TRENDING:

Getting Permission to Exchange EHRs

Report analyzes patient consent options Howard Anderson (ismg_editor) • March 25, 2010    
Getting Permission to Exchange EHRs
Giving patients control over who can access their records via Health Information Exchanges could prove vital to building public trust in the security of the emerging networks. A new federally commissioned research report outlines the options for obtaining patient consent for transmitting electronic health records via HIEs, but it stops short of endorsing any approach.

Researchers at George Washington University Medical Center prepared the report for the Office of the National Coordinator for Health Information Technology at the Department of Health and Human Services.

Carrying out a mandate in the HITECH Act, HHS recently issued grants to every state to help support HIEs.

The new report describes in great detail the options regarding patient consent for exchanging data among healthcare organizations. The options include:

  • No consent: Automatically allowing the exchange of records without patient consent and without an opt-out clause;
  • Opt-out: Offering patients only an all-inclusive opt-out option;
  • Opt-out, with exceptions: Offering varying levels of opt-outs, such as allowing only selected data to be exchanged;
  • Opt-in: Requiring that patients explicitly grant permission for the exchange of all of their information; and
  • Opt-in, with restrictions: Enabling patients to grant permission for the exchange of specific subsets of their records.

The consent model chosen can directly affect the privacy and security of personal health information, the report acknowledges.

"While this document represents a starting point for discussion related to consent, it is imperative that future deliberations are informed by further research regarding the effectiveness and impact of various consent options, consideration of the broader policy landscape and assessment of the needs of those most affected by the consent decision," the report states.

"Until the time when we are confident that we can protect health information in a systematic and thorough way, prudent use of the mechanism of consent appears to be one of the most reliable ways to pursue that goal."

Previous
Make Your Voice Heard on Privacy
Next
Information Security Agenda - Kevin Richards, President of ISSA

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

How AI Can Help Speed Up Physician Credentialing Chores
How AI Can Help Speed Up Physician Credentialing Chores
How Biden's AI Executive Order Will Affect Healthcare
How Biden's AI Executive Order Will Affect Healthcare
Stopping Cloud Workload Attacks
Stopping Cloud Workload Attacks
Good Governance: 'It's All Hygiene'
Good Governance: 'It's All Hygiene'
Mapping Access - and Attack - Paths in Active Directory
Mapping Access - and Attack - Paths in Active Directory
Why Hospitals Should Beware of Malicious AI Use
Why Hospitals Should Beware of Malicious AI Use
AI in Healthcare: The Growing Promise - and Potential Risks
AI in Healthcare: The Growing Promise - and Potential Risks
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Getting a Tighter Grip on Vendor Security Risk in Healthcare
How State Governments Can Regulate AI and Protect Privacy
How State Governments Can Regulate AI and Protect Privacy
Joe Sullivan on What CISOs Need to Know About the Uber Trial
Joe Sullivan on What CISOs Need to Know About the Uber Trial

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.