Health Informatics & Sciences

What Are the Ethical Principles In Health Informatics?

What Are the Ethical Principles In Health Informatics?
One of the most troubling issues in the area of health informatics data collection is the sharing and selling of patient records and the impact this has on patient privacy. Image from Pexels
Beth Friedland profile
Beth Friedland May 4, 2022

The International Medical Informatics Association (IMIA) has created fundamental and general ethical principles for health informatics professionals’ use of patients' electronic health records (EHR).

Article continues here

What are we talking about when we talk about medical ethics? Ethics is about making decisions that are good or bad, or right or wrong. It seems simple enough, but who decides what is right or wrong? Right (good) and wrong (bad) choices are made based on common, agreed-upon criteria and a standard code of ethical conduct to which everyone is supposed to adhere.

Easy enough, right?

Not so fast. Ethics in the field of health sciences is a complicated topic, often involving life or death issues. For this reason, medical ethical principles deal with the obligations healthcare providers—and, for this article, health informatics professionals—have to their patients and the wider society. Ethical considerations change as healthcare and health information technology evolve—all of which impact patient safety and patient care.

Codes of ethics versus legal guidelines

Don’t confuse the code of ethics with legally binding and mandated guidelines; they are not the same. The Health Insurance Portability and Accountability Act (HIPAA) defines the legal obligations regarding the collection, management, and sharing of medical information. A code of ethics for health information professionals is less concrete.

Ethics requires decisions to be made by individuals. It relies on individual personal judgment, and here is where things can become murky, because not everyone interprets what is right or wrong the same way. In addition, ethical issues can arise even within the framework of an agreed-upon code.

So, who is responsible for the standard code of health informatics ethics and the informaticists who handle sensitive patient data? In this article, we will cover how the American Medical Informatics Association (AMIA) and other organizations are responding to ethical issues as they strive to maintain ethical standards in the field of healthcare informatics.

As well, organizations such as the non-profit group the American Health Information Management Association (AHIMA) work with healthcare professionals to maintain standards and integrity of health data collection and management.


“I'm Interested in Health Informatics!”

University and Program Name Learn More

Ethical challenges in health informatics

No question about it, information technology is critical in the world of healthcare management. Medical informatics is used in every area of health sciences. Electronic medical records are accessed on our computers, many medical devices are monitored online, and doctors are providing healthcare to patients via ehealth or telehealth. Information systems also support patients as they manage their health and well-being. And healthcare professionals rely on health information technology to assist them in providing effective care and interventions to their patients.

Since informatics plays a role in every step of the healthcare journey, it is no surprise that informatics professionals face ethical challenges as they handle patient information in their everyday work.

Electronic healthcare records

For instance, not all electronic healthcare records (EHR) are legally protected by HIPAA. Unlike most healthcare providers, artificial intelligence (AI) developers are not bound by HIPAA laws and do not have to follow strict guidelines regarding information management. This, of course, poses ethical concerns in how patient data is handled and shared.

Artificial intelligence is used to gather and analyze electronic health records and other medical information to predict outcomes and offer treatment advice for clinicians and medical providers, among other things. While this technology has transformed healthcare in many valuable ways, the algorithms used by this technology also have been shown at times to unintentionally replicate bias.

Since HIPAA laws do not cover artificial intelligence app developers, those with access to patient health records must exercise individual judgment to prevent replication of bias caused by underrepresentation or misrepresentation of different populations in the data sets they mine. Failure to do so could compound generations of medical mismanagement of individuals in various racial, age, gender, sexual preference, and medical history groups.

Mapping genomes

From 1990 to 2003, The Human Genome Project (HGP) sought to map the entire genome for all humankind. This project has had a major impact on our understanding of human evolution and human health. The first human genome sequence took its sample DNA from a relatively small group of individuals who were predominantly of European ancestry.

99 percent of all human genomes are the same. However, the remaining 1 percent represents the diversity we see in everyone on the planet and includes variables like ethnicity and ancestry.

The The Human Pangenome Project is widening the scope of this area of study to account for the diversity of humankind by studying the genomic sequence from a diverse sample of people of all ancestries and geographies. This project will offer a more accurate human genomic sequence than the Human Genome Project.

However, with this advancement come additional ethical concerns, such as transparency when using DNA from marginalized populations. To avoid ethical dilemmas, the Human Pangenomic Project has dedicated social ethicists who are constantly monitoring the project to help maintain the ethical integrity of the project, as well as the work of project managers and working groups.

As well, the Earth Biogenome Project (EBP) is endeavoring to sequence and organize the genomes of all species on Earth. The information that may be revealed through this project could spark innovations in many aspects of public health, including the development of new treatments for disease (much of which depends on protecting the planet’s biodiversity).

The project convenes a dedicated group, the Earth Biogenome Project Ethical, Legal and Social Issues Committee (ELSC), devoted to addressing concerns arising from the EBP. The ELSC details its commitment to an ethical code of conduct with guidelines for every area encompassed by the project. The committee’s oversight includes social and legal issues based on international treaties and jurisdictional laws, rules governing intellectual property, sampling and permitting, biosecurity, and protection of endangered species, among others.

Patient medical data

One of the most troubling issues in the area of health informatics data collection is the sharing and selling of patient records—and the impact this has on patient privacy. Healthcare organizations can avoid HIPAA laws that are meant to protect patient safety by removing identifying patient information like names, addresses, and phone numbers. They can then sell the de-identified patient records to their partners without patients ever knowing where their records went and for what purpose (or that their medical info was monetized).

While sharing de-identified electronic health records is necessary for the advancement of treatments in healthcare, it’s an ethical dilemma, as it appears to conflict with patients’ rights to control and keep their medical information private.

IMIA code of ethics helps professionals navigate sticky issues

The International Medical Informatics Association (IMIA) endeavors to help organizations avoid these kinds of ethical and legal issues. It advocates for a collaborative public health and informatics community that benefits all people and encourages cooperation across nations to strengthen the industry worldwide.

What are the ethical principles in health informatics?

The health informatics (HI) field includes technology and software systems that merge management and analysis of patient records with how healthcare professionals and clinicians use health data to monitor, diagnose, and treat patients.

The ethical ramifications in public health regarding how information technology is used are so critical to maintaining the integrity of data collection within the healthcare system that some universities have developed coursework which includes specific ethical and legal issues in the health informatics profession.

The Ethics and Compliance Initiative outlines why a code of ethics is critical in any organization, and the same ideas can be applied to an entire field or industry. In fact, the International Medical Informatics Association has done just that by creating specific sets of principles for the field of health informatics.

IMIA fundamental ethical principles in health informatics

1. Principle of autonomy

All people have the fundamental right to self-determination.

2. Principle of equality and justice

All people are equal and have a right to be treated accordingly.

3. Principle of beneficence

Everyone has the duty to advance the good of others when it aligns with the fundamental and ethically defensible values of the affected person.

4. Principle of non-malfeasance

Everyone has the responsibility to prevent harm to other persons when they can—and can do so safely.

5. Principle of impossibility

All rights and responsibilities are in effect on the condition that it is possible to meet them in each particular circumstance.

6. Principle of integrity

Whoever is responsible must fulfill that obligation to the best of their ability.

General ethical principles In health informatics

The fundamental principles in health informatics ethics give rise to seven general principles of health informatics ethics, which aid informaticists as they strive to apply these guidelines to the healthcare system.

1. Principle of information-privacy and disposition

Everyone has a fundamental right to privacy and control over the collection, storage, access, use, communication, manipulation, and disposition of their data.

2. Principle of openness

The collection, storage, access, use, communication, manipulation, and disposition of personal data must be disclosed in an appropriate and timely fashion to the person the data belongs to.

3. Principle of security

Personal data that has been legitimately collected should be protected by all reasonable and appropriate measures against loss, degradation, unauthorized destruction, access, use, manipulation, modification, or communication.

4. Principle of access

A person has the right to access their health record and the right to correct the record for accuracy, completeness, and relevance.

5. Principle of legitimate infringement

The fundamental right of control over the collection, storage, access, use, manipulation, communication, and disposition of personal health data is constrained only by the legitimate, appropriate, and relevant data needs of a free, responsible, and democratic society, and by the equal and competing rights of other persons.

6. Principle of the least intrusive alternative

Any infringement of a person’s privacy rights and their right to control their health data as detailed in Principle 1, may only occur in the least intrusive manner that minimally interferes with their rights.

7. Principle of accountability

Any infringement of the person’s privacy rights and the right to control their health data must be justified in good time and in an appropriate fashion.

Considering the expanding nature of health informatics—and the advancing technologies and innovations in software collection systems—it’s easy to see how clearly drawn ethical guidelines serve a critical role in protecting both patient privacy and the integrity of the informatics systems themselves.

Adhering to a shared set of ethics helps all stakeholders understand their rights and responsibilities. Specific and accepted code of conduct expectations protects patients as well as healthcare providers, while also guarding the integrity of information technology, public health research, and public health initiatives.

(Last Updated on February 26, 2024)

Questions or feedback? Email

About the Editor

Tom Meltzer spent over 20 years writing and teaching for The Princeton Review, where he was lead author of the company's popular guide to colleges, before joining Noodle.

To learn more about our editorial standards, you can click here.


You May Also Like To Read

Categorized as: Health Informatics & SciencesNursing & Healthcare