130 likes | 231 Vues
This study analyzes the implementation of fair information practices and consent options in health information exchange (HIE) across the 50 US states, based on the principles of transparency, individual choice, data quality, safeguards, and accountability. The research evaluates the diverse approaches to individual access, correction, and consent limitations, highlighting the variability in adherence to these principles among states. The paper discusses challenges faced by policymakers in applying statutory frameworks to electronic HIE environments and addresses the potential barriers to interstate HIE. Funding for this research was provided by a Medicaid Transformation Grant to the State of Oregon. Acknowledgements to the research team and Oregon Health Authority staff for their contributions.
E N D
Getting To Yes Principles of Fair Information Practices and Consent Options for Health Information Exchange Sarah D. Young, MPH, Katharine Ryan, MPH, Jill J. Rissi, PhD, and Sherril B. Gelmon, DrPH
Terminology • Health Information Exchange (HIE) • Opt-out participation • Opt-in participation
Research Objectives and Methods • Population: The 50 US states • Analysis tool: the principles established in The Nationwide Privacy and Security Framework For Electronic Exchange of Individually Identifiable Health Information
Principles • Individual Access • Correction • Openness and Transparency • Individual Choice • Collection, Use, and Disclosure Limitation • Data Quality and Integrity • Safeguards • Accountability ONC, 2008: Nationwide Privacy and Security Framework For Electronic Exchange of Individually Identifiable Health Information
1) Individual Access; 2) Correction • Both accomplished through medical provider • Access example: MyWellport internet portal in Massachusetts
3) Transparency; 4) Individual Choice • Complementary principles • Transparent policies: HealthInfoNet in Maine • Choice of who can access but not what: Wellport in Massachusetts
5) Collection, Use, and Disclosure Limitation • Varies from one state to another • Unique limitation: explicit patient permission required at every visit in Minnesota
6) Data Quality and Integrity • Centralized HealthInfoNet in Maine • vs. • Federated MN HIE in Minnesota • Who is responsible?
7) Safeguards; 8) Accountability • Safeguards based almost entirely on federal regulations • Statutory accountability: SF 2974 passed in the 2010 Minnesota legislative session
Conclusions • The principles can be used to compare state HIEs • Adherence varies considerably among states and this could prove a barrier to interstate HIE • State policy makers face challenges in attempting to apply a paper statutory framework to an electronic environment
Funding • This paper is one of a series prepared for the Office for Oregon Health Policy and Research, Oregon Health Authority, through funding from a Medicaid Transformation Grant to the State of Oregon from the Centers for Medicare and Medicaid Services (CMS).
Acknowledgements • The research team: • Sherril B. Gelmon, DrPH • Jill Rissi, PhD • Oliver Droppers, MS, MPH • Aasta Thielke, MPH • Katharine Ryan, MPH • Elena Wiesenthal, MPH • Sarah D. Young, MPH We are grateful for the insights, advice, guidance, and expert review provided by Oregon Health Authority staff and contractors, including Sean Kolmer, MPH, and Barry Kast, MSW.