ISSUE 1

CONTENTS

EDITORIAL

IN BRIEF

COLUMNS

REVIEWS

TUTORIAL

VIEWS & POSITIONS

EVENTS DIARY

LETTERS

SHORT PAPERS

MEETING REPORTS

CLASSIFIED

HOME

SEND COMMENT

SUBMIT CONTENT

[ SIM logo ]     [ SIM Quarterly ]

Issue 1, June 1997 ISSN 1368-1591

Personal view/position

Guidelines for clinical use of e-mail with patients

Purpose | Introduction | Advantages of e-mail in provider-patient communications | Disadvantages of e-mail in provider-patient communications | Communications guidelines | Administrative and medicolegal guidelines: privacy and security | Other issues | Institutional considerations | References | Appendix 1: Data security | Appendix 2: Summary of desirable features in electronic messaging software

Guidelines for clinical use of e-mail with patients

Guidelines (v. 3.0) from Beverley Kane, Chair, American Medical Informatics Association Internet Working Group Task Force to Develop Clinical E-mail Guidelines.

This document does not represent the policy or opinion of the American Medical Informatics Association, its members, staff, or Board of Directors. This notice must accompany any further distribution of the document.

Purpose

The purpose of this document is to guide clinicians and healthcare delivery organizations in the use of electronic mail with patients and their proxies so that this method of communication will add value and avoid unanticipated complications.

There are two distinct categories of electronic interaction between medical providers and health care consumers:

(A) Electronic communications between consumers and providers in which no contractual relationship exists, such as within an online discussion group in a public support forum.

(B) Electronic communications between consumers and providers within a contractual relationship in which the health professional has taken on an explicit measure of responsibility for the client's care. This category includes transactions between patients and those providers who act as agents for the patient's primary provider, such as a group health partner or an on-call physician.

In contrast to unauthenticated online medical exchanges between anonymous parties on mailing lists, electronic communication has a more obvious role in the established doctor-patient (or more broadly, clinic-consumer) relationship.

This paper proposes guidelines for electronic communications between clinicians and their patients in category (B) of interaction. The advantages and disadvantages of the electronic mail (e-mail) medium are first discussed. Suggested guidelines follow. Where specific guidelines cannot be recommended due to insufficient experience, policy issues for consideration are enumerated. The Task Force acknowledges the difficulty in addressing the multiplicity of clinical settings from solo practice to large multicenter hospitals. Therefore, the recommendations remain as general as possible in order to achieve the broadest possible relevance.

Introduction

Technically-minded, electronically equipped, healthcare consumers have accelerated the demand for e-mail access to their healthcare providers. In many locales, consumer-driven demand is forcing health care providers, both as individuals and on an institutional basis, to establish guidelines for such exchanges.

Guidelines for using e-mail in a clinical setting address two interrelated aspects: effective interaction between the clinician and patient, and the observance of medicolegal prudence. Since many malpractice claims can be traced to faulty communication, good communication equals good insurance.

From a sociological standpoint, e-mail is a hybrid between letter-writing and the spoken word. From a technical standpoint unencrypted electronic messages may, in theory, provide less privacy than postal mail or telephone calls. In practice, e-mail replaces and is used more like the telephone but with less urgency. Due to its necessarily asynchronous nature (back and forth over hours or days), e-mail is personal in function but impersonal in form.

Initially, clinic-to-patient e-mail traffic will be limited by the number of patients who routinely have access to e-mail accounts. For many localities that number is already surprisingly high. In one study at a University-based health center, a majority of the patients in the Internal Medicine Clinic had e-mail capabilities [1]. However, most Internet services were supplied, and to some extent monitored, by the patient's employers. Thus, many patients were reluctant to use these accounts to convey medical information.

A consideration of the advantages and disadvantages of electronic mail will help determine whether it is appropriate for a clinic, hospital, or individual practitioner to institute a program of Internet communication with patients.

Advantages of e-mail in provider-patient communications

E-mail may offer several advantages over existing communications channels between health care providers and their patients.

  • E-mail messages are less intrusive than phone calls. At least half of all phone calls to clinics are non-urgent, and patients might naturally gravitate to e-mail for routine inquiries. E-mail messages can thus be batch-processed at the convenience of the recipient.

  • The impetus to increase physician productivity has tended to result in shorter clinic time per patient. Many capitated plans place a premium on avoiding unnecessary office visits. Thus, many practitioners see e-mail as a way to provide an appropriate level of supplemental service given constraints on clinic time.

  • Often patients under the duress of illness forget to ask important questions. Self-care instructions might not be fully understood or retained. E-mail follow-up allows retention and clarification of advice provided in clinic. When properly archived, it creates a written record that removes any doubt as to what information was conveyed.

  • E-mail is especially useful for information the patient would have to commit to writing. Examples include addresses and phone numbers of other facilities to which the patient is referred; test results with interpretation and subsequent advice; instructions for how to take medications or apply dressings; and pre- and post-operative instructions. Some of these details lend themselves to a permanent position in an e-mailer template or on the provider's home page on the World-Wide Web.

  • While phone messages are often lost, forgotten, or ignored, e-mail messages can be less likely to fall through the cracks of a busy practice. Voice mail systems are typically plagued with irksome branching menus, lapses on hold, and the threat of telephone tag. Many callers merely hang up in frustration. With or without annoying automated systems, telephone messaging often relies on a physical chain of human transmissions from front desk, to nurse, to doctor - with many 'While you were out...' slips lost in the process.

  • E-mail messages can be more detailed than those left in voice mailboxes, especially systems with a 60-second limit, or those recorded in hand-written notes. E-mail messages are typically more succinct and time-effective than real-time phone conversations. Writing e-mail tends to constrain the conversation to a single focus and avoids the rambling, multi-agenda phone call whose polite termination is difficult to maneuver.

  • E-mail messages can imbed links to educational materials on the clinics World-Wide Web site.

From an administrative standpoint, when e-mail has been established as the patient's preferred route of communication, prescription refills, lab results, appointment reminders, insurance questions, and routine follow-up inquiries lend themselves well to this medium. The patient is afforded a convenient way to convey home health measurements such as blood pressures and glucose measurements.

Disadvantages of e-mail in provider-patient communications

Like any form of communication, e-mail can be misused and abused.

  • Many practitioners, especially those not comfortable with the medium, are concerned that answering patient e-mail will further burden their already over-taxed schedules, without prospect of reimbursement for time spent online. In the early stages of adoption, providers have usually been responsible for their own e-mail. Administrative support tends to be weak or non-existent.

  • Many clinicians fear that some patients, fascinated by the novelty of the medium and the prospect of direct access to their physician, may become long-winded (wind not being the limiting factor at the keyboard) and frequent correspondents.

  • Important nuances of communication are lost when facial cues, body language, and tone of voice are absent.

  • When the volume of e-mail reaches critical mass, clinics may need to retrain existing personnel or hire additional support to handle the load.

  • Most e-mail systems on the Internet do not provide confirmation that the message was delivered, although most do notify the sender if a message could not be delivered to the recipient's mailbox. Even software that returns notification of receipt cannot assure that the message was actually read and understood.

  • Novice users may experience distressing uncertainty in dealing with technical matters and the subtleties of proper netiquette. Some clinic-patient relationships may not tolerate a trial-and-error approach to the electronic persona.

  • In some states, e-mail is discoverable in legal proceedings. Other medicolegal principles of e-mail-based communications, addressed below, have not yet been clearly established by legislation.

  • The electronic medium engenders new challenges with regard to data security (see section on medicolegal guidelines and Appendix 1). At present, unencrypted communication is at least theoretically vulnerable to mischief, violating privacy and causing harm to patients and providers.

  • Technical difficulties, many resulting from poor interface design in software, may interfere with accurate and timely delivery of messages:

    • Delivery to wrong address.
    • Forwarding to others with the original message modified.
    • Accidental deletions of messages, read or unread.
    • Delayed delivery due to network and server malfunctions.

Communications guidelines

When providers and patients anticipate the need for additional contact, they must reach a mutual agreement as to the medium which will be used. Informally, the provider can ascertain the patient's preference for e-mail, voice mail, facsimile, or postal exchange at the time of visit and document it in the chart. A more formal arrangement entails the documentation of informed consent (discussed below). Keep in mind that patients may elect telephone, e-mail, or the postal route at different times for different purposes. The provider should confirm on a visit-by-visit basis which route to use for communication. If e-mail is acknowledged as a preferred route the provider should:

  • Ascertain how often both parties retrieve e-mail and establish a maximum turnaround time for patient-initiated messages. In some messaging cultures, natural selection has evolved a one-business-day turnaround for non-urgent phone calls and a 2-3 business-day turnaround for e-mail. As e-mail gains ascendancy as a preferred medium, with dedicated personnel in place, messages can be checked and triaged several times a day.

    Often, the context of the patient's message will indicate the expected turnaround time. A patient who inquires about the results of a routine cervical smear will usually tolerate a longer messaging interval than one who is experiencing even mild side effects from a medication.

    Patients should be advised that e-mail is not appropriate for urgent concerns.

    Patients should be asked to include their full names and clinic numbers in all communications.

  • Inform patients whether the provider's e-mail and voicemail are private or screened by ancillary staff. Indicate whether the office staff or nursing staff will triage messages or whether mail addressed to the provider's private account will be read exclusively by the addressee. Patients should be informed if automatic agents or filters will be used to forward their messages to the nurse, appointment clerk, pharmacy, or other department.

  • Especially if other clinic staff will be processing e-mail from patients, establish the extent of action permitted over e-mail:prescription refills, medical advice, test results.

    E-mail exchanges constitute a form of progress note. Until a fully-integrated electronic medical record affords automatic storage, back-up and retrieval of data, e-mail should be printed in full and a copy placed in the patient's chart. The following steps result in efficient archiving:

    1. Include the full text of the patient's query in the e-mail reply.
    2. Copy the reply to the sender (provider).

    When the Internet delivers the provider's copy, which now includes both the original message and the provider's reply, the message should be printed and filed in the chart. Printers must operate in an area which is accessible only to staff and not to other patients.

  • For messages containing important medical advice, and in absence of software with built-in notification features, patients should be instructed to acknowledge messages by sending a brief reply. When such acknowledgment is expected, the printed (chart) copy should should not be filed until this confirmation is received.

    In the absence of such confirmation, it cannot be assumed that the patient has received important instructions. When in doubt, confirm delivery by telephone.

  • E-mail from providers should include a footer (signature file) that invites the patient to escalate communication to a phone call or office visit, should he or she feel e-mail to be insufficient. The footer should give the appropriate contact information. Providers may need to wield a firm hand in discouraging the use of e-mail as a substitute for clinical examination.

  • Automated out-of-the-office replies on should be activated on any e-mail account which will not be serviced by staff or covering physicians during an absence which exceeds the established e-mail response time. Such messages should include the provider's estimated date of return and instructions for whom to contact for immediate assistance.

  • Automated replies should be sent out by the provider's e-mail software immediately upon receipt of the patient's message. The subject field should indicate that the reply is an automatic one and the body of the message should contain a standard wording such as: 'Your message has been received by Dr. Smith. She will respond to your request within one business day. This is an automatic reply.' (see Software features, Appendix 2).

  • Each provider should maintain a list of patients who communicate with him or her electronically. The address book feature of nearly all e-mail software permits easy maintenance of such lists. If it becomes necessary to notify correspondents of an impending shutdown for network maintenance, recent mail blackouts, new clinic services, or change of address, the clinic will have a ready-made mailing list. However, group-addressing, where those in the group see each other's names, should never be used to send mail to patients. The fact that a person sees a particular health care provider is confidential information. Additionally, patients have become indignant over inclusion on lists such as the age-revealing list of 'women who are due for mammograms.'

    The 'bcc' (blind carbon copy) option in most e-mail applications allows the multiple recipients of a message to remain unknown to each other. Software with more sophisticated listserver capabilities maintain anonymity and provide easy reuse of addressee subgroups.

  • Irony, sarcasm, and criticism should not be attempted in e-mail messages. The impersonal nature and ambiguity of e-mail often results in real or imagined exaggeration of animosity toward the recipient. Providers must realize that sick, anxious, or angry patients might indeed express stronger sentiments with e-mail than in a face-to-face encounter or in a voice message.

    Any ambiguity in electronic communication should be resolved with a telephone call.

The above guidelines for patients are best conveyed in a take-home handout or as a document on the clinic's web page. Such a handout may be better formatted as an informed consent document as discussed below.

Providers should also be prepared to encounter patients who are sophisticated Internet users, aware of its privacy limitations, who nevertheless initiate unencrypted e-mail discussions of a surprisingly intimate medical nature.

Administrative & medicolegal guidelines: privacy and security

Aspects of electronic messaging of particular interest to risk management and legal departments concern data security and liability for advice. Medicolegal paranoia, however, should not be allowed to disable open communication as the basis for a healthy provider-patient relationship.

The most wary, but not necessarily the best, approach dictates that patients be asked to sign printed guidelines by way of informed consent at the time an electronic relationship is established. In addition to the points in the above Communications guidelines, electronic messaging agreements should include, in nontechnical language:

  • An explanation of the general nature of the network and its level of security. Is the clinic using an intranet within a firewall? Is the provider or is the institution directly on the Internet or is there an intermediary Internet service provider (ISP) who conceivably monitors transmission? Is encryption software in use?

  • A mechanism for a patient to specifically opt out of the use of encryption if he or she does not wish to comply with the extra processing required.

  • A clause to limit liability for network infractions beyond the control of the health care providers.

    Additionally, the clinic or provider should:

  • Avoid leaving open e-mail on the computer screen. If the computer is in the same room as other patients, use of a password-activated screen saver is advised so that patient files are not visible to other patients, especially if the provider is called out of the room.

  • Never forward the patient's message or patient-identifiable information to a third party without the express permission of the patient. Text that is forwarded to a colleague for the purpose of consultation should not contain the patient's name or e-mail address.

  • Never use a patient's e-mail address in clinic marketing schemes nor supply such addresses to third parties for advertising or any other use.

  • Consider the use of a banner at the top of each e-mail messages such as: 

     
-----------------------------------------------------------
This is a  CONFIDENTIAL  patient - physician communication.
-----------------------------------------------------------

    Many commercial e-mail programs allow creation of stationery templates. UNIX systems can also be scripted to include headers, footers, and automatic replies.

  • As with other parts of the medical record, patient-identifiable e-mail must not be taken out of the office on paper or on disk. If providers answer e-mail from home they must take special precautions to prevent other household members from intercepting messages from patients. Providers must not share e-mail accounts or passwords with friends, family, or non-medical coworkers. Providers who communicate with patients should have their own accounts for professional use. Providers must see to it that e-mail processed off-site on home systems or via personal digital assistants is subsequently printed in the office and included in the medical record.

  • As soon as practicable, clinics should establish a means of secure communication using the data encryption methods described below. Commercial encryption programs and encryption capabilities in software from major clinical systems vendors are becoming more common. The United States Post Office is testing a postmarking and encoding system specifically aimed at medical, legal, and financial transactions. At least one semiconductor corporation is marketing a decoder ring device which provides security and encryption in a combination of wearable hardware and computer software [2]

Other issues

Mistakes due to poor interface design and lack of fail-safe mechanisms are particularly troublesome in medical communications. There is litigation pending in the US courts (as of this writing) involving a physician who allegedly inadvertently posted his patient's diagnosis of breast cancer to the public area of a major commercial online service. As the doctor and patient had had prior e-mail exchanges, the mistake was almost certainly an interface problem with the client software. Until fool-proof software is available, and unless communication uses public-key encryption systems, correspondents must habitually check the 'To:' box in every message prior to sending.

Institutional considerations

There is growing evidence to suggest that electronic resources, both e-mail and Web-based self-help documents, will result in substantial cost savings to clinics. Savings of time spent over the telephone will result from a reduction in telephone tag and a reduction of repetitious instructions. Many clinics, especially those with capitated plans anticipate replacing inappropriate office visits with online support, including teleconferencing.

Institutional policies must address the communication and medicolegal issues introduced below. Questions to be answered include:

  • Who will triage e-mail and what is to be the response time?

  • Who will print messages and place them in patient's charts?

  • Will each provider have her own account or will there be categorical accounts for all billing questions, medical questions, and scheduling questions?

  • Should all patients be given the provider's e-mail address or can the provider give it out on a selective basis?

  • Should all providers be required to communicate electronically with patients or will the decision rest with each individual provider?

  • How is e-mail cleared from the server? Does it stay on the provider's local machine and/or on the clinic or ISP mail server? How are both repositories archived and cleared?

  • Will the patient be given a choice as to what appears from his or her e-mail message in the chart? Do you wish to give the option for "private" sections of the message that may not be placed in the chart? If you opt to delete some parts from the chart, do you wish to establish a secure repository, either electronic or paper-based, to recall the text of the original message for your own purposes. Or do you want the transaction to be more like a phone call where the conversation is relegated to second-hand progress notes?

  • Will encryption systems be required? If so, what kind? Will patients be given the encryption software by the clinic?

    Should every provider have his or her own encryption key (forcing numerous keys on patients seeing multiple doctors) or should the clinic have a single key?

  • Should the clinic itself take the place of an ISP or use an outside service? Should clinics provide patients with e-mail accounts on the institutional server?

  • Will patients be required to sign an informed consent document in which most of the above decisions, plus additional limitations of the medium, are disclosed?

Eventually e-mail storage and retrieval must be integrated with a comprehensive electronic medical record (EMR) and with web-based patient education resources. World Wide Web-based EMRs over secure internal Internet sites, called intranets seem destined to be the future of clinical services and they will subsume e-mail functions. However, e-mail and other computer-based resources are not an entirely satisfactory substitute for face-to-face clinical evaluation. Ultimately, quality of care rests on contact in the flesh.

Acknowledgements: Ted Cooper, Tom Ferguson, Joseph Kannry, Tim Kieschnick, Bruce McKenzie, Gretchen Murphy, Larry Pfisterer, Edward Anthony Oppenheimer, and Daniel Z. Sands contributed significantly to this document.

References

1 Fridsma DB, Ford P, Altman R. A survey of patient access to electronic mail: attitudes, barriers, and opportunities. In: Proceedings of the Eighteenth Annual Symposium on Computer Applications in Medical Care. Bethesda: American Medical Informatics Association; 1994. p. 15-19.

2 Dallas Semiconductor [online]. Available from: URL: http://www.ibutton.com/.

Appendix 1

Data security

In order for electronic transactions to be trustworthy, users must have authenticated identities; data must be transmitted accurately; and sensitive information must be protected from interception or malicious hacking. Maximum patient privacy requires that all e-mail exchanges be encrypted. From the standpoint of data security, unencrypted e-mail is like sending a postcard or talking over a wireless phone. As wireless access to the Internet becomes more common, data encryption of medical information will likely be an absolute requirement. Terms used in talking about data security include:

Authenticity: Validation of the message-sender's identity, often by means of a 'digital signature.'

Confidentiality: The degree to which the message is impervious to interception by eavesdroppers. A confidential message is one whose contents are seen only by those so authorized.

Data integrity: A measure of system robustness which indicates that the data has been unaltered in transfer either deliberately by malicious intent or inadvertently through network failures.

Digital signature: A means of authentication. In public-key encryption schemes, the sender encodes her document or document header with her private key. If the document can be decoded with the sender's public key, the sender's identity is confirmed.

Encryption: Transforming information by means of a mathematical code so that it is unintelligible. Encrypting messages with a prearranged code ensures confidentiality. Encrypting a signature authenticates the sender.

Spoofing (an e-mail message): Sending a message purporting to come from someone else.

 

Appendix 2

Summary of desirable features in electronic messaging software

  • Filters to automatically send mail to different providers, different departments, or to sort by function such as prescription refills, appointments, advice.
  • Autoreply function to send out pre-recorded messages to immediately acknowledge receipt of patient mail.
  • Embeddable World-Wide Web links.
  • Ability to construct multible headers and footers.
  • Ability to compose stationery files with prerecorded replies such as routine instructions.
  • Fool-proof reply feature which eliminates mistaken "reply-to-all" gaffes.
  • Support for multiple formats of attachments.
  • Change bars to indicate where messages have been altered by recipient
  • Encryption
  • Alert windows which appear on-screen when
    • New messages arrive
    • Messages are deleted without being read.
    • Messages are deleted without being replied to.
    • Software is exited with unsent messages.

    • Beverley H. Kane MD
    Corporate Physician, AMIA/Apple Computer
    Cupertino, USA

    [ Logo ] Society for the Internet in Medicine

    Comments to: simq@cybertas.demon.co.uk

    Copyright © 1997 Society for the Internet in Medicine. All rights reserved.
    Date: May 30, 1997
    Document URL: http://www.cybertas.demon.co.uk/simq/issue1/views.html