Published on in Vol 6, No 11 (2019): November

Preprints (earlier versions) of this paper are available at, first published .
Patient Privacy Perspectives on Health Information Exchange in a Mental Health Context: Qualitative Study

Patient Privacy Perspectives on Health Information Exchange in a Mental Health Context: Qualitative Study

Patient Privacy Perspectives on Health Information Exchange in a Mental Health Context: Qualitative Study

Original Paper

1Centre for Addiction and Mental Health, Toronto, ON, Canada

2Institute of Health Policy, Management and Evaluation, Dalla Lana School of Public Health, University of Toronto, Toronto, ON, Canada

3Interdisciplinary Centre for Health and Society, University of Toronto Scarborough, Scarborough, ON, Canada

4Canada Health Infoway, Toronto, ON, Canada

5Department of Psychiatry, Faculty of Medicine, University of Toronto, Toronto, ON, Canada

6University Health Network, Toronto, ON, Canada

Corresponding Author:

Nelson Shen, MHA, PhD

Centre for Addiction and Mental Health

Bell Gateway Building

100 Stokes Street

Toronto, ON, M6J 1H4


Phone: 1 416 535 8501 ext 30132


Background: The privacy of patients with mental health conditions is prominent in health information exchange (HIE) discussions, given that their potentially sensitive personal health information (PHI) may be electronically shared for various health care purposes. Currently, the patient privacy perspective in the mental health context is not well understood because of the paucity of in-depth patient privacy research; however, the evidence suggests that patient privacy perspectives are more nuanced than what has been assumed in the academic and health care community.

Objective: This study aimed to generate an understanding on how patients with mental health conditions feel about privacy in the context of HIE in Canada. This study also sought to identify the factors underpinning their privacy perspectives and explored how their perspectives influenced their attitudes toward HIE.

Methods: Semistructured interviews were conducted with patients at a Canadian academic hospital for addictions and mental health. Guided by the Antecedent-Privacy Concern-Outcome macro-model, interview transcripts underwent deductive and inductive thematic analyses.

Results: We interviewed 14 participants. Their privacy concerns varied, depending on the participant’s privacy experiences and health care perceptions. Media reports of privacy breaches and hackers had little impact on participants’ privacy concerns because of a fatalistic belief that privacy breaches are a reality in the digital age. Rather, direct observations and experiences with the mistreatment of PHI in health care settings caused concern. Decisions to trust others with PHI depended on past experiences with the individual (or institution) and health care needs. Participants had little knowledge of patient privacy rights and legislation but were willing to participate in HIE because of perceived individual and societal benefits.

Conclusions: This study introduces evidence that patients with mental health conditions would support HIE. Participants were pragmatic, supporting HIE because they wanted the best care possible. They also understood that their PHI was critical in supporting the single-payer Canadian health care system. Participant health care experiences informed their privacy perspectives, trust, and PHI sharing attitudes—all accentuating the importance of the patient experience in building trust in HIE. Their lack of knowledge about patient rights and PHI uses highlights the degree of trust they have in the health care system to protect their privacy. These findings suggest that the patient privacy discourse should extend beyond the oft-cited barrier of patient privacy concerns to include discussions about building trust, communicating the benefits of HIE, and improving patient experiences. Although our findings are in the Canadian context, this study highlights the importance of engaging patients in privacy policy discussions, regardless of jurisdiction, to ensure their nuanced perspectives are reflected in policy decisions on their PHI.

JMIR Ment Health 2019;6(11):e13306



Privacy and Health Information Exchange

Privacy and trust are critical for patients with mental health conditions. Effective therapeutic patient-provider relationships require patient candor and trust that health care providers will protect patient privacy (or confidentiality) [1,2]. Mental health records often contain sensitive information, including intimate revelations or references to stigmatic medical conditions [3]. As such, people with mental health conditions may be concerned about the disclosure of this sensitive personal health information (PHI). Fear of the stigma and discrimination may cause them to withhold information from health care providers or avoid seeking care altogether—which can be detrimental to patient care [4]. A recent meta-analysis [5] found fear of stigma had a small- to moderate-sized negative effect on health-seeking behavior, and concerns with PHI disclosure was the most commonly reported reason for health care avoidance. For this reason, mental health care and mental health records have historically been isolated from other medical care to protect patient privacy [6,7].

Patient privacy is an issue that has come to the forefront in discussions about health information exchange (HIE) [8]. In this paper, HIE refers to the process where PHI is electronically shared between health care providers, patients, and other health care stakeholders through interoperable health information technology (HIT) [9,10]. HIE can provide HIT users with the best information possible for 3 common uses: clinical care [11], patient access and management of their PHI (ie, patient-mediated exchange) [11-13], and research and health system planning [14-17]. Internationally, there is consensus that HIE can improve health care quality, safety, and efficiency [18,19].

In recognition of the transformative potential of HIE, Canadian federal and provincial or territorial governments have made significant investment into the creation of interoperable HIT (ie, electronic health records [EHRs]) to enable HIE to support their single-payer, publicly funded universal health care system—an institution rooted in the Canadian identity [19,20]. Despite the strong interest, the adoption of HIE in Canada has been slow [21]. Privacy is an oft-identified adoption barrier, as the seamless flow of PHI creates challenges to protecting patient privacy [8,16,22]. Much of the privacy debate centers around whether HIE would raise patient privacy concerns, erode trust in patient-provider relationships, and cause adverse health care behaviors [23-27].

Privacy Perspectives of Patients with Mental Health Conditions

From a mental health perspective, there are divergent views on the appropriate use of mental health records and its inclusion in HIE [28-30]. These debates have overshadowed the value of HIE. For instance, the inclusion of psychiatric notes in the EHR were found to reduce hospital readmission rates for psychiatric patients [31]. HIT supporting patient-mediated exchange of PHI via a mental health care patient portal could improve patient activation, patient recovery, and appointment attendance [32]. Finally, population-based research using large databases has been an effective tool in battling the stigmatization of mental health disorders. Evidence generated from research has been used to raise awareness of the societal burden of mental health, identify gaps in treatment efficacy and effectiveness, and increase access to mental health care through more efficient utilization of health care resources [33].

The balance between protecting patient privacy and providing optimal care is value-laden, requiring careful consideration of all stakeholder perspectives. Unfortunately, the patient perspective is often based on conjecture, reflecting the values and norms of the academic and health care community [34]. Sometimes patient privacy needs are overestimated [35-37]. A 2018 systematic review found the patient privacy perspective was more nuanced and context dependent than what was suggested [38]. An emerging stream of research suggests that patient-perceived benefits can offset the postulated impact of privacy concerns [39-48]. This privacy trade-off is known as the privacy calculus—a cognitive risk-benefit analysis used to determine their information sharing behavior [49]. There is evidence of this trade-off for patients with sensitive PHI [45-48] but not specifically in the mental health context [38]. With policy makers trying to overcome the challenges of HIT for mental health [50], we need a better understanding of the patient privacy perspective to ensure patient-centered policy decisions are made [51,52]. The aim of this study was to generate insights on how patients with mental health conditions feel about privacy in the context of HIE.

Theoretical Framework

This study is a part of a larger project aimed at adapting the Antecedent-Privacy Concern-Outcome (APCO) macro-model [53] for use in health informatics research. The APCO is a high-level process model that delineates how antecedents contribute to privacy concern and how concerns can impact information sharing behaviors. Behavioral reaction is the most prominent outcome, as it represents an individual’s intention to use a Web-based service or technology. Regulation and trust are proposed to have reciprocal relationships with privacy concern, acting as both antecedents and outcomes. The privacy calculus is included as perceived risk and perceived benefit. An adapted APCO model (Figure 1) was used as the framework for this study [38]. Its constructs (herein italicized) are presented and defined in Table 1.

With the dearth of in-depth and qualitative patient privacy research in mental health [38], this study was conducted to bridge this evidence gap. The objective of this study was to understand how patients with mental health conditions feel about privacy as it relates to their PHI and its uses facilitated through HIE (ie, clinical use, secondary use, and patient-mediated exchange). This study also sought to identify the factors underpinning their privacy perspectives and explore how their perspectives influence their willingness to electronically share PHI through HIE. Using the APCO as a guiding framework, we asked the following questions:

  • How do patients feel about the privacy of their PHI (privacy concern)?
  • What are the reasons for their privacy perspective (APCO antecedents)?
  • Who do patients trust with their PHI (trust)? Why?
  • What is the role of privacy policies and regulations (regulations) in the patient privacy perspective?
  • What do patients know about their PHI rights and the legislated PHI uses (regulations)? How do they feel about them?
  • How do patients feel about the various uses of PHI via HIE (behavioral reaction)?
Figure 1. Adapted Antecedent-Privacy Concern-Outcome model. Dotted arrows indicate tenuous relationships between constructs (ie, has not been confirmed through repeated studies).
Table 1. Adapted Antecedent-Privacy Concern-Outcome construct definitions.
Antecedent-Privacy Concern-Outcome domain and constructDefinition
Privacy concernAn individual’s beliefs, attitudes, and concerns about the electronic sharing of their PHIa
 Privacy experienceThe extent to which individuals have been exposed to or been a victim of information abuses
HITb awarenessThe extent to which individuals have been exposed to or have knowledge of HIT
Population characteristicThe differences based on the shared characteristics of a population (eg, age, gender, income, education, etc)
PersonalityAn individual’s psychological characteristics, patterns of thinking, feeling, and behaving
CultureThe attitudes, customs, and beliefs that distinguish one group of people from another
 Perceived benefitThe degree to which an individual believes that the electronic sharing of their PHI can help themselves and others
Perceived riskThe degree to which an individual believes that the electronic sharing of their PHI will result in a loss or harm
Behavioral reaction An individual’s intention to electronically share their PHI or use HIT
Antecedent and outcome
 TrustAn individual’s willingness to become vulnerable to the actions of another party
RegulationAn individual’s knowledge of and attitudes toward the privacy safeguards and use of their electronic PHI

aPHI: personal health information.

bHIT: health information technology.


This study was conducted at the Centre for Addiction and Mental Health (CAMH)—Canada’s largest academic health sciences center for mental health. Through consultation with the CAMH leadership, we recruited patients receiving acute care and structured treatments from 2 main programs at CAMH: Mood and Anxiety and Addiction Medicine Services. Together, these programs serve CAMH patients with depression; bipolar disorder; anxiety disorders; obsessive-compulsive disorders; and drug, alcohol, gambling, and other addiction issues, accounting for approximately 15,000 patients of the 37,065 unique CAMH patients.

To be eligible for this study, participants had to be receiving care at one of the CAMH programs, English-speaking, ≥18 years, and able to provide written informed consent. Participants were offered a Can $10 coffee gift card and reimbursed for public transportation costs. Research ethics approval (CAMH 067-2015) was acquired before recruitment. Potential participants were invited to participate through clinician referral, advertisements at participating clinics, and the CAMH research study website. Participants were also recruited at the end of patient group meetings, where CAMH researchers were scheduled to provide a 1-min description about their study. The clinicians prefaced and emphasized that the research was independent to treatment program and that participation was voluntary, having no bearing on the care they receive at CAMH. Interested patients could approach the researcher for more information about the study or sign up after the meeting. The lead author (NS) recruited participants from these meetings and introduced the study as a part of his PhD thesis on understanding patient views on privacy.

A maximum variation purposive sampling strategy was employed to identify cross-cutting themes derived from a diverse range of perspectives [54]. This strategy requires the researcher to first identify relevant diversity characteristics as criteria and then choose participants that meet these criteria to provide maximum variation in the data collected [55]. Participants were asked to fill out a preinterview screening questionnaire (Multimedia Appendix 1) and were included or excluded serially, with each included participant contributing a unique background to the study [56]. Variation was sought across the following population characteristics: treatment program, years at CAMH, and self-reported health status (Health Utility Index Mark III [57]). A trusting disposition scale [58] was also used to assess an individual’s general propensity to trust others (ie, personality). Trusting disposition is based on their willingness to give people a chance until proven wrong (ie, trusting stance) and general belief that people generally act with benevolence, integrity, and competence (ie, faith in humanity). Given the challenges of recruiting participants from this population, especially individuals with distrusting dispositions, participant interview responses regarding to trust (or distrust) was used in conjunction with the trusting disposition scale to ensure the study included a diversity of views on trust.

Recruitment continued until theoretical saturation was achieved (April to June 2017). Saturation was defined as the point where the interviews yielded no new data or themes. An a priori thematic saturation approach was undertaken to exemplify a theory (ie, ACPO) based on its predetermined theoretical constructs [59].

Data Collection

One-on-one interviews were conducted in-person at CAMH sites, each lasting approximately 45 min. A semistructured interview format was selected for the interviews to allow the interviewer (NS) to diverge and pursue ideas in more depth when necessary [60]. Informed consent was collected before the interviews. NS introduced himself as a PhD candidate, affiliated with CAMH as a research trainee and disclosed that he had no involvement in the delivery of patient care. Participants were reassured that participation was independent from the care they receive at CAMH, and their individual responses would only be accessed by the research team for data analysis. They were also informed that the interviews would be audio recorded for transcription, and field notes would be taken throughout and after the interviews.

An interview guide (Multimedia Appendix 2) was developed by the research team and focused on the patient perspectives on privacy concern, trust, regulation, and behavioral reaction. Each section began with a broad question and narrowed down to focus on the why, allowing latent concepts to emerge through participant responses [61]. For this reason, specific questions related to privacy antecedents and privacy calculus were not included in the interview guide. The section on regulation also included an educational component where participants were asked broad questions about their views on regulation and what they knew about their patient rights and legislated PHI uses. They were then briefed on the provisions pertaining to their rights (ie, access records, request audit, and request consent directives) and permitted PHI uses (ie, use in provision of care, health system planning, and research ethics board [REB]–approved research). With this context, we then asked participants who they trusted with their PHI (trust) and whether they were willing to electronically share their PHI (ie, HIE) for provision of care, health system planning, REB-approved research, and patient-mediated exchange (behavioral reaction).

Data Analysis

The data analysis was conducted independently by 2 authors (NS and LS). At various points throughout the process, the authors compared their analysis and resolved any disagreements through discussion. NVivo 9 (QSR International) qualitative analysis software was used to code and organize the data.

A thematic analysis of the data was conducted in 2 phases using the framework method [62] and Braun and Clarke framework (Figure 2) [63,64]. The framework method [62] was used in the first phase to chart the data to the APCO. The data were deductively analyzed using the APCO constructs as predefined codes [65]. Open coding was used when data did not fit the predefined codes, and themes were inductively generated. This allowed for the extension of the APCO by uncovering health care–specific concepts (or constructs) not captured in the original model [62,66,67]. The Braun and Clarke thematic analysis framework [63,64] was used in the second phase to inductively analyze the data collated within each construct. After achieving consensus between the 2 authors, a final report was drafted where selected extracts relating to the analysis and the research questions were highlighted. This report was circulated to participants via email for member checking to ensure the accuracy and credibility of the reported results [68]. We did not receive any conflicting or discrepant feedback from the participants. As such, the findings were finalized and reported in this paper.

Figure 2. Approach to data analysis. APCO: Antecedent-Privacy Concern-Outcome.

Participant Characteristics

A total of 47 patients inquired about the study, of which 21 patients completed the preinterview questionnaire. On the basis of their questionnaire responses, 4 participants were excluded from the study because they did not add heterogeneity on the trusting dispositions subscales and did not report any patient characteristics unique to the sample. In total, 17 unique participants were included in the study; however, 3 participants were not interviewed as they were lost to follow-up. The characteristics of the 14 participants are reported in Table 2. Most participants were daily internet users and used the internet for health-related purposes. Participants generally had a trusting disposition. All participants trusted in the competence of others, and only 1 participant did not have a trusting stance.

Table 2. Participant characteristics.
CharacteristicsNumber of participants (n)
CAMHa program

Addiction Medicine Services6

Mood & Anxiety Services8

Years at CAMH





Other optionsb0
Age (years)




Self-rated health status




Very good1

Internet use

At least once a day13

At least once a week1

At least once a month0

Less than once a month0
Trusting disposition









Trusting stance



Type of internet use

Health-related uses11

Search for health info7

Use of health information technologyc4

Email health care provider2


Information seeking9


Tasks and services8


aCAMH: Centre for Addiction and Mental Health.

bOther options provided included the following: trans-sexual, transgendered, gender-queer, 2-spirit, female-to-male, male-to-female, intersex, unsure, questioning, prefer not to answer, other (please specify).

cAccess their lab results, manage their health records or clinical appointments, or file insurance claims.

Patient Privacy Perspective (Privacy Concern)

Privacy was defined by some as having some control over who could access their information. Others equated privacy with confidentiality (eg, need to protect and limit access to other parties). Privacy was also normative, described as how people and PHI should be treated by using terms such as respect, trust, appreciating, understanding, and honesty.

There was an agreement that privacy was important in health care—often referring to privacy as a patient right. Privacy is especially important because of the stigma associated with mental health. Without privacy, discrimination may hamper their ability to do [things] and prevent them from living a fulfilled life. A professional patient shared his experiences:

I've had HIV since the '90s and that was a concern... that information getting out in the early days because it was the plague and you're a social leper. Now mental health is that [way]. They're just labeled as crazy.

Participants were divided on whether they had privacy concerns with HIE. Although they were quick to discuss their perceived risks (ie, hackers, unauthorized access by employers, and insurance companies), it did not appear to be of particular concern to some. Most participants discussed past privacy experience as their reason for concern.

Past privacy incidents or negative experiences with family, friends, colleagues, and acquaintances were reasons why some participants were cautious about discussing their mental health with other people. A participant provided the following account:

I have, not real concerns... I've got reservations. Since I had one negative experience... [T]he insurance company sent my medical records, all of them [since birth], because of the consent form that I signed—not just for that particular incident with the bipolar illness—were sent to my president... [T]hat individual decided, “I don't want a nutcase for a VP” and did everything possible to make me quit, but I didn’t... [W]e had a long time in court, and I won. It was 100% undoubtedly proven in court.

Although many participants did not have past privacy incidents, a number of them brought up the frequent media reports about high-profile organizations being hacked, incidents at local hospitals, lost computers and Universal Serial Bus drives, and improper disposal of obsolete computers. Despite this heightened awareness, it was not a direct concern for most participants as they saw hacking as a new reality in the digital world—people with nefarious intentions will find a way to gain access to PHI regardless of the protective measures undertaken. This fatalistic view was described by a participant:'s happening all the time now... like I said before, you hope that it won't happen, but it could happen and that's just, I hate to say it, something you just have to get used to. (laughs) Convenience opens those doors for... breaches and things like that.

Privacy experiences within a health care setting appeared to have a more direct impact on privacy concern. Positive experiences with doctors and health care institutions handling information reassured participants that their privacy was taken seriously. In a few cases, their doctor’s candor and outlook on EHRs were able to quell their concerns:

[E]very two-three months [you hear] about something that's been hacked... On the other hand, I'm impressed with the way my doctors handle the information. Though Dr [C] says that... some things were faster with paper. But on the whole, you know, they can access information, they can do drug interactions, they can look up history, that you know, they can give out information among themselves. It's very good.

Negative health care experiences were reasons for concern. Some participants recalled incidents where patient data were visibly out in the open, openly discussed in waiting areas, or given to the wrong person. A participant shared her experiences as a patient and as clinician-researcher working at a different hospital:

[T]hat's mostly a systemic failure. There are other people like I described, like my former supervisors that, you know, are clearly flagrantly violating like privacy laws as well as just sort of, I don't know, the social contract.

The longitudinal content in the EHR was also a reason for concern for some participants. They discussed instances where they were treated differently or judged by health care providers because of what was in their records. A couple participants felt that past diagnosis, which they believe to be less relevant in the present, could still be used against them. A participant shared this concern:

Privacy is huge for me. I'm a pretty private person. I didn't realize... [that]as an inpatient, every single thing that you do and that you say, it gets... [charted] right into the, I guess now, the computer system... and it's all in there for, I guess forever for them to see... [T]hey bring it to the future where you've grown from that experience and they hold over your head for, you know, two, three years later. If you go to hearings or review boards, they bring the past with you. What they have written... in the system.

Trusting Beliefs (Trust)

Trust was described as a mutual understanding earned and maintained through interpersonal relationships over time. Many spoke about trust in terms of a principal-agent relationship, where there is an element of faith, reliance, or confidence that a trustee will do the right thing, act with the trustor’s best interests, or deliver on some expected outcome that was agreed upon. Participants cited confidential relationships with health care providers and institutions as examples of trust:

I don't think you can legislate trust. I don't think you can write trust down in the same way you can privacy. Trust is, I think, more of an interpersonal, uh, concept.

Participants relied on common heuristics when deciding to trust individuals with PHI. First, they would share their PHI if they were actively seeking something or if sharing served a purpose. Sometimes, PHI sharing was out of necessity to gain access to mental health services or receive the proper care. A participant recalled:

I have been holding back some information... I mean, not anymore, but yes [it] just kind of reached a point where—I needed help (humph).

Later in the interview, they commented that it was “not a benefit to say, ‘No, you can’t have access to, you know, all of the previous stuff.’ It’s kind of self-defeating.”

Another common heuristic was credentials (ie, degrees, affiliations, and professional college memberships). Credentials meant that an individual has reached a certain level of competence or was bound by a set of standards or code of ethics. A participant’s comment best represented the role of credentials:

[T]he degree to which I believe it will be kept private and secure [depends on] the credentials of the people involved. I would trust like a doctor, like a Doctor of Medicine or a doctor of psychiatric medicine or a counselor, more than I might trust, say, a life coach. They're trying to do similar tasks to some degree, but a life coach, for example, may not have the same training, same experience, and may not be licensed in the same manner. [It’s like] listening to a doctor versus listening to someone on the internet.

Relationship-specific heuristics, such as reputation, familiarity, closeness, and history were considered when sharing PHI. Many stated the positive reputation of CAMH gave them confidence in their services. Some participants discussed how trust in health care providers was established over time and with repeated positive experiences:

[T]he head pharmacist, he's been working with me for the last like 25, 30 years and I always refer him to the pharmacist at whatever hospital I'm at, I just say, “Talk to Henry, he knows everything.”

These heuristics also apply to personal relationships. For instance, a participant (INT9) identified their mom, sister, and 2 best friends as the only people they would trust with PHI because of their history. They were confident that these individuals could keep a secret and would not use it against the individual. In addition, the information recipient needed to be open-minded to struggles of living with mental health conditions. Participants shared how poor attitudes or bedside manner might have a detrimental effect on their trust. A participant was hesitant to share with those who did not understand their chronic pain and mental health issues because of the past judgement they received from their family and others, including health care providers:

[there's a] lack of understanding of why, why aren't I doing more or, or why, why is it that I have been struggling for all of these years... so people don't associate that with, uh, chronic health issues, whether that's mental or physical and even less when you're “passing as” [a nondisabled person].

Sometimes, the decision to share PHI was instinctual or based on a good vibe from the person. Participants also attributed their trust and privacy views to their personalities (eg, a private person, an open book, or not having that magical trust). Trust also reflected the participant’s views on humanity. Generally, participants believed that people are well intentioned and are trying their best. For this reason, participants did not conflate past mishaps or non-PHI–related mistakes with trust in their health care providers. There was a belief that breaches occur because a small segment of the population is malicious or negligent with patient privacy. A few participants provided commentary on why profit-driven entities (eg, pharmaceutical industry) cannot be trusted. When asked what corporations and controversial entities can do to rebuild trust, most believed that these entities need to become transparent about their motives for how PHI would be used and what is being done to ensure its security.

Privacy Policy and Legislation (Regulation)

Laws were seen as a form of accountability for those who handled their PHI, serving as a deterrent for improper access or unauthorized disclosure. Without laws, participants would only seek care in urgent and emergency situations. Despite the importance of law, participants had a vague understanding of the legislated patient privacy rights and PHI uses:

This is sort of tied into why I’m interested in this. Because one of my emergency visits a few years ago, they ended up suspending my driver's license for health issues (laughs). And it all kind of happened without me knowing, until I get a letter in the mail from the [Ministry of Transportation] saying “Your license has been suspended.” They didn’t even tell me in the hospital... so it’s kinda tied into stuff like that... Should police get access to it?... Yes or no, and then when and why?

Much of their knowledge of privacy laws and policies came from instances where they exercised certain rights. Some rights, such as the right to access their PHI, to request an audit of who accessed their PHI, and ability to place blocks on certain parts of their PHI, were interesting to participants as they felt it would have helped them in the past and could be useful in the future. Most participants suspected or assumed that PHI was used by the government for health systems planning and REB-approved research but were unfamiliar of the protective measures taken for these data (ie, prescribed entities, deidentification, and aggregation).

Participants felt reassured that much thought went into law development; however, it did not change how they felt about their PHI privacy. Some reflected on their experiences dealing with bureaucracy when exercising their rights, as a participant (INT4) noted, “that is the law, but it doesn't work that way.” Others reiterated the fatalistic belief, bringing up examples of PHI snooping of local public figures by privacy-trained health care professionals. To them, laws can only do so much as there will always be a snoopy sally.

Participants generally felt the government and health care institutions were responsible in protecting their privacy by establishing the privacy laws (or policies), oversight, and enforcement of those laws. Many also felt that anyone handling PHI should be responsible. A few participants accepted responsibility for themselves, explaining they should be cautious when disclosing information; however, the responsibility shifts to the health care provider once the information is disclosed. A participant quipped:

Well once you give them [your PHI], I don't know if there's a lot the patient can really do. Um, supposed to stay 'til the office closes to make sure they lo-, shut down the computer, or that its password protected?... or to make sure if they still use old paper files. Is the, is the file room locked at night? (laughs) Is there, is there a good lock on the door? Or no windows, and do they have bars on the windows?... So yeah, I think it's mostly up to the organization.

When asked what could be done to ease any concerns about the electronic sharing of PHI, many felt there was a need for more effective communication of privacy laws, recommending patient-accessible documents, such as a top-ten list or a bill of rights. Suggestions on content include simple communication (eg, “your privacy is ensured” and announcements of privacy certifications and accreditation), lists of PHI uses and protections, and a guide on how to exercise privacy rights. Some participants also suggested more active dissemination approaches, such as greater prominence on institutional websites, news features (eg, television, Web, and newspaper), and town hall meetings.

Health Information Exchange Attitudes (Behavioral Reactions)

Participants were willing to allow their PHI to be used for clinical use, patient-mediated exchange, health service planning, and REB-approved research. A few participants voiced preferences on who could access their records and whether consent should be required; however, they were still supportive as they saw utility in the exchanges. Participants were aware of the wide range of potential benefits of PHI use. They quickly rationalized how each case could be beneficial. The privacy calculus was discussed in a few interviews, where the advantages outweigh the disadvantages; however, participants discussed the benefits and seldom discussed the risks.

Sharing PHI for clinical use was seen as advantageous, as complete information was required for the best care possible. Many discussed the importance of complete medical history in emergency situations and mental health crises where they were not in a 100% sound state or lacked capacity to discuss their medical histories. Even in nonemergency situations, clinician access to complete records can take the stress off the patient to remember everything or have to repeat the same story. They believed there would always be gaps in their memories regardless of how organized they are with their records.

Overall, patient-mediated exchange was thought to be a good idea but not necessarily for everyone. Some were amused by the idea and were curious to try it out. Others indicated they already used patient portals or were invited to register for access. Having access was seen by many as a way for them to review and keep track of their records, help them better understand their health, or become partners in their care. A few felt that having access to their PHI was a form of patient accountability, as it would allow them to refer to documentation about decisions made, ensure their PHI is accurately recorded and mistake-free, and identify which health care professionals have accessed their PHI (if possible).

Participants supported HIE for health system planning and REB-approved research, where PHI was deidentified or aggregated. There was a sense of altruism when it came to using PHI for health system planning, as it was a way for participants to give back, contribute to a greater good, or help fix a fractured system. They explained the government needed reliable numbers to address health care issues (ie, underfunded and understaffed programs, wait times, budget constraints, and access to mental health care) and plan for a more efficient or effective system. Similarly, REB-approved research was seen as beneficial and essential in finding new or better treatments, medications, and cures. The professional patient reflected on his medical history:

I was part of the early days of HIV. And [those] days are guinea pigs for drugs. So perhaps if, um, more information we share, more things would have come that there's electronic data that's able to be shared, things are shared quicker. Who knows what advances in research would happen.

Principal Findings

We conducted this study to begin bridging the patient privacy evidence gap in mental health HIE [38]. This study sought to understand the privacy perspectives (privacy concern) of patients with mental health conditions and explore the interplay of their perspectives with the antecedents and outcomes delineated in the APCO (ie, trust, regulation, and behavioral reaction). Through inductive and deductive analysis, this study introduces evidence on the context-dependency on the patient privacy perspective on mental health HIE. Although all participants agreed on the fundamental importance of privacy in health care, especially in mental health care, the degree of concern expressed in the interviews varied. Privacy concerns commonly stemmed from negative health care privacy experiences and negative health care perceptions based on their patient experience, whereas other privacy antecedents were infrequently discussed.

Privacy experience is a construct seldom explored in HIE patient privacy research [38]. In our findings, privacy experience was the only antecedent that consistently identified in the data. Although many participants were concerned about increasing occurrences of privacy breaches as reported in the press, it was not a direct concern because of their fatalistic privacy view—a belief that that breaches are a reality in our digital society, and all they could do is trust those involved will do their best to protect patient privacy. Conversely, direct experiences or observations of lack of privacy vigilance within a health care setting left a lasting impression on participants. Poor patient experiences unrelated to privacy also had the effect of leaving participants with a negative perception of the health care environment. As such, health care perceptions should be included as a construct in future adaptations of the APCO, as it was a cross-cutting theme across privacy concern, trust, regulation, and behavioral reaction.

Participants used credentials and relationship-specific heuristics to determine their comfort in sharing about their mental health with others (trust). They generally trusted that health care professionals and institutions would protect the privacy of any information shared in receiving care. This degree of trust is accentuated by a lack of knowledge about the legislated PHI uses (regulation), especially when juxtaposed with the high importance they placed on law. There was a passive acceptance that legislative and institutional safeguards would ensure those working with PHI are properly trained and accountable to their conduct. Whether privacy related or not, poor patient experiences (eg, bureaucracy and bedside manner) caused skepticism about the effectiveness of the legislative and institutional safeguards protecting their privacy. This is consistent with other studies, where patient perceptions of quality of care, patient-physician relationship, and trust in health care providers have strong associations with perceptions of privacy and PHI sharing attitudes [38,69-71].

Despite the varying perspectives on privacy and trust, participants were pragmatic about HIE and its potential PHI uses (ie, behavioral reaction), recognizing the best care required the best information possible. Some participants reflected on their experiences in accessing and receiving mental health care or perceptions about the health care system, acknowledging that sharing PHI is necessary to improve treatments and health care policy decisions through research and analytics. The patient-mediated exchange was novel to some participants; however, they understood the value of accessing and managing their records and agreed that interested patients should have the option to do so. These individual and societal benefits of HIE were the primary focus in most responses to behavioral reaction questions, whereas the risks of HIE were seldom discussed. As suggested earlier, participant-perceived risks might have been muted by their fatalistic privacy views. Receiving the best care possible may also supersede the need for their personal risk assessment [72].

Echoing past policy recommendations [39,73-77], participants suggested the following as the first steps in fostering trust: transparent communication of the value of interoperable HIT, PHI uses, protective measures, and patient privacy rights. In addition to public education, patient engagement is essential to its success [78-80]. Patient feedback is critical in the highly debated topic of consent [81-84]. Surprisingly, consent was rarely mentioned by participants, especially as studies found patients wanted granular control of their PHI [85,86]. Their passive acceptance and pragmatic views suggest that contextual integrity may be a viable alternative approach to the consent. Contextual integrity assumes the act of sharing information is only an issue when shared outside the boundaries of socially acceptable contextual norms (ie, norms of appropriateness and norms of flow) [87,88]. These contextual norms provide a technology-agnostic standard to evaluate the acceptability of new HIT, as they capture the patients’ perspectives with respect to information flow. Patient engagement and deliberation on PHI privacy will be required to establish these norms [89].

Finally, understanding the patient health care perceptions can provide privacy and HIT policy and decision makers with insights on where health care system exceeds or fails to meet their privacy expectations. These insights inform how the health care environment, processes, and delivery can be redesigned to foster greater patient trust and mitigate their concerns. Addressing privacy concerns in a way that is vigilant and sensitive to the health care environment can improve patient views on privacy and patient satisfaction [90]. These improvements will require a strong commitment to making major administrative, philosophical, and operational changes that respect both patient privacy and satisfaction.


This study contributes to the understanding of the privacy perspectives of patients with mental health conditions or sensitive PHI—an area where there is a dearth of research. Limitations on the sample and study context should be considered when interpreting the findings. First, the challenges of recruiting patients in a mental health setting may have limited the sample size; however, studies have shown that data saturation can be achieved with sample sizes anywhere from 12 to 17 participants [91,92]. Our findings may not reflect the views of the broader mental health population, including patients receiving care in other CAMH programs and services. Although we employed a maximum variation sampling strategy, the findings are not intended to be generalizable nor numerically representative; rather, this sampling strategy is intended to highlight diversity in responses [93].

The results of this study may reflect the views of patients with more trusting dispositions, as there was difficulty identifying participants with distrusting stances. Given distrust is a predisposing factor of health care avoidance [94], those receiving care may be more trusting or become more trusting because of their positive experiences at CAMH. As CAMH is an academic hospital, participants may be more familiar with the health care system and how their PHI is used for health system analytics and research. Moreover, these findings pertain to the Canadian context and may not be applicable to other countries. In Canada, the universal health care system is a part of the national identity [20], which may influence participant awareness or understanding of its sustainability. Canadians may have a more favorable health care perceptions and views of HIE, which could positively bias their behavioral reaction.

The use of a proxy measure for achieving maximum variation in trusting disposition should be considered. As observed in the interviews, the degree in which participants trusted others with their PHI varied from trusting no one to trusting everyone bound by privacy law. These differences in responses in the interviews indicated variation was achieved with trust. These differences also suggest the trusting disposition scale may not have been appropriate for this study, as it was rigorously validated in a nonhealth care context (ie, electronic commerce) [58]. The role of trust in patient participation in research may be another explanation for the difficulty in recruiting distrusting participants. Using trust as a parameter for variation may introduce self-selection bias, as trusting patients may be more willing to participate in research [95-97]. As the trusting disposition scale was related to participants’ personality, the observer bias (ie, Hawthorne effect) should also be considered [98]. Participants in active care may not be fully candid with their views on how their PHI is being handled, given the research team’s affiliation with CAMH. Efforts were made at every step of this study to ensure that the patients understood that the study is independent to the care they received and their individual responses would remain anonymous.

Finally, the privacy perspectives in this study includes those who work in health care or research. Although their views may include professional insights on PHI privacy, being a patient does not preclude privacy experiences from other facets of life as delineated in the APCO. The findings reported here represent views echoed by other participants and were identified through thematic analysis.


Through their first-hand accounts, this study introduces evidence that patients with mental health conditions support HIE in Canada, where the benefits to their health was compelling enough to overcome privacy concerns over the risks associated with sharing their PHI. Patients saw the societal value of sharing their potentially stigmatizing PHI to support the single-payer universal Canadian health care system. Their fatalistic view on digital information underscores the importance of trust in the patient privacy discussion. Although these findings are within the Canadian context, this study highlights how engaging patients can illuminate the nuances to the patient privacy perspective that are often lost in mental health privacy conjecture. The nuances associated with trust and the patient experience are seldom explored in the HIE privacy discourse; however, these are critical in reassuring patients that the health care system prioritizes patient privacy in providing the best care possible. With many innovative and transformative PHI uses on the horizon, it is imperative that health care systems globally engage patients to ensure that patient-centric privacy policy decisions about PHI are made and are reflective of the nuanced views of the patients.


The authors would like to acknowledge Osamu Minami, Paul Koniec, Nancy Longo, Alison Watson, Shannon Green, and all other CAMH staff in supporting the recruitment of the participants in this study.

Conflicts of Interest

None declared.

Multimedia Appendix 1

Pre-interview questionnaire.

PDF File (Adobe PDF File), 49 KB

Multimedia Appendix 2

Interview Guide.

PDF File (Adobe PDF File), 62 KB

  1. McGuire JM, Toal P, Blau B. The adult client's conception of confidentiality in the therapeutic relationship. Prof Psychol: Res Pract. 1985;16(3):375-384. [CrossRef]
  2. Glosoff H, Herlihy B, Spence EB. Privileged communication in the counselor-client relationship. J Couns Dev. 2000;78(4):454-462. [CrossRef]
  3. Rothstein MA, Talbott MK. Compelled disclosure of health information: protecting against the greatest potential threat to privacy. J Am Med Assoc. 2006;295(24):2882-2885. [CrossRef] [Medline]
  4. Corrigan PW, Druss BG, Perlick DA. The impact of mental illness stigma on seeking and participating in mental health care. Psychol Sci Public Interes. 2014;15(2):37-70. [CrossRef] [Medline]
  5. Clement S, Schauman O, Graham T, Maggioni F, Evans-Lacko S, Bezborodovs N, et al. What is the impact of mental health-related stigma on help-seeking? A systematic review of quantitative and qualitative studies. Psychol Med. 2015;45(1):11-27. [CrossRef] [Medline]
  6. McGregor B, Mack D, Wrenn G, Shim RS, Holden K, Satcher D. Improving service coordination and reducing mental health disparities through adoption of electronic health records. Psychiatr Serv. Sep 2015;66(9):985-987. [FREE Full text] [CrossRef] [Medline]
  7. Madden JM, Lakoma MD, Rusinak D, Lu CY, Soumerai SB. Missing clinical and behavioral health data in a large electronic health record (EHR) system. J Am Med Inform Assoc. 2016;23(6):1143-1149. [FREE Full text] [CrossRef] [Medline]
  8. Mello MM, Adler-Milstein J, Ding KL, Savage L. Legal barriers to the growth of health information exchange-boulders or pebbles? Milbank Q. Mar 2018;96(1):110-143. [FREE Full text] [CrossRef] [Medline]
  9. Hersh W, Totten A, Eden K, Devine B, Gorman P, Kassakian S, et al. Health information exchange. Evid Rep Technol Assess (Full Rep). Dec 2015;(220):1-465. [CrossRef] [Medline]
  10. Dixon BE. What is health information exchange? In: Dixon BE, editor. Health Information Exchange: Navigating And Managing A Network Of Health Information Systems. Cambridge, MA. Academic Press; 2016:3-20.
  11. Williams C, Mostashari F, Mertz K, Hogin E, Atwal P. From the Office of the National Coordinator: the strategy for advancing the exchange of health information. Health Aff (Millwood). 2012;31(3):527-536. [CrossRef] [Medline]
  12. Ancker JS, Miller MC, Patel V, Kaushal R, HITEC Investigators. Sociotechnical challenges to developing technologies for patient access to health information exchange data. J Am Med Inform Assoc. 2014;21(4):664-670. [FREE Full text] [CrossRef] [Medline]
  13. Otte-Trojel T, de Bont A, van de Klundert J, Rundall TG. Characteristics of patient portals developed in the context of health information exchanges: early policy effects of incentives in the meaningful use program in the United States. J Med Internet Res. 2014;16(11):e258. [FREE Full text] [CrossRef] [Medline]
  14. Perlin JB. Health Information Technology interoperability and use for better care and evidence. J Am Med Assoc. Oct 25, 2016;316(16):1667-1668. [CrossRef] [Medline]
  15. Akhlaq A, Sheikh A, Pagliari C. Defining health information exchange: scoping review of published definitions. J Innov Health Inform. 2016;23(4):838. [FREE Full text] [CrossRef] [Medline]
  16. Akhlaq A, Sheikh A, Pagliari C. Health information exchange as a complex and adaptive construct: scoping review. J Innov Health Inform. Jan 25, 2017;23(4):889. [FREE Full text] [CrossRef] [Medline]
  17. Fleischman W, Lowry T, Shapiro J. The visit-data warehouse: enabling novel secondary use of health information exchange data. EGEMS (Wash DC). 2014;2(1):1099. [FREE Full text] [CrossRef] [Medline]
  18. Washington V, DeSalvo K, Mostashari F, Blumenthal D. The HITECH Era and the Path Forward. N Engl J Med. Sep 7, 2017;377(10):904-906. [CrossRef] [Medline]
  19. Tharmalingam S, Hagens S, Zelmer J. The value of connected health information: perceptions of electronic health record users in Canada. BMC Med Inform Decis Mak. 2016;16:93. [FREE Full text] [CrossRef] [Medline]
  20. Martin D, Miller A, Quesnel-Vallée A, Caron N, Vissandjée B, Marchildon G. Canada's universal health-care system: achieving its potential. Lancet. Apr 28, 2018;391(10131):1718-1735. [CrossRef] [Medline]
  21. Gheorghiu B, Hagens S. Measuring interoperable EHR adoption and maturity: a Canadian example. BMC Med Inform Decis Mak. Jan 25, 2016;16:8. [FREE Full text] [CrossRef] [Medline]
  22. McGinn C, Grenier S, Duplantie J, Shaw N, Sicotte C, Mathieu L, et al. Comparison of user groups' perspectives of barriers and facilitators to implementing electronic health records: a systematic review. BMC Med. Apr 28, 2011;9:46. [FREE Full text] [CrossRef] [Medline]
  23. Fetter MS. Personal health records: protecting behavioral health consumers' rights. Issues Ment Health Nurs. 2009;30(11):720-722. [CrossRef] [Medline]
  24. Clemens N. Privacy, consent, and the electronic mental health record: the Person vs. the System. J Psychiatr Pract. Jan 2012;18(1):46-50. [CrossRef] [Medline]
  25. Mork M, Price S, Best K. Privacy versus care--the shifting balance in mental health. Fam Syst Health. Mar 2016;34(1):56-57. [CrossRef] [Medline]
  26. Kahn M, Bell S, Walker J, Delbanco T. A piece of my mind. Let's show patients their mental health records. J Am Med Assoc. 2015;311(13):1291-1292. [CrossRef] [Medline]
  27. Caine K, Tierney W. Point and counterpoint: patient control of access to data in their electronic health records. J Gen Intern Med. 2015;30(Suppl 1):S38-S41. [FREE Full text] [CrossRef] [Medline]
  28. Greene J. Behavioral health data in the electronic health record: privacy concerns slow sharing. Ann Emerg Med. Oct 2013;62(4):19A-21A. [CrossRef] [Medline]
  29. Frakt AB, Bagley N. Protection or harm? Suppressing substance-use data. N Engl J Med. May 14, 2015;372(20):1879-1881. [CrossRef] [Medline]
  30. Barnett B, Connery H. Implementation challenges of the final rule of Title 42 of the Code of Federal Regulations part 2: can privacy endure in an era of electronic health information exchange? Am J Addict. 2018;27(1):37-38. [CrossRef] [Medline]
  31. Kozubal D, Samus Q, Bakare A, Trecker C, Wong H, Guo H, et al. Separate may not be equal: a preliminary investigation of clinical correlates of electronic psychiatric record accessibility in academic medical centers. Int J Med Inform. 2013;82(4):260-267. [FREE Full text] [CrossRef] [Medline]
  32. Kipping S, Stuckey MI, Hernandez A, Nguyen T, Riahi S. A web-based patient portal for mental health care: benefits evaluation. J Med Internet Res. Nov 16, 2016;18(11):e294. [FREE Full text] [CrossRef] [Medline]
  33. Simon G, Unützer J, Young B, Pincus H. Large medical databases, population-based research, and patient confidentiality. Am J Psychiatry. Nov 2000;157(11):1731-1737. [CrossRef] [Medline]
  34. Lewis S. Securing a bright health information future. In: Flood CM, editor. Data Data Everywhere: Access and Accountability? Kingston, ON. Carleton University Press; 2011:253-266.
  35. Bäck E, Wikblad K. Privacy in hospital. J Adv Nurs. May 1998;27(5):940-945. [CrossRef] [Medline]
  36. Sankar P, Mora S, Merz J, Jones N. Patient perspectives of medical confidentiality: a review of the literature. J Gen Intern Med. Aug 2003;18(8):659-669. [FREE Full text] [CrossRef] [Medline]
  37. Shaw N, Kulkarni A, Mador R. Patients and health care providers' concerns about the privacy of electronic health records: a review of the literature. Electron J Heal Informatics. 2011;6(1):e3. [FREE Full text]
  38. Shen N, Bernier T, Sequeira L, Strauss J, Silver M, Carter-Langford A, et al. Understanding the patient privacy perspective on health information exchange: a systematic review. Int J Med Inform. May 2019;125:1-12. [CrossRef] [Medline]
  39. Dinev T, Albano V, Xu H, D'Atri A, Hart P. Individuals’ attitudes towards electronic health records: a privacy calculus perspective. In: Gupta A, Patel V, Greenes R, editors. Advances in Healthcare Informatics and Analytics. Annals of Information Systems, vol 19. Cham. Springer; 2016:19-50.
  40. Dimitropoulos L, Patel V, Scheffler SA, Posnack S. Public attitudes toward health information exchange: perceived benefits and concerns. Am J Manag Care. Dec 2011;17(12 Spec No):SP111-SP116. [FREE Full text] [Medline]
  41. Gaylin DS, Moiduddin A, Mohamoud S, Lundeen K, Kelly JA. Public attitudes about health information technology, and its relationship to health care quality, costs, and privacy. Health Serv Res. Jun 2011;46(3):920-938. [CrossRef] [Medline]
  42. Kim K, Joseph J, Ohno-Machado L. Comparison of consumers' views on electronic data sharing for healthcare and research. J Am Med Inform Assoc. Jul 2015;22(4):821-830. [FREE Full text] [CrossRef] [Medline]
  43. Cocosila M, Archer N. Perceptions of chronically ill and healthy consumers about electronic personal health records: a comparative empirical investigation. BMJ Open. Jul 23, 2014;4(7):e005304. [FREE Full text] [CrossRef] [Medline]
  44. Li H, Gupta A, Zhang J, Sarathy R. Examining the decision to use standalone personal health record systems as a trust-enabled fair social contract. Decis Support Syst. 2014;57:376-386. [CrossRef]
  45. Dhanireddy S, Walker J, Reisch L, Oster N, Delbanco T, Elmore J. The urban underserved: attitudes towards gaining full access to electronic medical records. Health Expect. Oct 2014;17(5):724-732. [FREE Full text] [CrossRef] [Medline]
  46. Odlum M, Gordon P, Camhi E, Schnall R, Teixeira P, Bakken S. Perceptions of predisposing, enabling, and reinforcing factors influencing the use of a continuity of care document in special needs PLWH. J Health Care Poor Underserved. Nov 2012;23(4):1457-1476. [CrossRef] [Medline]
  47. Caine K, Kohn S, Lawrence C, Hanania R, Meslin EM, Tierney WM. Designing a patient-centered user interface for access decisions about EHR data: implications from patient interviews. J Gen Intern Med. Jan 2015;30(Suppl 1):S7-16. [FREE Full text] [CrossRef] [Medline]
  48. Oster NV, Jackson S, Dhanireddy S, Mejilla R, Ralston J, Leveille S, et al. Patient access to online visit notes: perceptions of doctors and patients at an urban HIV/AIDS clinic. J Int Assoc Provid AIDS Care. 2015;14(4):306-312. [FREE Full text] [CrossRef] [Medline]
  49. Culnan MJ, Armstrong PK. Information privacy concerns, procedural fairness, and impersonal trust: an empirical investigation. Organ Sci. Feb 15, 1999;10(1):104-115. [CrossRef]
  50. Ranallo PA, Kilbourne AM, Whatley AS, Pincus HA. Behavioral health information technology: from chaos to clarity. Health Aff (Millwood). Jun 1, 2016;35(6):1106-1113. [CrossRef] [Medline]
  51. Cohen D. Effect of the exclusion of behavioral health from Health Information Technology (HIT) legislation on the future of integrated health care. J Behav Health Serv Res. Oct 2015;42(4):534-539. [CrossRef] [Medline]
  52. Strudwick G, Booth R, Borycki E, Kuziemsky C, Zhang T. Centre for Addiction and Mental Health. 2019. URL: https:/​/www.​​-/​media/​files/​pdfs---reports-and-books---research/​camh-health-it-initiative-28mar2018-6002.​pdf [accessed 2019-09-27]
  53. Smith H, Dinev T, Xu H. Information privacy research: an interdisciplinary review. MIS Quart. 2011;35(4):989-1015. [CrossRef]
  54. Palinkas L, Horwitz S, Green C, Wisdom J, Duan N, Hoagwood K. Purposeful sampling for qualitative data collection and analysis in mixed method implementation research. Adm Policy Ment Health. Sep 2015;42(5):533-544. [FREE Full text] [CrossRef] [Medline]
  55. Patton MQ. Qualitative Research & Evaluation Methods: Integrating Theory And Practice. Fourth Edition. Thousand Oaks. Sage Publications, Inc; 2015.
  56. Campbell KS. Collecting information: qualitative research methods for solving workplace problems. Tech Commun. 1999;46(4):532-545. [FREE Full text]
  57. van Doorslaer E, Jones AM. Inequalities in self-reported health: validation of a new approach to measurement. J Health Econ. Jan 2003;22(1):61-87. [CrossRef] [Medline]
  58. McKnight DH, Choudhury V, Kacmar C. Developing and validating trust measures for e-commerce: an integrative typology. Inf Syst Res. Sep 2002;13(3):334-359. [CrossRef]
  59. Saunders B, Sim J, Kingstone T, Baker S, Waterfield J, Bartlam B, et al. Saturation in qualitative research: exploring its conceptualization and operationalization. Qual Quant. 2018;52(4):1893-1907. [FREE Full text] [CrossRef] [Medline]
  60. Britten N. Qualitative interviews in medical research. Br Med J. Jul 22, 1995;311(6999):251-253. [FREE Full text] [CrossRef] [Medline]
  61. Agee J. Developing qualitative research questions: a reflective process. Int J Qual Stud Educ. Jul 2009;22(4):431-447. [CrossRef]
  62. Gale N, Heath G, Cameron E, Rashid S, Redwood S. Using the framework method for the analysis of qualitative data in multi-disciplinary health research. BMC Med Res Methodol. Sep 18, 2013;13:117. [FREE Full text] [CrossRef] [Medline]
  63. Braun V, Clarke V. Using thematic analysis in psychology. Qual Res Psychol. Jan 1, 2006;3(2):77-101. [FREE Full text] [CrossRef]
  64. Braun V. Successful Qualitative Research: A Practical Guide For Beginners. Thousand Oaks, CA. Sage Publications Ltd; 2019.
  65. Vaismoradi M, Turunen H, Bondas T. Content analysis and thematic analysis: implications for conducting a qualitative descriptive study. Nurs Health Sci. Sep 2013;15(3):398-405. [CrossRef] [Medline]
  66. Meyer S, Ward P. ‘How to’ use social theory within and throughout qualitative research in healthcare contexts. Sociol Compass. 2014;8(5):525-539. [CrossRef]
  67. Sandelowski M. Theory unmasked: the uses and guises of theory in qualitative research. Res Nurs Health. Jun 1993;16(3):213-218. [CrossRef] [Medline]
  68. Ash J, Guappone K. Qualitative evaluation of health information exchange efforts. J Biomed Inform. Dec 2007;40(6 Suppl):S33-S39. [FREE Full text] [CrossRef] [Medline]
  69. Patel V, Beckjord E, Moser RP, Hughes P, Hesse BW. The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results. JMIR Med Inform. Apr 2, 2015;3(2):e14. [FREE Full text] [CrossRef] [Medline]
  70. Walker D, Johnson T, Ford E, Huerta T. Trust me, I'm a doctor: examining changes in how privacy concerns affect patient withholding behavior. J Med Internet Res. Jan 4, 2017;19(1):e2. [FREE Full text] [CrossRef] [Medline]
  71. Abdelhamid M, Gaia J, Sanders G. Putting the focus back on the patient: how privacy concerns affect personal health information sharing intentions. J Med Internet Res. Sep 13, 2017;19(9):e169. [FREE Full text] [CrossRef] [Medline]
  72. Barth S, de Jong M. The privacy paradox – investigating discrepancies between expressed privacy concerns and actual online behavior – A systematic literature review. Telemat Informatics. Nov 2017;34(7):1038-1058. [FREE Full text] [CrossRef]
  73. Platt J, Kardia S. Public trust in health information sharing: implications for biobanking and electronic health record systems. J Pers Med. Feb 3, 2015;5(1):3-21. [FREE Full text] [CrossRef] [Medline]
  74. Hripcsak G, Bloomrosen M, FlatelyBrennan P, Chute C, Cimino J, Detmer D, et al. Health data use, stewardship, and governance: ongoing gaps and challenges: a report from AMIA's 2012 Health Policy Meeting. J Am Med Inform Assoc. 2014;21(2):204-211. [FREE Full text] [CrossRef] [Medline]
  75. Vest JR, Gamm LD. Health information exchange: persistent challenges and new strategies. J Am Med Inform Assoc. 2010;17(3):288-294. [FREE Full text] [CrossRef] [Medline]
  76. Hussain A, Rivers P, Stewart L, Munchus G. Health information exchange: current challenges and impediments to implementing national health information infrastructure. J Health Care Finance. 2015;42(1):1-8. [FREE Full text]
  77. Sheikh A, Sood H, Bates D. Leveraging health information technology to achieve the 'triple aim' of healthcare reform. J Am Med Inform Assoc. Jul 2015;22(4):849-856. [FREE Full text] [CrossRef] [Medline]
  78. Triberti S, Barello S. The quest for engaging AmI: patient engagement and experience design tools to promote effective assisted living. J Biomed Inform. Oct 2016;63:150-156. [FREE Full text] [CrossRef] [Medline]
  79. Greenhalgh T, Hinder S, Stramer K, Bratan T, Russell J. Adoption, non-adoption, and abandonment of a personal electronic health record: case study of HealthSpace. Br Med J. Nov 16, 2010;341:c5814. [FREE Full text] [CrossRef] [Medline]
  80. Greenhalgh T, Russell J. Why do evaluations of eHealth programs fail? An alternative set of guiding principles. PLoS Med. Nov 2, 2010;7(11):e1000360. [FREE Full text] [CrossRef] [Medline]
  81. Spencer K, Sanders C, Whitley E, Lund D, Kaye J, Dixon W. Patient perspectives on sharing anonymized personal health data using a digital system for dynamic consent and research feedback: a qualitative study. J Med Internet Res. Apr 15, 2016;18(4):e66. [FREE Full text] [CrossRef] [Medline]
  82. Manson NC. The biobank consent debate: Why 'meta-consent' is not the solution? J Med Ethics. May 2019;45(5):291-294. [CrossRef] [Medline]
  83. Cheung S. Moving beyond consent for citizen science in big data health and medical research. Northwest J Technol Intellect Prop. 2018;16(1):15-40. [FREE Full text]
  84. Ploug T, Holm S. The biobank consent debate: why 'meta-consent' is still the solution!. J Med Ethics. May 2019;45(5):295-297. [CrossRef] [Medline]
  85. Caine K, Hanania R. Patients want granular privacy control over health information in electronic medical records. J Am Med Inform Assoc. Jan 01, 2013;20(1):7-15. [FREE Full text] [CrossRef] [Medline]
  86. Grande D, Mitra N, Shah A, Wan F, Asch DA. Public preferences about secondary uses of electronic health information. JAMA Intern Med. Oct 28, 2013;173(19):1798-1806. [FREE Full text] [CrossRef] [Medline]
  87. Nissenbaum H. Privacy In Context: Technology, Policy, And The Integrity Of Social Life. Stanford, California. Standford University Press; 2009.
  88. Nissenbaum H. Privacy as contextual integrity. Washingt Law Rev. 2004;79:119-158. [FREE Full text]
  89. Aitken M, Jorre J, Pagliari C, Jepson R, Cunningham-Burley S. Public responses to the sharing and linkage of health data for research purposes: a systematic review and thematic synthesis of qualitative studies. BMC Med Ethics. Nov 10, 2016;17(1):73. [FREE Full text] [CrossRef] [Medline]
  90. Lin Y, Lee W, Kuo L, Cheng Y, Lin C, Lin H, et al. Building an ethical environment improves patient privacy and satisfaction in the crowded emergency department: a quasi-experimental study. BMC Med Ethics. Feb 20, 2013;14:8. [FREE Full text] [CrossRef] [Medline]
  91. Guest G, Bunce A, Johnson L. How many interviews are enough?: an experiment with data saturation and variability. Field Methods. 2006;18(1):59-82. [CrossRef]
  92. Francis JJ, Johnston M, Robertson C, Glidewell L, Entwistle V, Eccles MP, et al. What is an adequate sample size? Operationalising data saturation for theory-based interview studies. Psychol Health. Dec 2010;25(10):1229-1245. [CrossRef] [Medline]
  93. Patton M. Qualitative Evaluation And Research Methods. Thousand Oaks, CA. Sage Publications Inc; 1990.
  94. Byrne S. Healthcare avoidance: a critical review. Holist Nurs Pract. 2008;22(5):280-292. [CrossRef] [Medline]
  95. Kass NE, Sugarman J, Faden R, Schoch-Spana M. Trust, the fragile foundation of contemporary biomedical research. Hastings Cent Rep. 1996;26(5):25-29. [CrossRef] [Medline]
  96. Patel M, Doku V, Tennakoon L. Challenges in recruitment of research participants. Adv Psychiatr Treat. 2003;9(3):229-238. [CrossRef]
  97. Woodall A, Morgan C, Sloan C, Howard L. Barriers to participation in mental health research: are there specific gender, ethnicity and age related barriers? BMC Psychiatry. Dec 02, 2010;10:103. [FREE Full text] [CrossRef] [Medline]
  98. McCambridge J, Witton J, Elbourne DR. Systematic review of the Hawthorne effect: new concepts are needed to study research participation effects. J Clin Epidemiol. Mar 2014;67(3):267-277. [FREE Full text] [CrossRef] [Medline]

APCO: Antecedent-Privacy Concern-Outcome
CAMH: Centre for Addiction and Mental Health
EHR: electronic health record
HIE: health information exchange
HIT: health information technology
PHI: personal health information
REB: research ethics board

Edited by M Wolters; submitted 07.01.19; peer-reviewed by J Walker, D Walker; comments to author 22.03.19; revised version received 14.06.19; accepted 31.08.19; published 13.11.19.


©Nelson Shen, Lydia Sequeira, Michelle Pannor Silver, Abigail Carter-Langford, John Strauss, David Wiljer. Originally published in JMIR Mental Health (, 13.11.2019.

This is an open-access article distributed under the terms of the Creative Commons Attribution License (, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in JMIR Mental Health, is properly cited. The complete bibliographic information, a link to the original publication on, as well as this copyright and license information must be included.