Question normal

As Near Field Communication (NFC) becomes more ubiquitous and secure as smartphone upgrade cycles progress, this built-in technology offers significant functionality to medical software developers. One of the easiest ways to exploit this technology involves sharing and updating a patient's medical record using the security already in place to maintain encrypted credit card information. In the same manner that payment data is accessed using biometrics (fingerprint), medical information such as past medical history, current medications, allergies, and family history of illness can be captured. Data updated by physicians in the same manner, could include prescriptions/refills accessible by pharmacies. This not only eliminates the need for paper scripts printed by physicians without the capability for digital Rx transmission, but also allows the patient history to be updated with a “last filled” entry.

The utility of such a resource is best realized in emergency situations where a patient is unable to provide any information. Emergency departments and emergency medical services could be certified as “first-response” providers with a NFC key allowing access to medical data without patient consent. In such circumstances, as with any access of the patient information, the certified user ID, location, and timestamp would be recorded at the time of access for future audit purposes. Such access would be critical for first responders to factor pre-existing conditions or medication use into acute interventions.

* Why medical history?

Data collection can be one of the most time-consuming endeavors for a physician, with success limited by the capability of the patient as a historian. Every provider has encountered a patient who can elaborate on the shape, color, size, and dosing frequency of their pills, but cannot report the medication name or dosage. Patients may also unintentionally omit history that was forgotten or not deemed germane to their current condition.

Gathering a patient's history and medication list in emergent settings is crucial to successful treatment and prevention of adverse outcomes. As an example, ED physicians treating a patient with symptoms of acute stroke with impaired speech require information such as use of blood thinner medications to ensure they are not provoking life-threatening hemorrhage through the use of thrombolytics.

* Why decentralized on a Smartphone rather than a central accessible repository?

Debate has raged over the potential for a security breech of data maintained in a central repository for some time. In previous UK studies, identity theft and loss of control over data being gathered were cited as concerns. Such concerns are allayed as the data holder not only has the ability to control what data is shared for the purposes of research, but also has the ability to audit who accessed what information at what time.

* What if a device is lost, or multiple devices are used?

While data is decentralized, the information is backed up to the host computer in the event a device is lost or exchanged for another device. Should a device be lost, the information can be erased remotely in the same manner as all other phone data. The medical information will always require the same biometric key for access regardless of device ensuring the data remains controlled by the patient.

* What is required by providers?

Access to a computer with a peripheral NFC device capable of reading and writing data would be the sole requirement for any entity requiring access. Certification of providers, including first-responders, could be carried out by the developing entity.

Rudimentary summary of NFC (wikipedia) -

Wellcome Trust UK summary of 2013-14 attitudes toward centralized medical data -