Data Safety, Consent to Release, and EMRs

According to a June 14, 2011 report by Government Health IT News, consumers’ confidence in the safety of their data in electronic health records (EHRs) is a prerequisite to the successful adoption of electronic means of recording and sharing health records. So says Dixie Baker, chair of advisory Health IT Standards Committee’s privacy and security workgroup and senior vice president and chief technology officer for health solutions for SAIC. Feeling assured that their information is safe and secure and going only where it is supposed to go will allow the public to support their health care providers in moving to electronic medical records (EMRs).

In fact, Government Health IT News reported on June 24 that the Office of the National Coordinator for Health IT (ONC) plans to contract with a vendor “to explore and evaluate methods to electronically obtain and record from patients their informed consent about sharing their health data.” The solicitation focuses heavily on the matter of educating patients about disclosure and consent for release of information.

In substance abuse and behavioral health settings, requirements beyond those encoded by HIPAA and HITECH are mandated in federal and state laws. 42 CFR Part 2 applies to any provider or provider organization holding itself out as a provider of alcohol or drug abuse treatment and to federally assisted alcohol or drug abuse programs. Special “handling” of the record is required, especially when it comes to re-release of the information obtained. It is not acceptable for a provider to receive information from an alcohol abuse program, incorporate it into their EMR and then release it on to other providers of the patient, without the specific consent of the patient.

The legal complexities are immense. Members of the Software and Technology Vendors Association (SATVA) who work with these issues all the time, have been wrestling with the kind of consent that could be used to disclose records and appropriately specify the degree to which such disclosure is authorized by the patient. Anasazi Software has shared a memorandum of understanding about privacy and security issues related to health information exchange (HIE) in California drafted at their expense. California and some other states have even more restrictive laws than 42 CFR Part 2.

The conclusions in this document lead SATVA members Anasazi Software, Valley Hope Association, and Sequest Technologies to work together to develop and demonstrate to SAMHSA a solution for managing automated electronic health information disclosure. The standardized consent for health information disclosure that they developed could go a long way toward assuring consumer control of their record, at least as that record is represented by the Continuity of Care Document (CCD).

This kind of cooperative effort is one of many reasons of why we at Synergistic Office Solutions are proud to be members of SATVA.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.