The proliferation of electronic health records (EHRs),1 the advent of the nearly instantaneous sharing of clinical information and notes with patients and parents,2 and efforts to comply with the 21st Century Cures Act Information Blocking Rule3 have together forced professionals who deliver health care to adolescent patients to focus intense attention on frameworks that guide the provision of adolescent health care.4,5 Ethical and professional frameworks emphasize that meeting the health care needs of adolescents is the professional responsibility of health care systems and clinicians who provide their health care. Parents are typically involved in health care and aligned with clinicians on the goal of achieving optimal health for their adolescent children. However, it is well-documented that some adolescents will only seek health care or openly communicate with a health professional if their parents are not involved, and ethical and professional frameworks support the provision of confidential adolescent health care when needed.6–8
Understanding the legal framework and legal protections that exist for adolescent privacy (and their relationship to consent requirements) is the other key element in finding the most appropriate ways to share adolescents’ health information while also considering privacy protection, both for developmental reasons and to encourage them to seek needed care.9 Thus, health care providers’ professional responsibilities include adhering to ethical and professional guidelines and their legal obligation to protect the confidential health information of their adolescent patients.10 This has become increasingly challenging within EHRs and in the context of OpenNotes and the 21st Century Cures Act ban on information blocking.11,12
One of the realities underlying the challenge is the variability in the laws that protect adolescent privacy and the ways that some of these laws differ from professional guidelines. The variability in the laws is the subject of the article in this issue of Pediatrics by Sharko et al,13 in which their analysis of state laws clearly reveals significant differences among states in how and when they allow adolescent minors to consent to their own care and protect the confidentiality of the information associated with their care. Their analysis also examines the extent to which states’ laws conform to or depart from evidence-based professional guidelines on protecting adolescent privacy and finds significant inconsistencies in that realm as well.
Currently, the legal protections for adolescents’ confidential health information are derived from a complex patchwork of both state and federal laws. At the state level, they include laws that allow minors to consent to their own care, some of which also specify privacy protections, as well as an array of medical privacy and health records laws.14 At the federal level, the Health Insurance Portability and Accountability Act Privacy Rule includes specific protections for adolescent minors in ways that refer to both state laws and other federal laws, such as family planning regulations and substance use disorder confidentiality rules, for determining who has access and control over an individual’s health information.15 Sometimes, but not always, the laws support the approaches set forth in professional and ethical guidelines. Of note, ethical guidelines and many laws require disclosure of confidential information in cases of suspected abuse, suicide risk, or homicidal threats. When laws and ethical guidelines diverge, health care professionals wrestle with balancing their ethical obligations with what the law requires.
The complexity of the legal framework does present challenges for health care providers who must decide what information to enter in an adolescent patient’s EHR, for information technology administrators who are responsible for the implementation and modification of EHRs and web portals, for EHR designers and vendors who are responsible for ensuring their product is compliant with legal requirements, and for policymakers who craft new legal requirements. Against this backdrop, Sharko et al13 issue a “call to action” to harmonize state laws to provide consistent privacy protection for adolescents in line with professional guidance. This is a laudable goal that, if achievable, would simplify the task of adolescent health care providers, information technology administrators, EHR vendors, and the legal counsel who advise them. Nevertheless, the pursuit of this goal at the present time entails substantial risk.
The state minor consent laws, as well as the privacy protections in the minor consent laws and other laws, have been enacted over decades in different states during varying political climates. Many of the minor consent laws have been in place for 4 decades or longer, sometimes with more recent minor additions or expansions to address specific services or vulnerable groups. Nonetheless, in recent years, attempts have been made in some states to repeal in their entirety the laws allowing minors to consent for their own health care and providing protection for the confidentiality of the information associated with that care in their specific state. Although these attempts have, so far, not been successful, some have come close and have required extraordinary advocacy by the community of health care professionals to defeat them. Most recently, attempts are being made in some states to disallow minor consent for health care under the guise of “parents’ rights.”16 At the same time, intense controversies around issues such as abortion17 and transgender care for young people18,19 make the current climate less than hospitable to efforts that might entail expansion of minor consent laws and confidentiality protection in some states.
At the present time, we suggest 2 strategies that might prove useful now and in the future. The first is that health care professionals support ongoing efforts to develop technical methodologies for granular segmentation of digital health information in EHRs so that sensitive information can, when ethically or legally necessary, be protected from sharing while as much other information as possible can be shared via OpenNotes or patient portals in ways that promote adolescent and young adult health. The second is for the health care community to work on developing recommendations for what would optimally be included in laws that protect adolescent minors’ privacy consistent with ethical standards and best practice professional guidelines, while allowing advocates in each state to decide whether and when it would make sense, without undue risk, to move forward with efforts to bring the laws in their state in line with the professional recommendations. We believe these 2 strategies are consistent with the goals of the call to action issued by Sharko et al.13
FUNDING: No external funding.
CONFLICT OF INTEREST DISCLOSURES: The authors have indicated they have no potential conflicts of interest to disclose.
COMPANION PAPER: A companion to this article can be found online at www.pediatrics.org/cgi/doi/10.1542/peds.2021-053458.
electronic health records