SlideShare a Scribd company logo
1 of 2
Data Reuse Agreements: A Patient Centered Approach To Clinical Data Consent Management
Title: Data Reuse Agreements: Patient Consent To Share Clinical Data
Date of Release: 4/19/2011
Case Number: 11-1601
Problem
All health care providers, payers, and institutional users of health records (including DoD, VA, CMS, NIH,
SSA,etc.) must comply with HIPAA, ARRA, and no doubt future laws to protect patient privacy. Currently,
datacan be shared for purposes predefined by law, but the patient has no effective way to restrict
thesereleases (e.g., to exclude certain recipients, or control access to especially sensitive data such as
mental health or reproductive information). Beyond this, the patient must signan explicit paper consent
form, typically agreeing to the provider’s data sharing policy terms without modification. Thereis no way
to pass written restrictions to an automated data release system, to authenticate a faxedform, to let a
patient reuse a well thought-out set of conditions, to change preferences withoutchanging the paper
copy at each provider, to indicate willingness to share their data with anyreputable researchers, to
establish a family member or trusted physician as a proxy, or to review allrequests for one’s records. As
a result, delays and denials occur, inhibiting emergency care, referrals,and research.
Objectives
• Create a template-driven user interface to capture complex patient preferences, organized by
purpose (e.g., research, emergency access), by provider type and by relationship (e.g., referral).
• Testthe user interface with MITRE staff outside the project.
• Demonstrate use of potential data sources(e.g., a registry of physicians’ credentials and on-call
substitutes, or of institutions that routinely doemergency care).
• Identify and solve thorny technical problems such as mixing patient andgovernment preferences, or
restrictions where enforcement (e.g., on free text) cannot be guaranteed.
Activities
MITRE is pioneering a mechanism (called Kairon) by which each patient has a consent ruleset, available
in one placethat describes what data may be released in what situations. The user interface for creating
the rule set encourages general, reusableconstructs, (e.g., “doctors with whom I have a treatment
relationship”). Our architecture works both intoday’s largely manual system, and with gradually
increasing automation, and permits consent management servicesproviders (perhaps the payers, major
integrated providers such as the VA, or PHR vendors) to compete for patients. We have created a
prototypeand written several papers describing the requirements and conops, a solution architecture,
anddrilling down on specific problems. We hope to transition our work to multiple sponsors (VA, DoD,
CMS,ONC, SAMHSA) and are integrating our work with other projects in the MITRE health care
ecosystem (HealthLab,MedCafe, and ESP). Our code is posted in an open-source repository.
Impact
Our work has potential application to all of MITRE's sponsors and customers involved in the collection
and release of protected health information.
This includes: the Office of the National Coordinator for Health Information Technology, the Department
of Veterans Affairs, the DoDMilitary Health System and Tricare program, the Centers for Medicare and
Medicaid Services, the Food and DrugAdministration, the National Institutes of Health, the Indian Health
System, etc.

More Related Content

What's hot

Direct Boot Camp 2 0 Federal Agency requirements for exchange via direct
Direct Boot Camp 2 0 Federal Agency requirements for exchange via directDirect Boot Camp 2 0 Federal Agency requirements for exchange via direct
Direct Boot Camp 2 0 Federal Agency requirements for exchange via direct
Brian Ahier
 
Developing a Centralized Repository Strategy: The Top Three Success Factors
Developing a Centralized Repository Strategy: The Top Three Success FactorsDeveloping a Centralized Repository Strategy: The Top Three Success Factors
Developing a Centralized Repository Strategy: The Top Three Success Factors
Kent State University
 
Direct Boot Camp 2 0 IWG Provider Directory Pilots
Direct Boot Camp 2 0 IWG Provider Directory PilotsDirect Boot Camp 2 0 IWG Provider Directory Pilots
Direct Boot Camp 2 0 IWG Provider Directory Pilots
Brian Ahier
 
Chaka Bell_Tx_Resume_4
Chaka Bell_Tx_Resume_4Chaka Bell_Tx_Resume_4
Chaka Bell_Tx_Resume_4
Charles Bell
 

What's hot (20)

Direct Boot Camp 2 0 Federal Agency requirements for exchange via direct
Direct Boot Camp 2 0 Federal Agency requirements for exchange via directDirect Boot Camp 2 0 Federal Agency requirements for exchange via direct
Direct Boot Camp 2 0 Federal Agency requirements for exchange via direct
 
Developing a Centralized Repository Strategy: The Top Three Success Factors
Developing a Centralized Repository Strategy: The Top Three Success FactorsDeveloping a Centralized Repository Strategy: The Top Three Success Factors
Developing a Centralized Repository Strategy: The Top Three Success Factors
 
Vericred
VericredVericred
Vericred
 
Cuban American Medical Society Presentation[1]
 Cuban American Medical Society Presentation[1] Cuban American Medical Society Presentation[1]
Cuban American Medical Society Presentation[1]
 
Pandemic Tech: How Emerging Technologies Can Mitigate the Impact of Covid-19 ...
Pandemic Tech: How Emerging Technologies Can Mitigate the Impact of Covid-19 ...Pandemic Tech: How Emerging Technologies Can Mitigate the Impact of Covid-19 ...
Pandemic Tech: How Emerging Technologies Can Mitigate the Impact of Covid-19 ...
 
Summary of Recommendations on Provider and Patient Identity Management
Summary of Recommendations on Provider and Patient Identity ManagementSummary of Recommendations on Provider and Patient Identity Management
Summary of Recommendations on Provider and Patient Identity Management
 
What we do
What we doWhat we do
What we do
 
Kurgan ServiceWing
Kurgan ServiceWingKurgan ServiceWing
Kurgan ServiceWing
 
IOS
IOSIOS
IOS
 
Towards an ecosystem for privacy respecting analysis of distributed health data
Towards an ecosystem for privacy respecting analysis of distributed health data Towards an ecosystem for privacy respecting analysis of distributed health data
Towards an ecosystem for privacy respecting analysis of distributed health data
 
Kraaij infrastructures for secure data analytics def brussel 2017
Kraaij infrastructures for secure data analytics def brussel 2017Kraaij infrastructures for secure data analytics def brussel 2017
Kraaij infrastructures for secure data analytics def brussel 2017
 
Direct Boot Camp 2 0 IWG Provider Directory Pilots
Direct Boot Camp 2 0 IWG Provider Directory PilotsDirect Boot Camp 2 0 IWG Provider Directory Pilots
Direct Boot Camp 2 0 IWG Provider Directory Pilots
 
Interoperability in health care information systems
Interoperability in health care information systemsInteroperability in health care information systems
Interoperability in health care information systems
 
Blockchain and Patient-Centered Outcomes Measures - Goldwater
Blockchain and Patient-Centered Outcomes Measures - GoldwaterBlockchain and Patient-Centered Outcomes Measures - Goldwater
Blockchain and Patient-Centered Outcomes Measures - Goldwater
 
Healthcare and Hospital Contract Management
Healthcare and Hospital Contract ManagementHealthcare and Hospital Contract Management
Healthcare and Hospital Contract Management
 
Chaka Bell_Tx_Resume_4
Chaka Bell_Tx_Resume_4Chaka Bell_Tx_Resume_4
Chaka Bell_Tx_Resume_4
 
Tracking Mother-Infant Pairs across the Cascade of the Prevention of Mother-t...
Tracking Mother-Infant Pairs across the Cascade of the Prevention of Mother-t...Tracking Mother-Infant Pairs across the Cascade of the Prevention of Mother-t...
Tracking Mother-Infant Pairs across the Cascade of the Prevention of Mother-t...
 
How much is that data in the window : Healthcare data valuation
How much is that data in the window : Healthcare data valuationHow much is that data in the window : Healthcare data valuation
How much is that data in the window : Healthcare data valuation
 
Powerpoint contracts and liability team c
Powerpoint contracts and liability  team cPowerpoint contracts and liability  team c
Powerpoint contracts and liability team c
 
Creating a target architecture for a learning health
Creating a target architecture for a learning healthCreating a target architecture for a learning health
Creating a target architecture for a learning health
 

Viewers also liked

Research issues -usenix-v4 1 final approved for public release 5 11
Research issues -usenix-v4 1 final approved for public release 5 11Research issues -usenix-v4 1 final approved for public release 5 11
Research issues -usenix-v4 1 final approved for public release 5 11
Jeff McCloud
 
Nationwide patient centric consent mgmt - v3 approved for public release old
Nationwide patient centric consent mgmt - v3  approved for public release oldNationwide patient centric consent mgmt - v3  approved for public release old
Nationwide patient centric consent mgmt - v3 approved for public release old
Jeff McCloud
 
Enforceable Specification of Privacy
Enforceable Specification of PrivacyEnforceable Specification of Privacy
Enforceable Specification of Privacy
Jeff McCloud
 
11 0953 kairon - slide deck for source forge final 2 11
11 0953 kairon - slide deck for source forge  final 2 1111 0953 kairon - slide deck for source forge  final 2 11
11 0953 kairon - slide deck for source forge final 2 11
Jeff McCloud
 
Data Reuse Agreements
Data Reuse Agreements Data Reuse Agreements
Data Reuse Agreements
Jeff McCloud
 
Himss13 patient consent v3 final
Himss13 patient consent v3 finalHimss13 patient consent v3 final
Himss13 patient consent v3 final
Jeff McCloud
 

Viewers also liked (6)

Research issues -usenix-v4 1 final approved for public release 5 11
Research issues -usenix-v4 1 final approved for public release 5 11Research issues -usenix-v4 1 final approved for public release 5 11
Research issues -usenix-v4 1 final approved for public release 5 11
 
Nationwide patient centric consent mgmt - v3 approved for public release old
Nationwide patient centric consent mgmt - v3  approved for public release oldNationwide patient centric consent mgmt - v3  approved for public release old
Nationwide patient centric consent mgmt - v3 approved for public release old
 
Enforceable Specification of Privacy
Enforceable Specification of PrivacyEnforceable Specification of Privacy
Enforceable Specification of Privacy
 
11 0953 kairon - slide deck for source forge final 2 11
11 0953 kairon - slide deck for source forge  final 2 1111 0953 kairon - slide deck for source forge  final 2 11
11 0953 kairon - slide deck for source forge final 2 11
 
Data Reuse Agreements
Data Reuse Agreements Data Reuse Agreements
Data Reuse Agreements
 
Himss13 patient consent v3 final
Himss13 patient consent v3 finalHimss13 patient consent v3 final
Himss13 patient consent v3 final
 

Similar to Data Reuse Agreements

Suggested ResourcesThe resources provided here are optional. You.docx
Suggested ResourcesThe resources provided here are optional. You.docxSuggested ResourcesThe resources provided here are optional. You.docx
Suggested ResourcesThe resources provided here are optional. You.docx
deanmtaylor1545
 
A Case Study for Blockchain in Healthcare MedR.docx
A Case Study for Blockchain in Healthcare MedR.docxA Case Study for Blockchain in Healthcare MedR.docx
A Case Study for Blockchain in Healthcare MedR.docx
ransayo
 
eBusinessinHealthcare_Final
eBusinessinHealthcare_FinaleBusinessinHealthcare_Final
eBusinessinHealthcare_Final
Heather Tomlin
 
FACULTY OF HIGHER EDUCATION Individual.docx
FACULTY OF HIGHER EDUCATION         Individual.docxFACULTY OF HIGHER EDUCATION         Individual.docx
FACULTY OF HIGHER EDUCATION Individual.docx
mecklenburgstrelitzh
 
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdf
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdfMachine Intellegance Multilayer PerceptronsFunction Approximation.pdf
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdf
arjunanenterprises
 
Implementing A Certified Electronic Health Record System
Implementing A Certified Electronic Health Record SystemImplementing A Certified Electronic Health Record System
Implementing A Certified Electronic Health Record System
Crystal Torres
 
P17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably shareP17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably share
devid8
 
P17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably shareP17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably share
devid8
 
Healthcare by Any Other Name - Centricity Business Whitepaper
Healthcare by Any Other Name - Centricity Business WhitepaperHealthcare by Any Other Name - Centricity Business Whitepaper
Healthcare by Any Other Name - Centricity Business Whitepaper
GE Healthcare - IT
 
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdfhttpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
daniamantileonismc36
 
Discussion for Week 4SubscribeTopic  Explain the data i.docx
Discussion for Week 4SubscribeTopic  Explain the data i.docxDiscussion for Week 4SubscribeTopic  Explain the data i.docx
Discussion for Week 4SubscribeTopic  Explain the data i.docx
madlynplamondon
 
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
rhetttrevannion
 

Similar to Data Reuse Agreements (20)

Suggested ResourcesThe resources provided here are optional. You.docx
Suggested ResourcesThe resources provided here are optional. You.docxSuggested ResourcesThe resources provided here are optional. You.docx
Suggested ResourcesThe resources provided here are optional. You.docx
 
A Case Study for Blockchain in Healthcare MedR.docx
A Case Study for Blockchain in Healthcare MedR.docxA Case Study for Blockchain in Healthcare MedR.docx
A Case Study for Blockchain in Healthcare MedR.docx
 
eBusinessinHealthcare_Final
eBusinessinHealthcare_FinaleBusinessinHealthcare_Final
eBusinessinHealthcare_Final
 
Big Data in Healthcare -- What Does it Mean?
Big Data in Healthcare -- What Does it Mean?Big Data in Healthcare -- What Does it Mean?
Big Data in Healthcare -- What Does it Mean?
 
Data-driven Healthcare for Providers
Data-driven Healthcare for ProvidersData-driven Healthcare for Providers
Data-driven Healthcare for Providers
 
Data driven Healthcare for Providers
Data driven Healthcare for ProvidersData driven Healthcare for Providers
Data driven Healthcare for Providers
 
FACULTY OF HIGHER EDUCATION Individual.docx
FACULTY OF HIGHER EDUCATION         Individual.docxFACULTY OF HIGHER EDUCATION         Individual.docx
FACULTY OF HIGHER EDUCATION Individual.docx
 
Value-Based Care and Healthcare Consumerism: Opportunities for Health IT and ...
Value-Based Care and Healthcare Consumerism: Opportunities for Health IT and ...Value-Based Care and Healthcare Consumerism: Opportunities for Health IT and ...
Value-Based Care and Healthcare Consumerism: Opportunities for Health IT and ...
 
Data-driven Healthcare for Payers
Data-driven Healthcare for PayersData-driven Healthcare for Payers
Data-driven Healthcare for Payers
 
HARMAN Digital Transformation and Technology Solutions
HARMAN Digital Transformation and Technology SolutionsHARMAN Digital Transformation and Technology Solutions
HARMAN Digital Transformation and Technology Solutions
 
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdf
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdfMachine Intellegance Multilayer PerceptronsFunction Approximation.pdf
Machine Intellegance Multilayer PerceptronsFunction Approximation.pdf
 
Implementing A Certified Electronic Health Record System
Implementing A Certified Electronic Health Record SystemImplementing A Certified Electronic Health Record System
Implementing A Certified Electronic Health Record System
 
P17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably shareP17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably share
 
P17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably shareP17 fhir chain- applying blockchain to securely and scalably share
P17 fhir chain- applying blockchain to securely and scalably share
 
Healthcare by Any Other Name - Centricity Business Whitepaper
Healthcare by Any Other Name - Centricity Business WhitepaperHealthcare by Any Other Name - Centricity Business Whitepaper
Healthcare by Any Other Name - Centricity Business Whitepaper
 
Digital Pharma
Digital PharmaDigital Pharma
Digital Pharma
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR System
 
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdfhttpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
httpimgur.comakA1IGplaese zoom in to read the question. thank.pdf
 
Discussion for Week 4SubscribeTopic  Explain the data i.docx
Discussion for Week 4SubscribeTopic  Explain the data i.docxDiscussion for Week 4SubscribeTopic  Explain the data i.docx
Discussion for Week 4SubscribeTopic  Explain the data i.docx
 
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
4 hours agoAmy MillerRE Discussion - Week 7CollapseNU.docx
 

Data Reuse Agreements

  • 1. Data Reuse Agreements: A Patient Centered Approach To Clinical Data Consent Management Title: Data Reuse Agreements: Patient Consent To Share Clinical Data Date of Release: 4/19/2011 Case Number: 11-1601 Problem All health care providers, payers, and institutional users of health records (including DoD, VA, CMS, NIH, SSA,etc.) must comply with HIPAA, ARRA, and no doubt future laws to protect patient privacy. Currently, datacan be shared for purposes predefined by law, but the patient has no effective way to restrict thesereleases (e.g., to exclude certain recipients, or control access to especially sensitive data such as mental health or reproductive information). Beyond this, the patient must signan explicit paper consent form, typically agreeing to the provider’s data sharing policy terms without modification. Thereis no way to pass written restrictions to an automated data release system, to authenticate a faxedform, to let a patient reuse a well thought-out set of conditions, to change preferences withoutchanging the paper copy at each provider, to indicate willingness to share their data with anyreputable researchers, to establish a family member or trusted physician as a proxy, or to review allrequests for one’s records. As a result, delays and denials occur, inhibiting emergency care, referrals,and research. Objectives • Create a template-driven user interface to capture complex patient preferences, organized by purpose (e.g., research, emergency access), by provider type and by relationship (e.g., referral). • Testthe user interface with MITRE staff outside the project. • Demonstrate use of potential data sources(e.g., a registry of physicians’ credentials and on-call substitutes, or of institutions that routinely doemergency care). • Identify and solve thorny technical problems such as mixing patient andgovernment preferences, or restrictions where enforcement (e.g., on free text) cannot be guaranteed. Activities MITRE is pioneering a mechanism (called Kairon) by which each patient has a consent ruleset, available in one placethat describes what data may be released in what situations. The user interface for creating the rule set encourages general, reusableconstructs, (e.g., “doctors with whom I have a treatment relationship”). Our architecture works both intoday’s largely manual system, and with gradually increasing automation, and permits consent management servicesproviders (perhaps the payers, major integrated providers such as the VA, or PHR vendors) to compete for patients. We have created a prototypeand written several papers describing the requirements and conops, a solution architecture, anddrilling down on specific problems. We hope to transition our work to multiple sponsors (VA, DoD, CMS,ONC, SAMHSA) and are integrating our work with other projects in the MITRE health care ecosystem (HealthLab,MedCafe, and ESP). Our code is posted in an open-source repository. Impact
  • 2. Our work has potential application to all of MITRE's sponsors and customers involved in the collection and release of protected health information. This includes: the Office of the National Coordinator for Health Information Technology, the Department of Veterans Affairs, the DoDMilitary Health System and Tricare program, the Centers for Medicare and Medicaid Services, the Food and DrugAdministration, the National Institutes of Health, the Indian Health System, etc.