All posts tagged privacy

Part Two: Privacy & Consent Management Landscape and Challenges to Scale

By Hans Buitendijk, Chair, EHR Association Privacy & Consent Task Force

In Part One of this two-part blog series, we introduced the challenges in today’s privacy and consent management landscape and discussed different approaches for rules management. In Part Two, we put forth a proposed roadmap for establishing the necessary framework for privacy and consent management. 

A Roadmap for a Complex Infrastructure

Defining the critical components and standards, and establishing the necessary infrastructure is no small undertaking. It is not sufficient to simply have standards on how to communicate any tags, such as HL7 DS4P for documents, FHIR Security Labels for FHIR resources, and the ARV segment for HL7 v2. Not only that, but more is needed when v2, CDA, or FHIR are used to communicate data that must have tags beyond the data itself to enable evaluation of rules by the receiving system. This is especially true when data can be exchanged in many other formats and ways, including proprietary formats, and when sensitivity is based on the context of multiple data elements that, on their own, would not be considered sensitive, as well as when a patient’s data sharing rules may not involve a well-defined set of data values.

The $64,000 question is, how can we make progress? 

(more…)
Leave a comment
by EHR Association on September 10, 2024  •  Permalink
Posted in Health IT Regulation, Health IT Standards, Interoperability, Privacy and Consent, Sensitive Data
Tagged , , ,

Posted by EHR Association on September 10, 2024

https://ehrablog.org/2024/09/10/part-two-privacy-consent-management-landscape-and-challenges-to-scale/

Part One: Privacy & Consent Management Landscape and Challenges to Scale

By Hans Buitendijk, Chair, EHR Association Privacy & Consent Task Force

As health data flows more widely and automatically across providers, payers, patients, public health, researchers, and others, automated tools to filter for data that is not authorized to be shared have become imperative.  

To date, relatively simple and coarse methods have been deployed where large data sets are excluded from exchange:

(more…)
1 Comment
by EHR Association on September 10, 2024  •  Permalink
Posted in Health IT Standards, Privacy and Consent, Sensitive Data
Tagged , , , ,

Posted by EHR Association on September 10, 2024

https://ehrablog.org/2024/09/10/part-one-privacy-consent-management-landscape-and-challenges-to-scale/

Privacy and Security, and Building Patient Trust

Earlier this year, ONC published an updated “Guide to Privacy and Security of Electronic Health Information” to help healthcare providers and ambulatory practices understand existing federal law on protected health information (PHI).  It provides guidance on how providers can use certified electronic medical record technology (CEHRT) to provide secure communications with their patients and, via secure and interoperable health IT, share patient data with other care providers.

There is a great deal of practical information provided in this guide that helps explain who is and who is not a business associate (BA), per the HIPAA regulations.   It also provides clear guidance as to when it is permissible to disclose PHI, when patient authorizations are required, and how to provide patient access to their health information.  In addition, there is a useful section on general cybersecurity explaining the threat of cyber-attacks, the use of mobile devices, and email and texting among providers and their patients.

(more…)

Leave a comment
by ewest123 on September 1, 2015  •  Permalink
Posted in General, Privacy and Security, Public Policy and Health IT
Tagged , , , ,

Posted by ewest123 on September 1, 2015

https://ehrablog.org/2015/09/01/privacy-and-security-and-building-patient-trust/

  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 198 other subscribers

  • Contact Us

    Kasey Nicholoff
    staff @ ehra.org

    Amanda Patanow
    Communications and Media
    ehracomms @ npccs.com