The President’s Council of Scientific Advisors (PCAST) report on health care IT points out that “A patient cannot make meaningful privacy choices unless he or she understands the flows and uses of information and can therefore make informed choices. That is not the reality today… While facetoface counseling on privacy choices should be available whenever choice is either required by law, policy or practice, most patients will probably educate themselves on the issues and make privacy choices through a web interface, where they will also be able to change their choices at any time… An important point is that, when patients have a meaningful opportunity to choose, a patient’s choices will be persistent, that is, continuing until changed. Most patients ideally will have elected privacy choices at a time when they are healthy and competent. This is truer to the principal of informed consent than is a rushed signature at thetime of a medical emergency, or when the patient’s physical or mental competency is compromised.”[i]
We have developed a proof of concept prototype (http://sourceforge.net/projects/kaironconsents/) for such a patient privacy preference management system that could be implemented nationwide.
Our proposed system would:
- Allow a patient (or designated proxies) to state and modify personal privacy preferences at any time, anywhere, via a web interface. The patient would maintain a single set of preferences, applicable anywhere.
- Provide a single interface for record holders (such as clinics, hospitals, the VA) to request a patient’s most current preference information.
- Define (and help manage) categories such as primary care physician, the PCP’s network of clinical colleagues (e.g., referrals, staff at the primary care clinic, physicians at affiliated hospitals). These categories provide standard profiles for user interfaces, external databases, and enforcement. They remain usable despite personnel changes at those institutions – in effect, they are role-based.
- Allow a patient to designate providers to whom various releases are permitted, using the above categories (e.g., clinic staff may receive everything except mental health info, for treatment purposes).
- Collapse the patient’s preferences into machine and human readable statements that apply only to a specific request. That is, the record holder would not have to process irrelevant rules in order to determine whether a specific request should be granted. We use a rules based reasoning engine that outputs XACML, a standard access-control language.
- Provide a persistent record for the patient or privacy staff to review to determine who has asked for which of their records, for what purpose.
The primary externally visible innovations we provide are ubiquitous access, and reusable generalized concepts for expressing patient preferences. Our design lets the patient choose among Consent services, and lets components of the consent system be supplied by diverse software vendors, HIEs, and institutions. The system illustrates how the industry can communicate patient preferences efficiently and accurately to support electronic exchange of health information among diverse healthcare organizations and patients in nationwide health information exchange.
We welcome discussion of our work with other interested parties. Please contact firstname.lastname@example.org.
Jean Stanford, Peter Mork, PhD, Arnon Rosenthal, PhD, are part of The MITRE Corporation, located in Bedford, MA.