Ted Eytan, MD

e-Health. Patient empowerment. Washington, DC.

Posts Tagged ‘ONC’

My Most Interesting Passages from the Office of Civil Rights new HIPAA Privacy Rule Guidance

December 30th, 2008 | Popularity: 29%

I was at the unveiling of The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information and have since taken the time to read the documents posted on the HHS Website. This is not a point by point review of the documents, just the passages that were of interest to me as someone interested in patient empowerment.

I realize that there is ongoing discussion about this work, which I will link to here. I am still struck by Leavitt’s statement, which I tweeted here, which to me signaled the intent to overall to provide an environment where privacy is respected and patients have access to information that helps them be healthy.

So here goes.

1. The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information

The goal of this effort is to establish a policy framework for electronic health information exchange that can help guide the Nation’s adoption of health information technologies and help improve the availability of health information and health care quality.

(again, thinking about Leavitt’s statement above)

INDIVIDUAL ACCESS – Individuals should be provided with a simple and timely means to access and obtain their individually identifiable health information in a readable form and format.

(more on this in another document)

2. Privacy and Security Framework: Introduction

This guidance is limited to addressing common questions relating to electronic health information exchange in a networked environment, and, thus, is not intended to address electronic exchanges of health information occurring within an organization.

(some patients get care from federated medical groups as part of integrated care systems that securely share information between providers when there is a need to provide care)

3. Safeguards Principle and FAQs

Does the HIPAA Privacy Rule permit health care providers to use e-mail to discuss health issues and treatment with their patients?

(this whole section is interesting, but just clipping the following part)

Patients may initiate communications with a provider using e-mail. If this situation occurs, the health care provider can assume (unless the patient has explicitly stated otherwise) that e-mail communications are acceptable to the individual. If the provider feels the patient may not be aware of the possible risks of using unencrypted e-mail, or has concerns about potential liability, the provider can alert the patient of those risks, and let the patient decide whether to continue e-mail communications.

4. The HIPAA Privacy Rule’s Right of Access and Health Information Technology

IMPLEMENTATION OF DENIAL The Privacy Rule further requires that denials of access be timely, written, provided to individuals in plain language, with a description of the basis for denial, and if applicable, contain statements of the individual’s rights to have the decision reviewed and how to request such a review. In addition, the notice of denial must inform the individual of how complaints may be filed with the covered entity or the Secretary of HHS. If access to some of the PHI is denied, the covered entity must, to the extent possible, give the individual access to any other PHI requested, after excluding the PHI to which the covered entity has a ground to deny access. See 45 C.F.R. § 164.524(d)(1).

However, where the covered entity provides individuals with electronic access to some or all of their health information, through a PHR or similar means, and the access is available to the individual at any time and without a request, it becomes more difficult to determine whether a denial of access has occurred and when notice to the individual is required. For example, the requirements in the Privacy Rule are flexible enough to permit a covered entity to notify the individual in advance of the types of PHI to which it intends to deny access and for which the Privacy Rule does not provide a right of review. See 45 C.F.R. § 164.524(a)(2).

(These appear to me to frame personal health records which show parts of a person’s medical record as implementing a form of denial of access which an organization should explain proactively, as opposed to “provision of limited access” which I think is what many organizations do today, without proactive explanation why some things are shown and some not)

There is a lot more in the documents that are relevant to someone like me and many people reading this post. I just wanted to highlight the ones that I noticed, again, with the intent I felt I heard in that conference room in Washington, DC. See what you think.

1 comment »

Posted in Updates

Tags: HHS ONC patient access phr privacy transparency

A Few Reflections from the National Health Information Network Forum

December 18th, 2008 | Popularity: 26%

0 comments | Leave a reply

One of the great advantages of living in Washington, DC, is access to lots of great (and affordable) learning opportunities, and this week’s National Health Information Network Forum was one of them.

Diva Shroff MD Department of Veteran's Affairs

The most important thing I learned is that there is one (a NHIN), and through the days’ demonstrations that progress is being made. I should qualify my comments with the fact that a good family practitioner knows what they don’t know, and this part of HIT is not central to my area of expertise, which is more focused on interactions closer to patients and providers in large heathcare systems.

In any event, I livetweeted my impressions on the fly, which you can read here, and will add some bullet points:

As a learning session, the Forum was executed really well. Scripts were prepared and there were teams of people accessing live systems on the side (see photographs) while panelists described what was going on.
A bright spot for me was to learn (more) about our Surgeon General’s Family History Initiative . It is going to enter a “2.0″ stage in January, 2009, and seems to have all of the abilities that could make this very simple genetic test (family history) more widely available in health care, including being open-source based, brandable, and based on standards. I especially applaud this effort because one of the great things about family history is that it is a test that involves listening to patients – the act of obtaining the information as well as using it is therapeutic in my opinion.
I got to see some of the use cases I have studied, like the Consumer Empowerment Use Case, acted out using real systems. The patient experience was followed from PHR through to physician’s office through to NHIN and back. This was impressive.
I saw a session on the Emergency Responder Use Case which did not cover the area that I’ve had a little bit of interest in on the personal health record side of things, the times when the responder encounters someone who cannot provide identifying information. As I have discussed previously, this is an area where personal health records linked to other identifying information (consented to by the patient) such as vehicle identification number or employee identification, may improve the ability to provide care in emergency situations. Beyond that specific situation, however, interagency/provider connections were demonstrated well.
I saw good demonstrations of health information exchange across various boundaries. It would be interesting to see some of these great projects in the communities where they are being used.
It would be great in the future if there were unaffiliated patients on panels, and if groups also talked about how they involved patients in the development of their work.

Overall, I am very thankful for the generosity of our Department of Health and Human Services for putting this public forum together. Many of the comments and thinking were well received by me, such as Secretary Mike Leavitt’s comment that the days of test results delivered at the convenience of the physician should end.

Photos at the top of this post, click on any to see larger.

No comments »

Posted in Updates

Tags: DC HHS NHIN ONC Photos test-results

Now Reading: Gauging the Progress of the National Health Information Technology Initiative: Perspectives from the Field

February 3rd, 2008 | Popularity: 35%

2 comments

Gaugingtheprogressofthenationalhitinitiative

Bruce Merlin Fried, Gauging the Progress of the National Health Information Technology Initiative: Perspectives from the Field – CHCF.org (California Healthcare Foundation).

The highly respected California Healthcare Foundation has been putting out an impressive array of topical work in the health information technology lately, and I thought this one deserved its own post.

The piece, Gauging the Progress of the National Health Information Technology Initiative: Perspectives from the Field, is a summary of activities to date in the United States’ Health Information Technology Adoption Initiative along with interviews of nearly two dozen leaders and experts in the HIT community about progress to date. If, like me, you eagerly read the initial “Decade of Health Information Technology” document when it came out in 2004 and were filled with hope, this piece is definitely for you. Even if you didn’t read the initial document, this piece will get you up to speed, because it describes the four cornerstones of the HIT initiative and talks about what has happened since.

And how’s the news? Mixed. It appears that success has been achieved in creating awareness globally, and in the cornerstone of certifying electronic health records (I should mention here that I am on one of the Foundation Workgroups for the Certification Commission for Health Information Technology).

I am studying a lot of LEAN Hoshin Kanri principles right now, so visual rating systems are on my mind. If I were therefore going to create a visual for the cornerstones, based on what I read here, I would put a Red light (danger) next to Nationwide Health Information Network, Red light next to adopting interoperability standards, Green light next to certifying EHRs, and Yellow light next to Reconciling laws.

There isn’t a lot of clarity about what we mean by HIT, as the paper highlights. Does this mean that consumers/patients will use an EHR because they have access to a PHR? We can’t know because we aren’t there yet. That’s the bad news.

There’s some good news, such as this nice quote from Carolyn Clancy, MD, of AHRQ:

If there was a tipping point here, my guess is it was probably Kaiser [Permanente] turning to Epic [Systems Corporation]. I think what a lot of people are beginning to see is that these investments can actually change the nature of health care to a series of transactions that are far more proactive, that can happen right now even without payment reform.

On the not so good side, there is more debate about the role of interoperability as a priority, or even as a separate cornerstone. From what I read, I think this article gets tagged in my growing collection of what I call “HIT_before_HIE,” which are the voices of a growing number of experts who question the value of pursuing interoperability before operability. Feel free to peruse the collection in the link cloud I have set up on the topic:

http://del.icio.us/tedeytan/HIT_before_HIE

What has my own experience been during this time? Well, in the time period from 2004-2007, I was involved in implementing one of the world’s largest personal health records, and a successful statewide electronic health record, in an organization that shares a lot of the “ideal” characteristics of care model that Kaiser Permanente does. I have seen that it can be done. I was also involved in the setting up of a Hoshin Kanri system to guide strategy deployment, to make sure that we got the right things done in maintaining and further developing our HIT capabilities.

In my sabbatical experience, I have seen that the desire is as strong as it is within the walls of my organization, but it is not happening at the same pace. This is why I take works like this seriously – the results I see in my on the ground work corroborate what is said here.

In addition, I find some congruence between the opinions of the experts in the article and my experience at the recent Joint Commission Roundtable in Chicago, where I learned about the paths to success in HIT in peer countries. Each has a strong public commitment to HIT.

There is more to be done. One of the comments I made in Chicago was that 4-14 % adoption for EHRs in small practices is too low for 2008. It’s too low for 2005. I wonder about prioritizing EHR with PHR adoption and studying work to quantify the value of incentives that has already been done (see Roger Taylor et al., “Promoting Health Information Technology: Is There A Case For More-Aggressive Government Action?,” Health Aff 24, no. 5 (September 1, 2005): 1234-1245, http://content.healthaffairs.org/cgi/content/abstract/24/5/1234. ). I also wonder about applying LEAN methodology to the strategy and deployment of HIT policy by our government. I think a Hoshin Kanri approach would make a difference by establishing focus and a sustained deployment plan.

Thanks for reading my thoughts. I welcome your comments.

2 comments »

Posted in Now Reading

Tags: adoption California Healthcare Founcation HIT_before_HIE NHIN ONC ONCHIT RHIO The Joint Commission

“You have the information and I look out for you” – ONC Visits Kaiser Permanente West End Medical Center, Washington, DC

December 17th, 2007 | Popularity: 19%

1 comment

Presentation: Office of the National Coordinator Shop Floor Tour, Ted Eytan, MD

These were the words of Mark Snyder, MD, Associate Medical Director, Information Technology, Mid-Atlantic Permanente Medical Group, as he demonstrated a new paradigm of information sharing using a simulated medical record, taking the record (represented by a notepad) out of his hands, and placing it in a member’s hands. This happened during a “process walk” that we set up to show the workflow of secure e-mail in a medical practice, at Kaiser Permanente’s West End Medical Center, in the heart of Washington, DC.

The visit came about because I was asked to provide information to the Office of the National Coordinator (ONC) about Group Health Cooperative’s work in adopting secure e-mail as part of care across the State of Washington. Since I am a believer of Genchi Genbutsu through the work I have been doing in LEAN, I invited the group to “come and see for yourself,” and they did.

Kaiser Permanente West End Medical Center

ONC and Kaiser Permanente staff on Process Walk

Mark Snynder, MD, and Pearl demonstrate secure e-mail workflow

Mark Snyder, MD, Pearl, and David Hunt, MD

Alicia Bradford, MS, RN BC and Doug VanZoeren, MD

With assistance from the staff at Kaiser Permanente’s West End Medical Center, including Medical Center Chief Doug VanZoeren, MD, I presented the Group Health Health Profile, an electronic health risk appraisal linked to an electronic health record, along with data about adoption of our patient portal, MyGroupHealth. Mark Snyder followed with information about Kaiser Permanente’s HealthConnect project and associated personal health record, kp.org. He indicated that 100,000 of Kaiser Permanente Mid-Atlantic’s members have signed on to the system, giving it a steeper adoption curve than even Group Health as Mark pointed out, since it is has been on the scene for less time. It is now fully operational, though, and forging ahead with features like direct booking of primary care appointments.

1 comment »

Posted in Health Information Technology

Tags: DC ehr Federal Government ghc.org kp.org ONC Photos phr secure e-mail workflow