Protecting Patient Privacy: Strategies for Regulating Electronic Health Records Exchange

The report offers policymakers 10 recommendations to protect patient privacy as New York state develops a centralized system for sharing electronic medical records. Those recommendations include:Require that the electronic systems employed by HIEs have the capability to sort and segregate medical information in order to comply with guaranteed privacy protections of New York and federal law. Presently, they do not.Offer patients the right to opt-out of the system altogether. Currently, people's records can be uploaded to the system without their consent.Require that patient consent forms offer clear information-sharing options. The forms should give patients three options: to opt-in and allow providers access to their electronic medical records, to opt-out except in the event of a medical emergency, or to opt-out altogether.Prohibit and sanction the misuse of medical information. New York must protect patients from potential bad actors--that small minority of providers who may abuse information out of fear, prejudice or malice.Prohibit the health information-sharing networks from selling data. The State Legislature should pass legislation prohibiting the networks from selling patients' private health information

Giving patients granular control of personal health information: Using an ethics ‘Points to Consider’ to inform informatics system designers

Objective: There are benefits and risks of giving patients more granular control of their personal health information in electronic health record (EHR) systems. When designing EHR systems and policies, informaticists and system developers must balance these benefits and risks. Ethical considerations should be an explicit part of this balancing. Our objective was to develop a structured ethics framework to accomplish this. Methods: We reviewed existing literature on the ethical and policy issues, developed an ethics framework called a “Points to Consider” (P2C) document, and convened a national expert panel to review and critique the P2C. Results: We developed the P2C to aid informaticists designing an advanced query tool for an electronic health record (EHR) system in Indianapolis. The P2C consists of six questions (“Points”) that frame important ethical issues, apply accepted principles of bioethics and Fair Information Practices, comment on how questions might be answered, and address implications for patient care. Discussion: The P2C is intended to clarify whatis at stake when designers try to accommodate potentially competing ethical commitments and logistical realities. The P2C was developed to guide informaticists who were designing a query tool in an existing EHR that would permit patient granular control. While consideration of ethical issues is coming to the forefront of medical informatics design and development practices, more reflection is needed to facilitate optimal collaboration between designers and ethicists. This report contributes to that discussion

How Bioethics Principles Can Aid Design of Electronic Health Records to Accommodate Patient Granular Control

Ethics should guide the design of electronic health records (EHR), and recognized principles of bioethics can play an important role. This approach was adopted recently by a team of informaticists designing and testing a system where patients exert granular control over who views their personal health information. While this method of building ethics in from the start of the design process has significant benefits, questions remain about how useful the application of bioethics principles can be in this process, especially when principles conflict. For instance, while the ethical principle of respect for autonomy supports a robust system of granular control, the principles of beneficence and non-maleficence counsel restraint due to the danger of patients being harmed by restrictions on provider access to data. Conflict between principles has long been recognized by ethicists and has even motivated attacks on approaches that state and apply principles. In this paper we show how using ethical principles can help in the design of EHRs by first, explaining how ethical principles can and should be used generally, and then by, discuss how attention to details in specific cases can show that the tension between principles is not as bad as it initially appeared. We conclude by suggesting further ways in which the application of these (and other) principles can add value to the ongoing discussion of patient involvement in their health care. This is a new approach to linking principles to informatics design that we expect will stimulate further interest

Points to consider in ethically constructing patient-controlled electronic health records

Patient advocates and leaders in informatics have long proposed that patients should have greater ability to control the information in their electronic health record (EHR), including how it can be accessed by their health care providers. The value of such “granular” control, as it has been termed, has been supported prominently in an influential report by the President’s Council of Advisors on Science and Technology (PCAST). Recently, the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) funded several projects to study key components of EHR systems, including exploring ways to allow granular control. This “Points to Consider” document provides an overview of the benefits, risks and challenges of granular control of EHRs; a review of the key ethical principles, values, and Fair Information Practices that ought to guide development of an EHR that accommodates granular control, and seven detailed Points to Consider to guide decision making.Award No: 90HT0054/01, a cooperative agreement program from the US Department of Health and Human Services, Office of the National Coordinator for Health IT to Indiana Health Information Technology, Inc. (IHIT) under the State HIE – Challenge Grant Program to the Indiana University School of Medicine and Regenstrief Institute, Inc

Data Segmentation in Electronic Health Information Exchange: Policy Considerations and Analysis

The issue of whether and, if so, to what extent patients should have control over the sharing or withholding of their health information represents one of the foremost policy challenges related to electronic health information exchange. It is widely acknowledged that patients\u27 health information should flow where and when it is needed to support the provision of appropriate and high-quality care. Equally significant, however, is the notion that patients want their needs and preferences to be considered in the determination of what information is shared with other parties, for what purposes, and under what conditions. Some patients may prefer to withhold or sequester certain elements of health information, often when it is deemed by them (or on their behalf) to be sensitive, whereas others may feel strongly that all of their health information should be shared under any circumstance. This discussion raises the issue of data segmentation, which we define for the purposes of this paper as the process of sequestering from capture, access or view certain data elements that are perceived by a legal entity, institution, organization, or individual as being undesirable to share. This whitepaper explores key components of data segmentation, circumstances for its use, associated benefits and challenges, various applied approaches, and the current legal environment shaping these endeavors

Patient Preferences in Controlling Access to Their Electronic Health Records: a Prospective Cohort Study in Primary Care

Introduction: Previous studies have measured individuals’ willingness to share personal information stored in electronic health records (EHRs) with health care providers, but none has measured preferences among patients when they are allowed to determine the parameters of provider access. Methods: Patients were given the ability to control access by doctors, nurses, and other staff in a primary care clinic to personal information stored in an EHR. Patients could restrict access to all personal data or to specific types of sensitive information, and could restrict access for a specific time period. Patients also completed a survey regarding their understanding of and opinions regarding the process. Results: Of 139 eligible patients who were approached, 105 (75.5 %) were enrolled, and preferences were collected from all 105 (100 %). Sixty patients (57 %) did not restrict access for any providers. Of the 45 patients (43 %) who chose to limit the access of at least one provider, 36 restricted access only to all personal information in the EHR, while nine restricted access of some providers to a subset of the their personal information. Thirty-four (32.3 %) patients blocked access to all personal information by all doctors, nurses, and/or other staff, 26 (24.8 %) blocked access by all doctors and/or nurses, and five (4.8 %) denied access to all doctors, nurses, and staff. Conclusions: A significant minority of patients chose to restrict access by their primary care providers to personal information contained in an EHR, and few chose to restrict access to specific types of information. More research is needed to identify patient goals and understanding of the implications when facing decisions of this sort, and to identify the impact of patient education regarding information contained in EHRs and their use in the clinical care settin

The Health Insurance Portability and Accountability Act and its Impact on Privacy and Confidentiality in Healthcare

The world of healthcare and technology has continued to grow and expand into the future while HIPAA (the Health Insurance Portability and Accountability Act), the foundational patient privacy law in the United States of America, is attempting to keep up with this new world. This thesis reviews HIPAA and other health-related laws necessary to understanding patient privacy. It analyzes peer-reviewed studies on patient confidentiality and HIPAA to elicit the patient’s and provider’s opinion on HIPAA and patient confidentiality. Lastly, the current challenges of patient confidentiality and HIPAA are discussed, and potential solutions are suggested to improve these issues

Authorized Access and the Challenges of Health Information Systems

The need for an interconnected health network has reached its peak. Using electronic health records dramatically increases the quality of care for patients and the efficiency of the health care systems. With the rapid development and integration of health care technology, standardization and interoperability has become a paramount problem. Looking at electronic health systems independently presents an array of security related issues, which are then compounded as they are connected together. This paper focuses the issues surrounding authorized access systems used within these networks and solutions to bridge the gap that currently exists

Balancing patient control and practical access policy for electronic health records via blockchain technology

Electronic health records (EHRs) have revolutionized the health information technology domain, as patient data can be easily stored and accessed within and among medical institutions. However, in working towards nationwide patient engagement and interoperability goals, recent literature adopts a very patient-centric model---patients own their universal, holistic medical records and control exactly who can access their health data. I contend that this approach is largely impractical for healthcare workflows, where many separate providers require access to health records for care delivery. My work investigates the potential of a blockchain network to balance patient control and provider accessibility with a two-fold approach. First, I conduct a survey investigation to identify patient concerns and determine the level of control patients would like over their health information. Second, I implement a blockchain network prototype to address the spectrum of patient control preferences and automate practical access policy. There are conflicting demands amongst patients and providers for EHR access---privacy versus flexibility. Yet, I find blockchain technology, when manipulated to model access states, automate an organizational role-based access scheme, and provide an immutable history of behavior in the network, to be a very plausible solution for balancing patient desires and provider needs. My approach is, to my knowledge, the first example of blockchain\u27s use for less patient-centric, nudge theory-based EHR access control, an idea that could align access control interests as academics, the government, and the healthcare industry make strides towards interoperable, universal patient records