Health IT and Electronic Health Activate your FREE membership today |  Log-in

HIT Security and Privacy

Jun 29 2010   11:28AM GMT

ONC Privacy & Security Tiger Team zeroes in on consent



Posted by: SteveGonHIT
consent, EHR, health IT, ONC, privacy

The Office of the National Coordinator’s (ONC) Privacy and Security Tiger Team continued its examination of high-priority health IT issues with a day-long Consumer Choice Technology Hearing (see the Agenda), which featured representatives from several IT vendors, federal and state agencies, and consumer advocacy groups. The focus of today’s meeting is consent management capabilities in “cutting-edge” technologies with potential for use within or alongside a variety of health systems. Much of the discussion and questions raised involved technical issues and functionality, but overall seemed equally if not more concerned with practical or policy issues related to honoring or enforcing consent directives. After the initial presentations and testimony by several vendors and other guest panelists, several participants noted that the set of practice experience anyone has in managing consent for health record data is limited by the fact that in most common situations HIPAA and other relevant laws permit disclosure without consent, so capturing and honoring consent is not a requirement per se for the most frequently encountered uses of the data. Some of the practicing physicians in attendance raised the very practical consideration that when treating patients, you want to know as much as possible about the patient in order to provide proper care, and especially doctors want and need to know all the medications someone is taking. From this standpoint, fine-grained consent may be at odds with achieving health care outcomes.

Other implementation-level considerations raised during the meeting — which may or may not have technical solutions — include the need to propagate consent preferences across a potentially widely distributed set of health records for a given patient that may be stored in different electronic health record systems or health databases. A similar policy and enforcement issue is how, once disclosure is made to an authorized party consistent with consent directives, to ensure that the copy of the data now in the possession of the authorized requester is handled according to the same consent preferences going forward, particularly for re-disclosure. These two issues converge in scenarios where patient record data has been appropriately disclosed at one point in time, and then the patient subsequently changes their consent in a way that effectively revokes the permission to disclose after the disclosure has happened. For individuals who may have health record information in multiple locations, coordinating or synchronizing consent among databases also raises the potential for race conditions or conflicts (such as consent for a particular set of information granted in one location, but withheld in another) that will need to be reconciled in order for a new request for the patient’s information to be handled appropriately. The basic assumption underlying the NHIN and other health information exchanges that health record data will be managed at the source — meaning within the health care environment — rather than centrally, makes the effective distribution of consent information extremely difficult to manage.

While the context for consent implied during most of the discussion involved granular control over subsets of data contained in an electronic health record, it didn’t seem to be lost on anyone that capturing and managing consent at this level is not as simple as just offering categories of data to patients against which they can record their preferences. One astute questioner raised the issue of the “inference problem” that exists wherever a piece of data, if disclosed, might allow the viewer to come to a conclusion about a condition or course of treatment that a patient had, even if they had asked to have that information withheld. Common examples include masking key diagnosis or treatment information from the record, but not masking prescription medications associated with the course of treatment, allowing someone to work backwards from the prescription to infer the condition for which it was prescribed. Similar inference problems might stem from knowing what provider (or what practice) treated a patient.

Comment on this Post

Leave a comment:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: