Mistakes in UK NHS organ donor consent data show importance of validating data from outside sources

As reported in the Daily Telegraph, the British National Health Service (NHS) is blaming an IT error for the presence of inaccurate consent information for about 800,000 people about their wishes for organ donation after death. As a result of the incorrect consent information, organs were harvested from as many as 20 people whose consent had not in fact been given prior to their death. The information about organ donation preferences was initially captured — as it often is in the U.S. — as part of the process of obtaining a driver’s license. Data from the Driver and Vehicle Licensing Agency was transferred to NHS Blood and Transport over 10 years ago. The errors were apparently introduced at the initial time of data transfer, but they weren’t discovered until NHS contacted people it thought had consented to organ donation, as part of a routine written communication program with people in the NHS donor registry.

This incident shows the importance of verifying the accuracy and integrity of data integrated with or retrieved or transferred from external sources, especially given the need to instill trust among individuals whose data will potentially be made available or used by government and private sector organizations under widespread use of electronic health records. This sort of potential for error arises is many data aggregation contexts, notably including U.S. credit reporting bureaus, but when medical conditions or patient preferences are involved, the potential consequences from acting on incorrect information are obviously more serious than a denial of credit.

Because this situation revolves around a very specific form of consent, there are clear parallels to problem of capturing, managing, and honoring consent in electronic health records and health information sharing for a variety of purposes (especially those for which consent is required under the law). Finding ways to manage consumer preferences in health care is an area the U.S. government has been working on since the early days of the American Health Information Community (AHIC), and ONC has been working on consumer preferences since at least 2008, when they were identified as a gap in use cases prioritized for development by the American Health Information Community (AHIC), and the Office of the National Coordinator (ONC) has produced a Consumer Preferences Draft Requirements Document that is likely to serve as a key input should ONC move to add consumer preferences criteria to any of its adopted standards, potentially including adding them to meaningful use criteria.

The desire to be able to rely on data integrated through initiatives such as health information exchange (or, for that matter, the Information Sharing Environment (ISE) in a homeland security context), and the lack of ability to do so, remains a central issue for future intended uses of health IT for clinical decision support. The current state of the industry and the technology is that there is no consistent mechanism for asserting integrity (to be fair, this problem exists for non-electronic records too), and is only one of several issues that can be encountered with composite or virtual data sets. These other data challenges include incompleteness of data, errors due to omission (including those resulting from withholding consent to disclose), Byzantine failure, and the need to reconcile multiple or conflicting values for the same data element as represented in different sources about the same individual.