12 research outputs found

    Legal Solutions in Health Reform: Privacy and Health Information Technology

    Get PDF
    Identifies gaps in the federal health privacy standard and proposes options for strengthening the legal framework for privacy protections in order to build public trust in health information technology. Presents arguments for and against each option

    Privacy and Health Information Technology

    Get PDF
    The increased use of health information technology (health IT) is a common element of nearly every health reform proposal because it has the potential to decrease costs, improve health outcomes, coordinate care, and improve public health. However, it raises concerns about security and privacy of medical information. This paper examines some of the “gaps” in privacy protections that arise out of the current federal health privacy standard, the Health Insurance Portability and Accountability (HIPAA) Privacy Rule, the main federal law which governs the use and disclosure of health information. Additionally, it puts forth a range of possible solutions, accompanied by arguments for and against each. The solutions provide some options for strengthening the current legal framework of privacy protections in order to build public trust in health IT and facilitate its use for health reform. The American Recovery and Reinvestment Act (ARRA) enacted in February 2009 includes a number of changes to HIPAA and its regulations, and those changes are clearly noted among the list of solutions (and ARRA is indicated in the Executive Summary and paper where the Act has a relevant provision)

    The Impact of Federal Stimulus Efforts on the Privacy and Security of Health Information in California

    Get PDF
    Examines how the 2009 stimulus bill strengthens laws protecting patients' privacy in some areas while gaps remain in others. Discusses types of patients and information protected; rules for access, use, or disclosure; patients' rights; and enforcement

    Fine Print: Rules For Exchanging Behavioral Health Information In California

    Get PDF
    Integration of physical and behavioral health care, which is essential to achieving the Triple Aim, requires the exchange of sensitive patient information. Health care providers, health plans, and public agencies on all sides of behavioral health integration efforts report difficulties sharing critical information. Challenges include:Cost of adopting and maintaining associated health information technologyFederal and state law confidentiality requirementsDisparate electronic health record (EHR) systems that do not easily "talk" with one anotherAn entrenched culture of separate systems unaccustomed to working together as one care teamThe report describes federal and California laws that control the exchange of behavioral health information. It also profiles three local initiatives that enable sharing of behavioral health data for care coordination and describes lessons learned through these efforts.Finally, the report offers possible avenues for clarification and interpretation of legal requirements that could facilitate better integration of behavioral and physical health care and information exchange

    A Belmont Report for Health Data

    No full text

    Development of a Privacy and Security Policy Framework for a Multistate Comparative Effectiveness Research Network

    No full text
    Comparative effectiveness research (CER) conducted in distributed research networks (DRNs) is subject to different state laws and regulations as well as institution-specific policies intended to protect privacy and security of health information. The goal of the Scalable National Network for Effectiveness Research (SCANNER) project is to develop and demonstrate a scalable, flexible technical infrastructure for DRNs that enables near real-time CER consistent with privacy and security laws and best practices. This investigation began with an analysis of privacy and security laws and state health information exchange (HIE) guidelines applicable to SCANNER participants from California, Illinois, Massachusetts, and the Federal Veteran's Administration. A 7-member expert panel of policy and technical experts reviewed the analysis and gave input into the framework during 5 meetings held in 2011-2012. The state/federal guidelines were applied to 3 CER use cases: safety of new oral hematologic medications; medication therapy management for patients with diabetes and hypertension; and informational interventions for providers in the treatment of acute respiratory infections. The policy framework provides flexibility, beginning with a use-case approach rather than a one-size-fits-all approach. The policies may vary depending on the type of patient data shared (aggregate counts, deidentified, limited, and fully identified datasets) and the flow of data. The types of agreements necessary for a DRN may include a network-level and data use agreements. The need for flexibility in the development and implementation of policies must be balanced with responsibilities of data stewardship
    corecore