Patients who want to control how their personal health information is shared among physicians have few tools to apply their preferences. In fact, they are mostly left with relying on whatever trust they have established with their primary physicians to protect their data when it is exchanged with specialists or other providers.
To help remedy the situation, the Health & Human Services Department set up a special tiger team, made up of public and private sector privacy experts, to suggest policy and technical approaches to patient consent, as well as other vexing challenges related to moving highly personal information over networks.
Some of these issues must be resolved sooner rather than later in order to sync with the pending 2011 first-stage meaningful use deadlines that require providers to share some health records via health information exchange (HIE). But in doing so, the tiger teammates want to tread carefully.
"We want to honor patient preferences from the policy perspective and determine if technology supports it," said Deven McGraw, the chair of the tiger team, who is also director of the Health Privacy Project at the Center for Democracy and Technology, at one of their recent meetings.
Downstream impact
As these are often highly personal circumstances, the policies surrounding consent must be well-crafted, notes Paul Egerman, the tiger team's co-chairman and a software entrepreneur. "Ultimately, we need to earn the trust of consumers and physicians that [consent] is occurring correctly," he said.
Policymakers must be aware of the impact of any new consent policies on providers as well as firms developing the software and the networks that will execute patient information sharing preferences. Furthermore, how these rules play out is almost certain to affect the basic relationships between doctors and patients, experts say.
"I think if consent is incorporated [into meaningful use] it will have an impact on [providers'] decisions to participate in health information exchanges and may change their relationship with their patient," said Lisa Gallagher, senior director for privacy and security at HIMSS.
For starters, the time it takes a provider to explain the uses, disclosures and requests for consent to their patients will directly affect practice work flow. Administrative or office practice staff will also need time, effort and training to learn and establish new processes, and attorneys will need to approve agreements. Providers and their staff have to be good at educating patients.
"It's a formidable task," Gallagher said.
Some IT systems already exist to manage consumer consent preferences, such as ways to partition more sensitive data. But these applications might not have been deployed or customized for healthcare, Gallagher said. "There is a lot to implementing it in healthcare in a way that is meaningful, transparent and clear to the patient," she said.
And the patient consent policies will ultimately shape the technology itself, Gallagher notes. "But lacking policy, vendors of EHRs and other kinds of products that help to implement this are really shooting in the dark," she said.
Even so, vendors are beginning to take on the challenge. At a recent hearing sponsored by the tiger team, Dr. Michael Sterns, chief executive officer of e-MDs, an EHR provider, said physicians can mark data as confidential in several areas using the e-MDs' EHR, including health summary medication and problem lists and progress notes sections.
In this case the patient remains un connected electronically from his or her record. "The patient does not have a direct role but can ask the provider to mark certain information as confidential," he said. When the physician clicks on a "confidentiality switch," the EHR will block out the confidential information when viewed by someone who does not have access privileges, he said.
Currently, e-MDs users can take advantage of this function only with other e-MDs users, Stearns said. "Information captured as structured data could be marked as protected information that could be shared with other systems, but to be truly interoperable this would require standards that were embraced by the industry or required from regulatory bodies," he said.
Another system, Private Access, is a Web-based transaction service that stores and manages the health privacy preferences of its users. Third parties wanting to access the health data are vetted via a rules engine against access preferences set by the patient. These might allow family members to have complete access to the records, or involve more exclusive settings, according to Robert Shelton, founder and CEO of Private Access.
While these and other technologies can enable patients to release parts of their medical record to providers, many of the currently available tools and techniques are far from fool-proof, says Egerman.
For instance, some systems enable a provider to exclude certain codes in the exchange of a Continuity of Care Document (CCD) that specify an illness that the patient does not want shared, such as a sexually transmitted disease (STD). But other codes in the record for related test results or medications can still allow others to infer the patient has an STD.
"It's leaky," Egerman said. "Downstream inferences are beyond state-ofthe- art."
