Comparison of knowledge, attitudes, and trust for the use of personal health information in clinical research

Abstract

As interest in the use of electronic medical record data for clinical research has increased, the protection of personal health information has become increasingly important. The Privacy Rule, established by the Health Insurance Portability and Accountability Act in 1996, proposed the concept of Protected Health Information (PHI) to restrict the use of personal health information from clinical settings. Because researchers and patients are not familiar with PHI despite its importance, our study aimed to find out the effect of the different knowledge, attitudes and levels of trust regarding personal health information on the use of them for clinical research. We collected 267 paper and online surveys from three groups: a clinical researcher group (n?=?113), a non-clinical researcher group (n?=?72) and a patient group (n?=?82). The collected data were analyzed using one-way ANOVA depending on the three groups. We calculated the percentages of correct answers and incorrect answers to 40 questions related to PHI to determine the level of knowledge. Although the three groups had significantly different knowledge of PHI (p?<?0.01), all three groups correctly understood that social security numbers and bank account numbers were Protected Health Information. In contrast, all three of the groups misunderstood that the physician's name, discharge date, and admission date were not non-PHI items. In addition, the three groups had significantly different attitudes and levels of trust regarding the use of PHI for clinical research (p?<?0.05); however, all of the groups had favorable attitudes toward using and disclosing medical data in clinical research. Interestingly, although the three groups strongly agreed regarding the protection of the confidentiality of PHI, the patient groups trusted that hospitals would maintain a high level of PHI protection. The attitude toward using health information for clinical research was found to be favorable, but all of the groups were confused regarding date items. These results indicate that more education about PHI is required to protect identifiable health information. In particular, researcher groups, including both clinical and non-clinical researchers, must completely understand the protection of personal information to gain trust from patient groups.