Objective: To summarize the state of the art during the year 2017 in consumer health informatics and education, with a special emphasis on sharing health data and accessing personal health information (PHI) from patients' and consumers' perspective.
Methods: We conducted a systematic search of articles published in PubMed using a predefined set of queries which identified 228 potential articles for review. The section editors then screened these articles according to topic relevance and selected 15 candidate best papers for full review and scoring by a panel of international experts. Based on the scores and the reviews, four papers received the highest score and were selected in a consensus meeting as the best papers on health data access and sharing from consumers' and patients' perspective.
Results: These four papers were categorised into the following topics: 1) data sharing for research and governance in privacy protection; 2) use of personal health information and individual privacy concerns; and 3) consumers' views and demographic characteristics regarding health data sharing and the use of digital health portals. Overall, it was surprising to see only a small number of papers reporting original research in this area.
Conclusions: Patients understand the need for sharing information to facilitate best care and to enrich biomedical knowledge. When confronted with the reality of accessing information systems for their own information, patients are concerned about usability as well as privacy. Overall, there is a need for more emphasis on: 1) considering privacy as a feature defined by design; 2) using specific consent approaches and data sharing mechanisms for recruiting clinical trial participants; 3) taking into account socio-demographic characteristics when promoting consumer access to personal health information; and 4) defining indicators of high-quality care to incorporate healthcare professionals' level of caution when accessing patients' medical information and fostering patient trust in data exchange. Ultimately, privacy mechanisms should be part of the design process and not only be implemented when security has been breached and violated.