
This rapidly emerging technology is known to the world as mHealth (mobile health), and it comprises solutions not just for developing countries, but also for highly developed countries like the United States that are beginning to struggle with the economic and logistic issues associated with providing equitable healthcare for all citizens. mHealth technologies include a variety of tools from software (“apps”) to wearable sensors and portable electronic devices. Although varied in nature, they have several common elements: to assist with health intervention, management, and treatment through a caregiver’s or patient’s personal mobile device.
A look at the stakeholders in the mHealth process is essential in order to answer any ethical questions raised by this technology. To begin with, developers of medical software have a vested interest in keeping abreast of advances that streamline processes and lower costs. mHealth’s strongest selling point is it’s innate ability to systemize and simplify through on-the-go patient services. However, mHealth app creators are not covered by the Health Information Portability and Privacy Act (HIPAA) and lack incentive to provide robust security for patient information. When Kevin Johnson, a self-described "ethical hacker," and the CEO of the network security consulting firm Secure Ideas reviewed a patient care record app, he discovered a fatal flaw: since nothing was encrypted, it was simple for Johnson to get a close look at all personal information for any patient using the app. Upon notification, the app creator refused to correct the issue, citing that they weren’t required to be HIPAA compliant.
Johnson points out that other apps residing on your personal device can “steal” information from your health app unless permission blocks are encoded in the design of the app. Some very commonly installed apps, such as several versions of “Flashlight,” can access information resident on your device. They can modify or delete the contents of your USB storage, receive data from the internet, take pictures and videos, test access to protected storage, and change system settings. Furthermore, health apps that use text messages to remind patients to take medication can expose patient data to anyone within sight of the mobile device when the text comes through, leaving patients at risk for discrimination. Until software developers have an incentive to provide integrated and exhaustive security, your personal health information may be at risk.
Pharmaceutical companies are another sector with a clear incentive to get in on the ground floor of this emerging interface. A white paper published by Booz & Company noted that digital technology can increase patient motivation and commitment through a patient engagement platform (PEP), and that “the right application of digital technology can also create new opportunities for pharma companies to revamp their business model.” One of the PEPs outlined in the paper includes items such as a wireless blood pressure monitor, passive and active tracking devices, and recommendation engines, electronic health records, and clinical decision tools.
However, there is a potential for conflicting interests when a medical professional uses an app developed by the pharmaceutical company to determine the best plan of treatment for a patient. We mustn't forget that the drug company's primary goal is to sell its drugs. In addition, some companies, like Pfizer and Sanofi-Aventis, have had to issue app recalls after algorithms in the app resulted in incorrect markers for disease activity. Unfortunately, the recall only removes the app from app stores to prevent new downloads—it doesn’t remove the app from devices on which it is currently resident. Pfizer did send doctors letters advising against further use of the app, but there is no way to tell how many doctors received and acted upon the notification.
These failures carry a potential for injurious impact on the individual because of the possibility of incorrect treatment. These harms can include the administration of unneeded medications or performance of non-essential procedures as well as mental anguish due to the emotional trauma of a faulty result. Failing FDA intervention and subsequent regulation, medical professionals should not allow diagnoses through health apps to outweigh or override other options. In all cases, a failsafe in the form of alternative testing and traditional patient interviews should be used to prevent errors.
Health insurers also are a major player in the mHealth community. Kaiser Permanente has over 9 million members, making it one of the largest not-for-profit managed care and health care providers in the United States. In an effort to realize the benefits of mHealth technology, Kaiser recently created free apps for Android and iOS. These apps connect its members to a mobile optimized website so they can access their personal health information from any location and at any time. In 2011, Kaiser’s mHealth apps provided online results for more than 68 million lab tests. These apps also allow patients the ability to access their diagnostic information, email their doctors, schedule appointments and refill prescriptions 24 hours a day, seven days a week. To help patients feel safe, Kaiser has implemented stringent security measures including user authentication, automatic log-out after a period of inactivity, and secure internet connections. They offer further protections by maintaining that personal health information will remain on Kaiser Permanente’s secure servers as opposed to mobile devices. When a patient logs into her account, however, a home screen shows allergies, a health summary, immunizations, ongoing health conditions, and past visit information at one quick glance. One glance can certainly be revealing, and potentially damaging, in the short time before an inactivity sensor would log the user off.
With outpatient care comprising more than 40 percent of hospital revenue, it should come as no surprise that medical care providers are a pivotal piece of the mHealth puzzle. mHealth devices can relieve the patient overload in medical offices by taking over some of the simpler office procedures: blood pressure checks, heart monitoring, weight management, lifestyle tracking, and even glucose monitoring. They also allow doctors to “go mobile” so they can more effectively provide care in outpatient or roaming clinics and hard-to-access rural areas. When it comes to mobile patient information, however, the security is only as good as the person using the device. A study published in the Journal of Medical Internet Research showed some troubling tendencies among doctors who used mobile devices. Of the 98 percent of study respondents that owned mobile phones, 86 percent used their personal devices for patient-related communications during clinical rotations and one-third had no security feature in place. Sixty-eight percent agreed that there was a privacy risk when information was shared between colleagues via personal device, and yet 22 percent of 96 respondents still used their device to transmit patient data. Naturally, using mobile devices to track health care information can put patients’ information at risk, especially if the device is also a personal device, or it is shared among physicians and clinics.
Beyond security issues, doctors and clinicians using mHealth devices face difficulties resulting from the medium itself. Mobile device screens can be small, making details of x-rays and other tests difficult to discern with accuracy. Also, there can be reliability concerns relating to internet connectivity and signal strength as well as loss of data from device crashes that can put doctors in the field at a disadvantage.
The final, and most important component of the mHealth arena is the patient. mHealth can improve patient motivation to comply with physician’s prescribed protocol through reminders, rapid feedback, and connection to an in-network social group. In LMICs, mHealth can bring health and hygiene education, on-the-spot assistance and coaching for birthing situations, and access to complex diagnostic tools. mHealth has also been praised for being able to give patients in hospitals privacy and time to rest while reporting their vitals seamlessly to clinicians in another room, and for allowing chronically ill patients the luxury of staying at home rather than in a hospital to undergo their treatment regimen. While these features seem enticing, it is important to note that, in the case of device failure, a patient with no physical monitoring may be at greater risk for adverse events.
While some patients feel empowered by the idea of mHealth, others display greater feelings of risk by sharing their personal data in an online environment. A study reported in the Journal of Medical Internet Research indicated that in the sample group of low-education, English-speaking consumers, younger patients liked the idea of patient portals where current medical information, lab results, appointment scheduling, and health proxy abilities would be at their fingertips. Studies showed older adults were more concerned about privacy and less satisfied with receiving lab results from a patient portal.
mHealth has been touted as a panacea for crowded doctor’s offices and the time-stretched physician’s tendency to rush patients through an appointment. But perhaps instead of adding value to the health care scenario, mHealth diffuses the available health providers’ time even further. Is it ethical for a doctor to create a care plan for a person he may never have met? Surely, in the case of LMICs, some care is preferable to none at all. However, in the developed world, mHealth may be like water over the already eroded rock of physician accountability, and without oversight protocols in place, it may put further strain on doctor-patient relationships.
As use of mHealth grows, national governments, medical and health care organizations, patients, professional organizations, and consumer groups will need to carefully monitor all aspects of the system to ensure privacy is maintained and patients’ rights are preserved. Fail-safes and testing stipulations should be included to decrease the likelihood of failure due to “buggy” apps, faulty design, and user error. More importantly, strict oversight will help prevent a boon for LMICs from becoming the bane of world health providers and consumers alike.