Part 1: Introduction

Ministry of Health: Supporting the implementation of patient portals.

In this Part, we discuss:

What we looked at

We focused on patient portals provided by general medical practices.

Patient portals, at their most basic, provide patients with a secure messaging function between them and their doctor, the ability to book an appointment, and the ability to order a repeat prescription. Some patient portals allow people to see their test results, a summary of their health record, and doctors' notes.

Patient portals were initially a health sector-driven initiative. Private companies created patient portals, making them available to general practices in 2008. The Ministry increasingly recognised how patient portals could support various objectives in the Ministry's National Health IT Plan Update 2013/14 and health strategy. Specifically, patient portals could improve people's access to information about their health, encouraging and empowering them to be more involved in their healthcare and in decisions about their treatment.

We looked at how the Ministry has supported the uptake and implementation of patient portals by public health organisations (PHOs) and general practices. In particular, we looked at:

  • how well the Ministry worked with the health sector to encourage the uptake and implementation of patient portals;
  • how effectively the Ministry was monitoring whether patient portals were delivering the intended benefits; and
  • to what extent the Ministry was supporting safe and secure access to peoples' personal health information.

Why we did this audit

We wanted to provide assurance to Parliament and the public about how effectively the Ministry has supported the uptake and implementation of patient portals.

The theme for our 2016/17 work programme was Information. Assessing the roll-out of patient portals aligned with what we wanted to examine under this theme. In particular, we wanted to see how well the public sector was:

  • deploying technology to enable accessible services that meet the changing needs of New Zealanders;
  • managing and making use of the information it collects or generates to inform the effective and efficient delivery of public services; and
  • managing security and privacy requirements so that the information it collects is suitably protected.

The findings and insights from our themed work become part of a report that is published at the end of each work programme, reflecting on what we have found. Our findings on the uptake and implementation of patient portals will contribute to a report reflecting on the Information work programme.

What we did not look at

We did not look at other information-sharing products and initiatives in the health sector, such as shared care records.

Although we looked at general practices, this was in relation to how the Ministry was supporting them to implement patient portals and to provide general context and background. We did not audit the activities of general practices, PHOs, or the private companies that develop and sell access to patient portals, nor did we directly audit the safety and security of patient portals.

How we did our audit

To carry out our audit, we reviewed:

  • the Ministry's internal documents on patient portals;
  • the Ministry's material promoting patient portals to general practitioners, practice managers, and the public;
  • documents produced by the Ministry, the Royal New Zealand College of General Practitioners (the College of GPs), and others that provided advice and information on patient portals; and
  • documents from the Ministry and others that provided more general advice and information on related matters, such as health information privacy, cloud computing, and information security.

We interviewed doctors and staff at several general practices and staff at the Ministry, the College of GPs, PHOs, the University of Auckland's School of Population Health, and the Office of the Privacy Commissioner.

The structure of this report

In Part 2, we examine whether the Ministry had a clear understanding about what it wanted to achieve by supporting the implementation of patient portals, including the intended benefits.

In Part 3, we look at how the Ministry worked with the health sector and with the general public to support the implementation of patient portals. We also look at the Ministry's work to address barriers to the uptake of patient portals.

In Part 4, we discuss whether the Ministry is monitoring the impact and benefits of patient portals.

In Part 5, we discuss how the Ministry has contributed to the established framework of privacy rules and rights, standards, and guidelines to support PHOs and general practices in managing the security and privacy of people's personal health information.