Inspired and intrigued by a recent Health Informaticians’ debate, Amit Bhagwat delves into facets of information governance – those that are commonly understood within the health sector, those that are commonly misunderstood and others that are routinely missed.
The ASSIST annual conference in April included debate on the motion – “this house believes that information governance kills people”. The event gave me interesting insight into how “information workers” in the health sector, and perhaps in the entire public sector and beyond, perceive information governance.
In the debate, the affirmatives offered two anecdotes with common points. One was case of an “old dear” who was apt to forget medical procedures and was even otherwise in need of social services’ attention. The social services however were unable to intervene without her consent. The lady, a simple soul uncomfortable with officials to begin with and additionally finding the procedures incomprehensible and perhaps intimidating, did not consent. As it turned out, she died after a minor domestic accident that she would have survived by consenting to greater social services care.
The second example related to inability of immediate members of the family to act in interest of their loved one when she was comatose, because power of attorney was neither sought nor granted before. Although this story ended on a happier note, the unnecessary stress that family members - who clearly cared about the patient and acted in her best interest - suffered, was largely attributed to information-handling consents.
The negatives stuck to British value of respecting privacy, possibility of information abuse without safeguards and potential for carelessness without implications of loss of profession and criminal charges. They also tried to alleviate scares by citing a US case involving a psychopathic killer and explaining that the common law in Britain was sensible and circumspect enough where greater public good or palpable risk to life allowed overriding right to privacy and, in that respect, information governance was not a potential killer.
While discussions such as these are quite common among information workers, they have a predictable pattern that leaves out many aspects of information governance. The following are a few questions that aim to probe the width and depth of information governance
Exploring information governance
Is it right to reduce information governance to security and confidentiality?
Had information governance simply been safeguarding against unauthorised flow of information, it would have been referred to as such – something like information security / containment. Security and confidentiality are important and related fields within information governance and focus of legitimate concern and frequent media coverage. However, security and confidentiality comprise but a fraction of information governance. Active information governance begins with data and meta data design – relationship between, and safeguards on, database elements, before the database is populated. Even the IG Toolkit – considered a work-in-progress by many – gives a wealth of pointers.
To cite an example, the Getting Started guide for NHS Organisations, in its first paragraph “what is Information Governance” points to Information Quality (Fidelity), Pertinence, Records Management, Aggregated Monitoring and Freedom of Information implications, besides Security and Confidentiality
What data can be legitimately considered information?
Continuing on aspects of database design, each element in the database needs to be considered for
- Relevance - both overall and at specific points in time
- Usage – including allowable manipulation
- Mastery and Currency – logical ownership, duplications, potential mismatches and synchronisation
- Intelligence potential – including rules applicable to research data and the border between primary and secondary uses of data
- Decision support – including, what aspects can assist an information guardian in reaching a reasonable decision should the primary decision maker (such as the frail relative in the second case in the debate referred to earlier) be incapable of decision
Unfortunately, these aspects are routinely missed or considered perfunctorily. This is not because sensible database designers do not exist but because the database is often ‘drawn’ by political whimsy or in their contract with their suppliers by officials poised for ‘delivery’.
Not withstanding that in a democracy, logical design of national database – the template of citizen information – can not and should not be a secret, the design is often not even subjected to review by competent independent thinkers. Further, while awareness is building about futility of collecting unnecessary data (e.g. place of birth in an electronic health record), it is conspicuously absent about loss of relevance over time and therefore important of ‘lifetime’ dimension in meta data. In fact, widely user-scrutinised logical design and adequate and appropriate meta data are the most important aspects to, and tools in, effective active information governance. Yet, operational owners and commissioners of databases are routinely unaware of these, let alone being able to train the common ‘information operators’ on these aspects.
Are IG procedures optimum and expedient?
A continuation of the previous point, this is about what is the best way of getting and maintaining information, necessary and sufficient for specific clearly understood goals, within necessary and sufficient audience group? So, in the example of the old dear mentioned earlier, where the debater argued that her apprehension was a natural bi-product of incomprehensibility of the IG procedures, the so called IG procedures were NOT Information Governance. Making them comprehensible would have been.
Can bland information accumulate sentiments?
It can. There are two quite well known examples from our society – the DNA and Biometric Databases. It may sound irrelevant here; however information governance should consider this, for information to be effective and effectively used, with minimum unintended side effects.
Are some questions legitimately un-resolvable?
Let’s go back to the case of the “old dear”. Hypothesise that she precisely understood the risks she was taking by not working with the social services. It would still have been her refusal to consent to getting ‘information-processed’ that would have killed her. Yet, with many of us upholding her freedom of choice, while others focusing on our duty to avoid avoidable death, an incontrovertible judgement would not have materialised.
So, does information governance kill?
Saying that information governance kills is a bit like saying automobiles kill. Of course they do, because people do not follow rules or meet unanticipated situations, or because there is a thicket of rules and procedures apparently serving no useful purpose where a system of working around them develops, or because judgements seemingly sensibly left to common sense find common sense not so common after all. Yet, staying within sensibly drawn and prudently implemented guidelines, in practical terms, automobiles do not kill. In fact, considering lives saved, extended and made more productive by automobiles, they actually give life.
Information accidents, though predating automobile accidents, are far less tangible, and so it has taken longer for the guidelines and safeguards to appear. Few information workers are ‘licensed’, few databases ‘MOTed’, information highways are less well understood, and road signs and signals are almost completely absent. The considerable advances in automobile safety may be attributed to advances in design – of the automobiles and of the processes that design and manufacture them. Design of databases, including detailed meta data considerations, and the process of design itself, are the information equivalents to focus on. Useful indicators and rational safeguards on information flow, likewise equate similar measures applied on roads used by automobiles.
Amit Bhagwat is CEO of Beam SRC and a strategy-architecture-governance consultant