Health IT and Electronic Health Activate your FREE membership today |  Log-in
 What is the role of patient consent in health information exchange?
What kind of tools will be needed to enable patients to manage the transmission of their health data?  How could they control which types of information go to which providers in which circumstances?  (This assumes, of course, that the healthcare community believes that patients should ideally have such control.  However, if the community does not believe this, I would assert that it will be difficult to gain the public's trust in HIE.)
ASKED: February 24, 2010  10:49 PM
UPDATED: June 22, 2010  8:08 pm

Answer Wiki:
The Rhode Island Quality Institute recently published a draft of its <a href=""> HIE Strategic Plan</a>. The plan includes a high level description of the technical architecture of the Rhode Island HIE, which is branded as "<b>current<i>care</i></b>. This HIE includes technical components needed to respond to the RI Health Information Exchange Act of 2008. The Act requires a two-step authorization model. First, the patient must agree to participate in the HIE. This allows the patient's data to move from the sources into the HIE. Second, the patient grants permission to view the data to providers who are known to the HIE. The patient can revoke permision at any time. Although the authorization model is simple to understand, the implementation adds a fair amount of complexity to the technical design.
Last Wiki Answer Submitted:  June 16, 2010  7:36 pm  by  Cio67   385 pts.
All Answer Wiki Contributors:  Cio67   385 pts.
To see all answers submitted to the Answer Wiki: View Answer History.

Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _


To me, the above approach doesn’t address the complex realities of managing patient consent in a distributed health care information exchange ecosystem.

Patient consent preferences will eventually need to accommodate various levels of granularity as outlined in “CONSUMER CONSENT OPTIONS FOR ELECTRONIC HEALTH INFORMATION EXCHANGE: POLICY CONSIDERATIONS AND ANALYSIS” published 3/23/10 by the ONCHIT.

These levels include Granularity by Provider, By Time Range, By Data Type, and By Purpose. The first two levels may or may not be reasonably accommodated from an administrative, procedural and technical standpoint; but I believe the latter two levels will be particularly troublesome from a definition and implementation perspective.

In regards to Granularity by Data Type, how will clinical data be segmented? What if a patient only wants to allow his mental health information to be shared with a psychiatrist for 2 months for the purpose of a rehab workup but prevent all other access to these information.

Consider the myriad of metadata and terminology challenges related to normalizing and categorizing diagnoses, procedural and other clinical data points across disparate data sets link CPT, HCPCS, SnoMed, HL7, ICD-9/10 and others. Not too mention the various versions of nearly identical code sets like ICD-9 and ICD-10?

With Granularity by Purpose, how will all of the possible uses of a patient’s information be agreed upon and defined in such a manner as to allow electronic exchange between primary (originator) and secondary (the HIE) stakeholders. Moreover, care management, care delivery, quality improvement, new payment methods, clinical research and health services research are evolving and non-trivial uses/users for patient data that will be subject to patient consent privileges.

What if two different physician’s submit patient data to a health information exchange with conflicting patient consent privileges? Does this imply that patient data and their consent privileges must be maintained on an individual provider by provider and data segmentation by data segmentation basis?

Then think about the real-world challenges of accommodating all of the potential permutations of these various types of granularity and the real need to accommodate individual state laws and the overall federal regulatory framework; it’s obvious that defining, designing, delivering and managing patient consent across a health information exchange will be a huge challenge.

It goes on and on and on. Just saying.

 10 pts.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: