Feds Look to Automate Blue Button

Seek New Input on Standards, Security

By , August 14, 2012.
Feds Look to Automate Blue Button

The federal government is launching an initiative to make the increasingly popular Blue Button patient portal feature more automated. The goal is to provide patients with more ease and choices for securely downloading and transmitting their personal health information.

See Also: PHI Security: The Role of Encryption and Tokenization

The new "Automate Blue Button" initiative, spearheaded by The Office of the National Coordinator for Health IT and the Department of Veterans Affairs officially, will kick off on Aug. 15. It will debut with a webinar aimed at attracting technical experts with innovative ideas to help develop standards and pilot the emerging technology, says Doug Fridsma, ONC director of standards and interoperability and chief scientist.

The Blue Button concept, developed a few years ago by the Markle Foundation in collaboration with other groups, allows individuals to click on a button of a patient portal to securely download and store their health information, or to authorize transfer of medical data from one physician to another.

More than 1 million people currently use Blue Button, says Fridsma. Of those, about half are U.S. veterans who were among the first people offered the Blue Button service when the VA launched it two years ago as a feature on its MyHealtheVet patient portal. Other Blue Button users include Medicare beneficiaries and some individuals who have coverage provided by private insurers Aetna and UnitedHealth Group.

"Blue Button is a movement," says Fridsma. "Once people get access to their information, they want to move it and to do useful things with it," he says.

Blue Button can potentially play a much bigger role in private sector also, as the HITECH Act's Meaningful Use incentive program focuses on improving patient access to their health data, and engagement, he says.

Kickoff Effort

To emphasize the importance of the Automate Blue Button initiative, Dr. Farzad Mostashari, national coordinator for health IT, is expected to give some opening comments to webinar attendees this week to kick off the effort, says Fridsma. ONC and VA hope the webinar will be attended by technical experts and innovators that can help develop standards and pilot new Blue Button developments.

As Blue Button is built out, other functionality could include allowing patients to authorize that their health information from doctors' e-health record systems automatically be sent to the patient's own personal health records or another destination of their choosing, including provider-to-provider transmission, says Fridsma.

That sort of functionality could allow patients to easily gather all their latest health data, such as information that gets generated during a visit to an allergist, he said. "The system could be set up so that every time there's new information, you get it," he says. "Set it and forget," he says.

Other possibilities for Blue Button include patients subscribing to receive and gather from multiple sources their health data in a destination besides a personal health record, perhaps similar to how consumers can subscribe to various news feeds or podcasts on their mobile devices, Fridsma says.

New Blue Button capabilities could tap existing standards, such as specifications from the National Strategy for Trusted Identities in Cyberspace, the Direct Project, and others, he says. The purpose of the kick-off webinar this week is to get a discussion going about standards and interoperability specifications that could allow Blue Button to become more automated, yet secure.

"The goal is to have the community talk about this," he says.

Privacy First

As brainstorming discussions kick off about expanding Blue Button capabilities, security and privacy issues need to be front and center, suggests Deven McGraw, director of the Center for Democracy & Technology's Health Privacy Project.

"It will be important for the HHS Office for Civil Rights to issue guidance on how to deploy appropriate security controls for Blue Button access," says McGraw, who is also co-chair of the HIT Policy Committee's Privacy and Security Tiger Team.

For example, "patients will need to be issued credentials in order to be able to access their health information, and ideally should have a way of easily alerting providers about any errors they see in the records," she says.

Follow Marianne Kolbasuk McGee on Twitter: @HealthInfoSec

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE NetUSB Flaw Affects Router Makers

"Millions" of devices from numerous router manufacturers appear to use a third-party software...

Latest Tweets and Mentions

ARTICLE NetUSB Flaw Affects Router Makers

"Millions" of devices from numerous router manufacturers appear to use a third-party software...

The ISMG Network