Proposed Frameworks to Improve the Quality of Health Web Sites: Review

Cynthia Baur, PhD and Mary Jo Deering, PhD

Disclosures
In This Article

Methods

Between July 1996 and May 2000, 4 separate groups released guidelines, policies, or codes of conduct or ethics for health Web sites. The Health on the Net (HON) Code of Conduct appeared in July 1996 (www.hon.ch/HONcode/Conduct.html); Guidelines for medical and health information sites on the Internet, by the American Medical Association (AMA), in March 2000 (www.ama-assn.org/about/guidelines.htm);Ethical principles for offering Internet health services to consumers, from Health Internet Ethics (Hi-Ethics), in May 2000 (www.hiethics.org/Principles/index.asp); and the International eHealth Code of Ethics, by the eHealth Ethics Initiative, also in May 2000 (http://www.ihealthcoalition.org). For the sake of consistency, we refer to the 4 as "frameworks." The HON Code is currently in use on several thousand health Web sites. The Hi-Ethics Principles, which were formulated by 20 health Web sites, and the eHealth Ethics Initiative Code, which was formulated by a cross-section of health and healthcare stakeholders, are scheduled to be implemented in late 2000 or early 2001. In each case, the version of the framework publicly available as of May 24, 2000 was consulted.

Table 1 contains a side-by-side listing of each element of the 4 frameworks. The side-by-side listing provides a panoramic view of the frameworks and highlights those areas covered or not covered by each framework's commitments or principles. The table was created in several steps. Each framework was assigned a column. We tagged each element of the 4 frameworks with keywords generated from the frameworks themselves. Common or similar elements were placed in side-by-side cells in the table. Compound principles or commitments were separated into discrete units. After reviewing all the frameworks and elements, 14 categories emerged that are identified in rows with Roman numerals in the Table. Some of the 14 categories have subcategories. For example, the Disclosure category has 10 subcategories (a-j). In those instances in which all the frameworks address the same or a similar element, the cells across a row are filled. When fewer than all 4 address a similar element, there are blank cells across the row. The categories and assignment of elements were done jointly by us and were not independently verified, although the table was widely reviewed by HHS staff.

Our review of the 14 categories further suggested 4 broad areas for analysis. The 4 broad analytical categories are (a) Disclosure, (b) Web site actions, (c) Choices, and (d) Acknowledgement of accepted professional practices and legal obligations. Disclosure refers to information that Web sites will provide to users about their sites, including content, policies and practices, and business operations. The Disclosure category pulls together, across topic areas such as privacy and quality standards for content, the large number of elements about Web sites that users will be told about. Web site actions emerged as a relevant analytical category because it highlights the affirmative steps site operators commit to taking to enhance quality and consumer protection. The Choices categoryaggregates the opportunities that Web sites have created for users to express their preferences, particularly preferences about uses of personal information. Acknowledgement of accepted professional practices and legal obligations encompasses healthcare providers' and Web site professionals' responsibilities to adhere to the best of existing codes of conduct, ways of doing business, or existing laws and regulations governing relevant activities. The elements are identified according to these 4 categories in the final column of Table 1.

Direct comparisons between the frameworks were difficult because they do not use the same language to describe their principles or commitments. The ambiguity of terminology often made it difficult to determine whether there was consistency among the frameworks or even within a given framework. For example, although 3 frameworks agree that Web sites should disclose their data collection practices, the frameworks do not use the same language to describe the practices. Hi-Ethics uses phrases such as "meaningful choice," "purposes a reasonable consumer would expect," and "explicit opt-in." The eHealth Code uses, among others, "informed consent" and "specific affirmative consent." The AMA Guidelines use "opt-in," "opt-out," "agree," and "choose" in different contexts. Moreover, it is not always clear whether there is internal consistency for a given framework. Each framework uses multiple terms to describe what appear to be similar practices. Table 1 reports the elements in the language used by the frameworks themselves whenever possible. The differences in terminology among the frameworks are not surprising because they were written independently, but the differences are important because they potentially create confusing and ambiguous commitments and indicate a lack of consensus in the field about how to identify fundamental protections.

processing....