• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Interconnected Health 2012 Examining The Privacy Considerations For Secondary Uses Of Health Information
 

Interconnected Health 2012 Examining The Privacy Considerations For Secondary Uses Of Health Information

on

  • 200 views

Included in ARRA legislation, the Health Information Technology for Economic and Clinical Health (HITECH) Act has incentivized the health care industry to adopt the use of electronic health records ...

Included in ARRA legislation, the Health Information Technology for Economic and Clinical Health (HITECH) Act has incentivized the health care industry to adopt the use of electronic health records (EHR) for leveraging technological innovations to improve patient outcomes. While there are many benefits to health information technology (HIT), privacy advocates are concerned EHR data may be aggregated and used for unintended or unspecified purposes.

Statistics

Views

Total Views
200
Views on SlideShare
196
Embed Views
4

Actions

Likes
0
Downloads
5
Comments
0

1 Embed 4

http://www.linkedin.com 4

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Interconnected Health 2012 Examining The Privacy Considerations For Secondary Uses Of Health Information Interconnected Health 2012 Examining The Privacy Considerations For Secondary Uses Of Health Information Presentation Transcript

    • Examining the PrivacyConsiderations forSecondary Uses of HealthInformationLinda D. KoontzAlison R. Brunelle Monday April 2, 2012 | Track 2 | 3:15 PM to 3:45 PM For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • “Privacy is the claim of individuals,groups, or institutions to determine forthemselves when, how, and to whatextent information about them iscommunicated to others.” Alan Westin, Author & Scholar (1967)Source: Westin, Alan, 1967, Privacy and Freedom, New York: Athenaeum. Page 2 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • Privacy Is Not Synonymous With SecurityPrivacy Assures that information Security Guards against is disclosed improper only to informationFair Information Practice authorized modification individuals orPrinciples (FIPPs) and systems destructionCollection LimitationData Quality Confidentiality IntegrityPurpose SpecificationUse LimitationSecurity SafeguardsOpenness AvailabilityIndividual ParticipationAccountability Assures that information systems—and the data contained in them—are available to authorized users when neededSource: The MITRE Corporation, Systems Engineering at MITRE: Privacy Systems Engineering Guide. Page 3 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • What Are Secondary Uses of Data (SUD)?Outcome Analysis Data Quality Assurance Research Public Health and Reporting Commercialization Page 4 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • Identifiable Data Vs. De-Identified Data ■ There are no restrictions on the use or disclosure of de- Dates (e.g., DOB, Names Geographic Location Attributes DOD, Admission & identified health information. Discharge) ■ Under the HIPAA Privacy Medical Record & Health Plan Rule: Phone Numbers & SSN Beneficiary, Account, Email Addresses Certificate/License Numbers – Removing all 18 elements that could be used to identify the Vehicle Identifiers, individual or the individuals Serial Numbers, License Plate Device identifiers & Serial Numbers Web URLs, IP Address relatives, employers, or numbers household members; or – Using statistical methods toBiometric Identifiers, Full-face Including Photographic Images Any Other Unique Identifying Number, establish de-identification Fingerprints & & Any Comparable Voiceprints Images Characteristic, Code instead of removing all 18 identifiers. Source: U.S. Department of Health and Human Services (HHS), National Institutes of Health (NIH): Privacy Rule and Research. Page 5 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • What are the Privacy Considerations?• Retaining broad • Acknowledging • Meeting the rights to data in data “Common Rule” their Business commercialization requirements for Associate as an avenue human subjects Agreements towards financial research. (BAAs). sustainability.Electronic Health Health InformationRecord (EHR) and Exchange (HIE) Research InstitutesElectronic Medical OrganizationsRecord (EMR) Vendors Page 6 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • Backup Page 7 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • FIPPs Principles SELC and SDLC★The collection of personal information should be limited, Design the system to use only the minimum amount of PIIshould be obtained by lawful and fair means, and, where Collection Limitation necessary to accomplish the systems purpose. The keyappropriate, with the knowledge or consent of the individual. question to ask for each field of PII is: Can the purpose of the system be served without this particular field of PII?Personal information should be relevant to the purpose for Develop the system to meet the data quality standardswhich it is collected, and should be accurate, complete, and Data Quality established by the organization.current as needed for that purpose.The purposes for the collection of personal information Develop systems that interact directly with the public suchshould be disclosed before collection and upon any change to Purpose Specification that the purpose for the collection of PII is made available.that purpose, and its use should be limited to those purposesand compatible purposes.Personal information should not be disclosed or otherwise Develop the system such that each field of PII is used only inused for other than a specified purpose without consent of Use Limitation ways that are required to accomplish the projects purpose.the individual or legal authority. Each process associated with each field of PII should be reviewed to determine whether that use directly fulfills the projects purpose. If not, the function should not be developed.Personal information should be protected with reasonable Implement information security measures for each field of PIIsecurity safeguards against risks such as loss or unauthorized Security Safeguards to prevent loss, unauthorized access, or unintended use ofaccess, destruction, use, modification, or disclosure. the PII. Use encryption, strong authentication procedures, and other security controls to make information unusable by unauthorized individuals.The public should be informed about privacy policies and Design the system to provide both a privacy and securitypractices, and individuals should have ready means of Openness statement at every entry point. Develop mechanisms tolearning about the use of personal information. provide notice to the individual at the same time and through the same method that the PII is collected; for example, if PII is collected online, notice should also be provided online at the point of collection.Individuals should have the following rights: to know about Design the system to allow identification of all PII associatedthe collection of personal information, to access that Individual Participation with an individual to allow correction of all PII, includinginformation, to request correction, and to challenge the propagating the corrected information to third parties withdenial of those rights. whom the information was shared.Individuals controlling the collection or use of personal Accountability can be encouraged, in part, by the use of auditinformation should be accountable for taking steps to ensure Accountability logs that are capable of supporting a comprehensive audit ofthe implementation of these principles. collection and use of all fields of PII to ensure that actual collection and use is consistent with the notice provided. Source: The MITRE Corporation, Systems Engineering at MITRE: Privacy Systems Engineering Guide. ★ Systems Engineering Life Cycle (SELC) and Secure/Systems Development Life Cycle (SDLC) are often used interchangeably. Page 8 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • Source: Nationwide Health Information Network. Page 9 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.
    • Source: Healthcare Information and Management Systems Society (HIMSS). Page 10 For Interconnected Health 2012 © 2012 The MITRE Corporation. All rights reserved.