Electronic CPAP data management – Implications for management, privacy and medico-legal issues.

09 Nov Electronic CPAP data management – Implications for management, privacy and medico-legal issues.

Technology has seen improvements in the amount and types of data CPAP machines record and more recently manufacturers have utilised wi-fi or modems to transmit data to cloud based databases so it is readily available without necessarily going into the clinic for review.
The Australasian Sleep Association (ASA) have reviewed the current literature on CPAP monitoring systems to provide guidance on their use in the Australasian context.

CPAP monitoring systems
Three leading CPAP manufacturers were compared and all were found to measure and record data in slightly different ways due to their patented algorithms. For example, the machines algorithms all calculate the residual apnoea-hypopnoea index (AHI) and mask leakage from the flow sensors in the machine. However all the compared manufacturers did this in a different way based off different criteria of changes in the flow signals. Additionally during sleep study polysomnography (PSG), many other sensors are used such as respiratory effort, blood oxygen and EEG changes to ultimately determine the AHI, so can this be directly compared to the AHI of a CPAP data system?
Studies have found discrepancies between CPAP AHI and PSG AHI particularly the hypopnoea index. It was only found to be clinically useful when the CPAP AHI is very low <10 or high >20 however treatment should always be assessed with clinical expertise. It is also unknown how the long term CPAP AHI values mean clinically in terms of improving cardiovascular, cognitive and daytime function.

Privacy and security policies
The three major manufactures offer cloud based databases for storage of therapy data and patient information which has improved access and patient management. How secure is this data though? All have created privacy policies to comply with the relevant legislation and have measures in place to protect it. However they do need to be reviewed and updated regularly to prevent data breaches and should be checked to ensure they comply with any legislation changes. Patients should also be explained how their data is hosted and managed and they should carefully read the privacy policies before they consent to their use.

Legal implications
With the ability to now manage CPAP data remotely the question arises, what are the legal implications for providers of therapy? For example, if a CPAP user has not been adherent or therapy is sub-optimal, then falls asleep driving and causes an accident, what are the legal implications for the treating physician or CPAP providers? The ASA recognised that some liability does fall on the treating medical professionals and their practices should have good risk management and insurance practices in place. The frequency of follow up using the new technology and optimal treatment guidelines need to be legally reviewed and no guidelines exist at present however the ASA recommends that CPAP data be reviewed in accordance with the ‘Best Practice Guidelines for CPAP Therapy’.
CPAP data for improving adherence
The modems and wireless transmission means have enabled better tracking of patients therapy however no guidelines have been published on how this data should be used, particularly the frequency in which they should be checked. Some studies have shown improved adherence to therapy when using this technology in a way so that struggling patients are quickly followed up via telephone compared to standard routinely set follow ups. The rapid delivery of data makes this information more available for providers to more easily identify struggling patients and follow them up. New apps and websites allowing patients to view their own data and usage has also been shown to yield an improved adherence in patients who made use of these features compared to those who did not.

Take home messages
• Standardisation is needed for the algorithms for detecting AHI, leak by CPAP machines.
• A new name for CPAP AHI (AHIflow) should be adopted as it is not the same measure as PSG AHI.
• CPAP AHI should not replace comprehensive clinical assessment and follow up. CPAP AHI is clinically useful if the AHI is very low <10 or high >20.
• Patients should be encouraged to read privacy policies to follow understand how their data is securely stored and used.
• CPAP data should be reviewed at 7, 30, 60 days then at 12 months and yearly thereafter. CPAP data should not be assessed in isolation and should occur within the context of an overall clinical review by a medical practitioner.
• Data should be used to help stratify access to review for those that need it most to improve adherence and treatment.
• Patients should be encouraged to engage in their own CPAP data to improve their usage.