Feds Automate Sharing Of Sensitive Health Data - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Healthcare // Analytics
04:10 PM

Feds Automate Sharing Of Sensitive Health Data

Department of Health and Human Services and the Department of Veterans Affairs use new metadata technique to exchange substance abuse records without compromising patient privacy.

Uncle Sam Shares 12 Top Health Apps
Uncle Sam Shares 12 Top Health Apps
(click image for larger view and for slideshow)
Two federal departments have successfully demonstrated secure sharing of personal health information by meta-tagging it in electronic health records for special handling. The exercise was developed as part of the Data Segmentation for Privacy (DS4P) Initiative, which applies specific standards to cordon off sensitive elements of an EHR. Privacy concerns from patients and from mental health professionals, who are not eligible for Meaningful Use incentives, have long posed a stumbling block to implementing and sharing complete EHRs.

The U.S. Department of Health and Human Services (HHS) and the U.S. Department of Veterans Affairs (VA) exchanged the data following standards identified by the DS4P, which formed in response to a 2010 report from the President's Council of Advisors on Science and Technology (PCAST) that called for a "universal exchange language."

Although the VA has had other health information exchanges with other government agencies--specifically the VA and the Substance Abuse and Mental Health Services Administration (SAMHSA), a unit of HHS--this was the first time it was able to use such segmentation technology, in this case to share the substance abuse treatment record of a mock patient.

SAMHSA tagged the record with privacy metadata that electronically explained to the VA's EHR that information pertaining to treatment for substance abuse could only be used for authorized purposes and required patient consent for further disclosure, according to HHS. This privacy safeguard is expected to remove a major stumbling block to wider EHR adoption in mental health and in treatment of substance abuse and sexually transmitted diseases.

[ Looking for a PACS platform to replace an outdated system? See 9 Must-See Picture Archiving/Communication Systems. ]

"Privacy, and the protection of sensitive health information, are paramount for many patients with behavioral health conditions," SAMHSA administrator Pamela Hyde said in a press release. "The tools developed in this pilot will be critical for building trust and capacity in EHRs and health information exchanges, especially for patients with behavioral health problems."

The agencies followed standards called for in a lengthy guidance document produced by the Office of the National Coordinator for Health Information Technology (ONC), in conjunction with Health Level Seven International (HL7) and the Integrating the Healthcare Enterprise (IHE) project.

According to ONC spokesman Peter Ashkenaz, the pilot concentrated on two particular standards: HL7 Vocabularies for Privacy Metadata, and the HL7 CDA r2 base standard. The latter refers to HL7's Clinical Document Architecture.

"Data segmentation based on industry standards such as Health Level Seven make it possible for the first time to consistently apply and enforce individual privacy choices whether in the primary care physician’s office, shared with other providers, returned in reports from outside laboratories, or wherever privacy protected health information is used," said VA project lead John "Mike" Davis, security architect at the Veterans Health Administration. The DS4P project has not been without controversy, however. In early 2011, some members of PCAST called portions of the report dealing with data segmentation "fundamentally flawed" and untested in the real world.

Notably, Gartner analyst Wes Rishel and Dixie Baker, senior VP, CTO, and technical fellow at Science Applications International Corp., questioned whether PCAST endorsed a scenario in which physicians could "unlock" a specific piece of clinical data they were authorized to see, yet be prevented from incorporating it into their EHRs. This might leave them defenseless in court if a clinical decision based on the segmented data resulted in a lawsuit and a patient withdrew consent, they suggested.

InformationWeek Healthcare attempted to contact two members of PCAST for this story, but neither responded.

InformationWeek Healthcare brought together eight top IT execs to discuss BYOD, Meaningful Use, accountable care, and other contentious issues. Also in the new, all-digital CIO Roundtable issue: Why use IT systems to help cut medical costs if physicians ignore the cost of the care they provide? (Free with registration.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/26/2012 | 6:59:35 PM
re: Feds Automate Sharing Of Sensitive Health Data
I know that somewhere there are probably a great many people who view this sort of thing as a crowning achievement but, I see this as the first step in a perilous journey that will ultimately result in many people being wronged.

Government has never been a model of efficiency or security. If anything, Government - pretty much on every level of government - has proven a complete inability to secure anything. This whole EMR thing that's being forced on us is not going to end well.
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll