The digital identity of patients will come to the fore as the nationwide health information network (NwHIN) takes practical steps to support care coordination, patient engagement and quality transparency. These changes in health care delivery are the essential foundation for cost containment and arguably the essence of Meaningful Use.
Stage 2, as proposed, is a giant step toward care coordination and patient engagement. The focus on Direct and meeting the patient and doctor where they are – on the Internet – rather than where they might be (HIEs and PHRs) is both practical and empowering. But, what does “the patient” mean in a digital, networked system where patient identity is not always based on face-to-face encounters and snail-mail?
I doubt that anyone is arguing for biometric patient passports as a prerequisite for medical consultation.
The practical aspects of identifying the patient online can be seen in light of the Stage 2 mandate for Direct messaging across institutions and with the patient. Let’s imagine a paperless, NwHIN, version of today’s Release Of Information (ROI) request that enables one doctor to send records to an unaffiliated doctor under HIPAA and with informed patient consent.
First, today’s paper version:
- The sending institution has identified the patient in-person and has no need to ask for a biometric or secure ID
- The ROI form is presented to the patient by the sending provider
- The destination of the records does not need to be a HIPAA-covered entity or anyone in particular as long as they have a postal address.
- The health records to be sent identify the patient by the name and DOB they chose to use to receive care
Then, consider these 4 steps, without paper, in a Direct-enabled EHR:
- The patient is handed a one-time password and asked to sign-in to the provider portal and change it immediately
- The patient signs into the provider’s portal with a web browser and sees a digitized ROI form
- The patient enters any Direct-compatible email address – one’s own, a doctor’s, or anyone else
- The health records are sent via Direct message and identify the patient by name, DOB and maybe the patient’s Direct email address
This traditional ROI example introduces no additional burden on either the provider institution or the patient and does not expose the patient to any additional identity scrutiny. The patient remains in control of the network’s ability to correlate activity across different providers. The secure Direct transfer from sending provider to the recipient preserves the authenticity of the health records. The patient now has the ability to trigger a transmission of records from any web browser including a web browser in the waiting room of a new practice. The sending practice has met the essential communication requirements of Stage 2 MU.
This simple example lacks a few features. It does not handle the case where the patient is pill-shopping for narcotics by visiting multiple doctors using different identities. It does not guarantee that a centralized registry can aggregate health records and claims across multiple providers, unless the patient chooses to use the same Direct email address for all services.
Automated transfers and queries can be handled with some further enhancements. In the “unconscious patient” scenario, a patient is unable or unwilling to sign-in to another provider’s web portal and provide ROI consent. This seems to be the driving force for DirectTRUST.org to enable Direct messages under the HIPAA treatment exemption.
Finally, Direct and a portal alone do not allow the receiving doctor to query the sending doctor for updates to the health record without either bothering the patient or by invoking a HIPAA exemption troubling to privacy advocates and some institutions. This last case, the case most often cited in favor of HIEs, is easily handled without additional privacy issues, by adding OAuth capability to the sending provider portal ROI function. Using OAuth, the patient can enable automatic query of the provider portal by another, trusted institution.
The Stage 2 proposal establishes a baseline of simplicity and patient privacy rights enabled by the combination of Direct emails and OAuth-enabled provider portals. Patient identity (their Direct email address) can and should remain voluntary in healthcare just as it is voluntary on the Internet at-large.
Adrian Gropper, MD is a founder of MedCommons and consulting on health services strategy at HealthURL.com. He is driven by the vision of doctors and patients collaborating around shared health records on the Web.