Suppr超能文献

医疗器械远程监测的伦理和法律问题

Ethical and Legal Implications of Remote Monitoring of Medical Devices.

机构信息

Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School, Harvard University.

Richard A. and Susan F. Smith Center for Outcomes Research in Cardiology, Beth Israel Deaconess Medical Center, Harvard Medical School.

出版信息

Milbank Q. 2020 Dec;98(4):1257-1289. doi: 10.1111/1468-0009.12481. Epub 2020 Oct 20.

DOI:10.1111/1468-0009.12481
PMID:33078879
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC7772635/
Abstract

UNLABELLED

Policy Points Millions of life-sustaining implantable devices collect and relay massive amounts of digital health data, increasingly by using user-downloaded smartphone applications to facilitate data relay to clinicians via manufacturer servers. Our analysis of health privacy laws indicates that most US patients may have little access to their own digital health data in the United States under the Health Insurance Portability and Accountability Act Privacy Rule, whereas the EU General Data Protection Regulation and the California Consumer Privacy Act grant greater access to device-collected data. Our normative analysis argues for consistently granting patients access to the raw data collected by their implantable devices.

CONTEXT

Millions of life-sustaining implantable devices collect and relay massive amounts of digital health data, increasingly by using user-downloaded smartphone applications to facilitate data relay to clinicians via manufacturer servers. Whether patients have either legal or normative claims to data collected by these devices, particularly in the raw, granular format beyond that summarized in their medical records, remains incompletely explored.

METHODS

Using pacemakers and implantable cardioverter-defibrillators (ICDs) as a clinical model, we outline the clinical ecosystem of data collection, relay, retrieval, and documentation. We consider the legal implications of US and European privacy regulations for patient access to either summary or raw device data. Lastly, we evaluate ethical arguments for or against providing patients access to data beyond the summaries presented in medical records.

FINDINGS

Our analysis of applicable health privacy laws indicates that US patients may have little access to their raw data collected and held by device manufacturers in the United States under the Health Insurance Portability and Accountability Act Privacy Rule, whereas the EU General Data Protection Regulation (GDPR) grants greater access to device-collected data when the processing of personal data falls under the GDPR's territorial scope. The California Consumer Privacy Act, the "little sister" of the GDPR, also grants greater rights to California residents. By contrast, our normative analysis argues for consistently granting patients access to the raw data collected by their implantable devices. Smartphone applications are increasingly involved in the collection, relay, retrieval, and documentation of these data. Therefore, we argue that smartphone user agreements are an emerging but potentially underutilized opportunity for clarifying both legal and ethical claims for device-derived data.

CONCLUSIONS

Current health privacy legislation incompletely supports patients' normative claims for access to digital health data.

摘要

未加标签

政策要点 数以百万计的维持生命的植入设备收集和传输大量的数字健康数据,越来越多地使用用户下载的智能手机应用程序通过制造商服务器将数据中继到临床医生。我们对健康隐私法的分析表明,根据《健康保险流通与责任法案》隐私规则,大多数美国患者在美国可能几乎无法访问自己的数字健康数据,而欧盟一般数据保护条例和加利福尼亚州消费者隐私法案则赋予了更大的数据访问权限收集设备的数据。我们的规范分析主张始终允许患者访问其植入设备收集的原始数据。

背景

数以百万计的维持生命的植入设备收集和传输大量的数字健康数据,越来越多地使用用户下载的智能手机应用程序通过制造商服务器将数据中继到临床医生。患者是否对这些设备收集的数据拥有法律或规范上的权利,特别是在超出其病历中总结的原始、细粒度格式的数据,仍未得到充分探索。

方法

使用起搏器和植入式心脏复律除颤器 (ICD) 作为临床模型,我们概述了数据收集、中继、检索和记录的临床生态系统。我们考虑了美国和欧洲隐私法规对患者访问摘要或原始设备数据的法律影响。最后,我们评估了提供患者访问病历中呈现的摘要以外的数据的伦理论点。

发现

我们对适用健康隐私法的分析表明,根据《健康保险流通与责任法案》隐私规则,美国患者在美国可能几乎无法访问设备制造商收集和持有的原始数据,而欧盟一般数据保护条例 (GDPR) 当个人数据的处理属于 GDPR 的管辖范围时,对设备收集的数据给予更大的访问权限。加利福尼亚州消费者隐私法案,即 GDPR 的“小妹妹”,也赋予了加利福尼亚州居民更大的权利。相比之下,我们的规范分析主张始终允许患者访问其植入设备收集的原始数据。智能手机应用程序越来越多地参与这些数据的收集、中继、检索和记录。因此,我们认为智能手机用户协议是澄清设备衍生数据的法律和道德主张的一个新兴但可能未被充分利用的机会。

结论

当前的健康隐私立法不完全支持患者对数字健康数据的访问的规范主张。

相似文献

1
Ethical and Legal Implications of Remote Monitoring of Medical Devices.
Milbank Q. 2020 Dec;98(4):1257-1289. doi: 10.1111/1468-0009.12481. Epub 2020 Oct 20.
2
Honoring Dental Patients' Privacy Rule Right of Access in the Context of Electronic Health Records.
J Dent Educ. 2016 Jun;80(6):691-6.
3
Doctors Routinely Share Health Data Electronically Under HIPAA, and Sharing With Patients and Patients' Third-Party Health Apps is Consistent: Interoperability and Privacy Analysis.
J Med Internet Res. 2020 Sep 2;22(9):e19818. doi: 10.2196/19818.
4
Ethical Development of Digital Phenotyping Tools for Mental Health Applications: Delphi Study.
JMIR Mhealth Uhealth. 2021 Jul 28;9(7):e27343. doi: 10.2196/27343.
5
COVID-19 contact tracing apps: a stress test for privacy, the GDPR, and data protection regimes.
J Law Biosci. 2020 May 28;7(1):lsaa034. doi: 10.1093/jlb/lsaa034. eCollection 2020 Jan-Jun.
6
California Takes the Lead on Data Privacy Law.
Hastings Cent Rep. 2019 Sep;49(5):4-5. doi: 10.1002/hast.1042.
7
Protecting Privacy: Health Insurance Portability and Accountability Act of 1996, Twenty-First Century Cures Act, and Social Media.
Neurol Clin. 2023 Aug;41(3):513-522. doi: 10.1016/j.ncl.2023.03.007. Epub 2023 May 31.
8
Artificial intelligence as a medical device in radiology: ethical and regulatory issues in Europe and the United States.
Insights Imaging. 2018 Oct;9(5):745-753. doi: 10.1007/s13244-018-0645-y. Epub 2018 Aug 15.
9
The HIPAA Privacy Rule and the EU GDPR: Illustrative Comparisons.
Seton Hall Law Rev. 2017;47(4):973-93.
10
Health Insurance Portability and Accountability Act of 1996 (HIPAA): a provider's overview of new privacy regulations.
Conn Med. 2002 Feb;66(2):91-5.

引用本文的文献

1
Machine learning enables legal risk assessment in internet healthcare using HIPAA data.
Sci Rep. 2025 Aug 5;15(1):28477. doi: 10.1038/s41598-025-13720-x.
2
Progress in the Application of Artificial Intelligence in Ultrasound-Assisted Medical Diagnosis.
Bioengineering (Basel). 2025 Mar 13;12(3):288. doi: 10.3390/bioengineering12030288.
3
Overcoming Challenges in Video-Based Health Monitoring: Real-World Implementation, Ethics, and Data Considerations.
Sensors (Basel). 2025 Feb 22;25(5):1357. doi: 10.3390/s25051357.
4
The use of an automatic remote weight management system to track treatment response, identified drugs supply shortage and its consequences: A pilot study.
Digit Health. 2025 Jan 24;11:20552076251314090. doi: 10.1177/20552076251314090. eCollection 2025 Jan-Dec.
5
Healthcare Transformation: Artificial Intelligence Is the Dire Imperative of the Day.
Cureus. 2024 Jun 18;16(6):e62652. doi: 10.7759/cureus.62652. eCollection 2024 Jun.
6
Remote monitoring of cardiac implantable electronic devices using smart device interface versus radiofrequency-based interface: A systematic review.
J Arrhythm. 2024 May 9;40(3):596-604. doi: 10.1002/joa3.13054. eCollection 2024 Jun.
7
Robotic Pills as Innovative Personalized Medicine Tools: A Mini Review.
Recent Adv Drug Deliv Formul. 2024;18(1):2-11. doi: 10.2174/0126673878265457231205114925.
8
Recommendation to implementation of remote patient monitoring in rheumatology: lessons learned and barriers to take.
RMD Open. 2023 Dec 6;9(4):e003363. doi: 10.1136/rmdopen-2023-003363.
9
Reducing Clinical Trial Monitoring Resources and Costs With Remote Monitoring: Retrospective Study Comparing On-Site Versus Hybrid Monitoring.
J Med Internet Res. 2023 Jun 27;25:e42175. doi: 10.2196/42175.
10
Artificial intelligence tools in clinical neuroradiology: essential medico-legal aspects.
Neuroradiology. 2023 Jul;65(7):1091-1099. doi: 10.1007/s00234-023-03152-7. Epub 2023 May 9.

本文引用的文献

1
Big Data, Big Tech, and Protecting Patient Privacy.
JAMA. 2019 Sep 24;322(12):1141-1142. doi: 10.1001/jama.2019.11365.
2
Adaptive cardiac resynchronization therapy is associated with decreased risk of incident atrial fibrillation compared to standard biventricular pacing: A real-world analysis of 37,450 patients followed by remote monitoring.
Heart Rhythm. 2019 Jul;16(7):983-989. doi: 10.1016/j.hrthm.2019.05.012. Epub 2019 May 16.
3
Assessment of the Data Sharing and Privacy Practices of Smartphone Apps for Depression and Smoking Cessation.
JAMA Netw Open. 2019 Apr 5;2(4):e192542. doi: 10.1001/jamanetworkopen.2019.2542.
4
Aripiprazole with digital ingestion tracking (Abilify MyCite).
Med Lett Drugs Ther. 2019 Jan 28;61(1564):15-16.
5
Privacy in the age of medical big data.
Nat Med. 2019 Jan;25(1):37-43. doi: 10.1038/s41591-018-0272-7. Epub 2019 Jan 7.
6
Intermittent anticoagulation guided by continuous atrial fibrillation burden monitoring using dual-chamber pacemakers and implantable cardioverter-defibrillators: Results from the Tailored Anticoagulation for Non-Continuous Atrial Fibrillation (TACTIC-AF) pilot study.
Heart Rhythm. 2018 Nov;15(11):1601-1607. doi: 10.1016/j.hrthm.2018.06.027. Epub 2018 Jul 6.
7
HIPAA and Protecting Health Information in the 21st Century.
JAMA. 2018 Jul 17;320(3):231-232. doi: 10.1001/jama.2018.5630.
8
Optimizing Implantable Cardioverter-Defibrillator Remote Monitoring: A Practical Guide.
JACC Clin Electrophysiol. 2017 Apr;3(4):315-328. doi: 10.1016/j.jacep.2017.02.007. Epub 2017 Apr 17.
9
Cybersecurity Concerns and Medical Devices: Lessons From a Pacemaker Advisory.
JAMA. 2017 Dec 5;318(21):2077-2078. doi: 10.1001/jama.2017.15692.
10
Frailty, Physical Activity, and Mobility in Patients With Cardiac Implantable Electrical Devices.
J Am Heart Assoc. 2017 Feb 10;6(2):e004659. doi: 10.1161/JAHA.116.004659.

文献AI研究员

20分钟写一篇综述,助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型,支持多种主流文档格式。

立即体验