One major issue facing private and public Health Information Exchanges (HIE) is how to ensure patients privacy preferences are respected by obtaining their consent before data is shared.
Today I met with a multi-disciplinary team of attorneys, vendor experts, and IT leaders to discuss BIDMC’s approach to private HIE consent.
After two hours of discussion, here’s what we agreed upon:
Patients and families should be able to control the flow of their data among institutions. The ability for the patient to chose what flows where for what purpose is “meaningful consent.”
To achieve “meaningful consent” we will ask all the patients of our 1800 BIDMC associated ambulatory clinicians to opt in for data sharing among the clinicians coordinating their care.
Patients may revoke this consent at any time.
Consent for patients under 18 years old and not emancipated will be sought from their parents. Upon turning 18, the patients themselves will select their consent preferences.
The process for sharing data will function as follows:
*Authorized clinicians with a need to know clinical information for treatment, payment or operations will electronically request a view of data from a community practice using our “magic button” protocol:
Only patients shared in common between the two organizations can be queried.
All requests will be audited.
Data will be displayed from organizations where the patient has opted in for disclosure of their information. There will not be a “break the glass” feature to override patient privacy preferences (or lack of preferences).
We feel that asking for opt in consent to disclose is the most patient centric approach to protecting privacy and today we agreed to do it for all our community practices, both private and owned.
This practice mirrors what the Massachusetts public HIE will do as it evolves from a “push” model to a “pull” model” over the next few years. Starting this month, we’ll record opt in consents at the BIDMC community level, but by 2014 all consents will be recorded at the state level.
Opt in consent to disclose with the ease of opting out at any time will work well for private and public HIEs.
John D. Halamka, MD, MS, is Chief Information Officer of Beth Israel Deaconess Medical Center, Chief Information Officer at Harvard Medical School, Chairman of the New England Healthcare Exchange Network (NEHEN), Co-Chair of the HIT Standards Committee, a full Professor at Harvard Medical School, and a practicing Emergency Physician. He’s also the author of the popular Life as a Healthcare CIO blog.
Leave a Reply