Patients have a fluid in their body called blood, which, because of the pumping action of the heart through the arteries cause cyclic transient pressure changes in these arteries.
When a nurse physically puts a blood pressure cuff on you they are using a tool called a sphygmomanometer to determine two numbers that represent those dynamic forces within your body. These measurements are the systolic blood pressure and the diastolic blood pressure.
This sphygmomanometer requires training to use correctly. The nurse has invested time into acquiring and maintaining this skill, and her employer hired him or her for these types of skills. So, although a patient has blood pressure, the determination of that blood pressure into a useable piece of data, such as “130 over 80” (130/80), requires an actual investment of the nurse’s time—time for which the nurse is being paid for by her employer.
Now, this nurse-generated blood pressure data point, 130/80, is entered into the electronic health record (EHR) via keystrokes. (Yes, the act of data entry into an EHR is another small, but discrete skill.)
That data point, the 130/80—via the EHR software—is now converted into two binary code data points (such as 10000010 for the 130, and 101000 for the 80), and is simultaneously tagged to the patient’s chart and associated with other data points, such as the time-stamp of entry. Of note, the creation and maintenance of the EHR software require an investment of time and money.
So, although a patient has blood pressure, the healthcare organization has created—through their investment of time and money— the digital set (10000010, 101000).
This poses two questions. The first is legal. Who owns (10000010, 101000), the patient or the healthcare institution? Because of the massive behind-the-scenes investment in the creation of (10000010, 101000), the answer is likely to be the healthcare institution.
The second question is ethical. When the patient came in for their ear infection, or their cough, or their dizziness, and that blood pressure cuff was put on them, were they explicitly told their healthcare institution was creating a digitally -friendly data point (10000010, 101000) from their body which was going to be used by that healthcare institution (and whoever else they see fit!) for the next 50 or 100 years?
The answer is no. I think the patient believes their blood pressure measurement was taken and recorded strictly for their benefit—not to populate some massive database for future data mining—and in that sense the healthcare institution, although standing on strong legal ground, is also standing on insubstantial ethical quicksand.
I believe the only reason the institutions are not being held to ethical account is that there is a deep unawareness of the extent that patients’ data is being used behind the scenes.