The Health IT policy committee this week gave a green light to recommendations from its privacy and security Tiger Team that empower patient personal representatives (proxies) for adults with view/download/transmit (VDT) permissions for protected health information. Such permissions as they pertain to adolescent patients will be discussed at a future meeting.
Scenarios discussed at an April 8 meeting included the "easiest case" instance, in which patients make a request for friends or family members to have VDT access, as well as more difficult cases, such as when such a request comes from the friend or family member. The Tiger Team, in its presentation, said that in the former instance, permissions can be granted in person or remotely, and that providers should document all such requests.
In the latter instance, the Tiger Team said that such access "must be confirmed" with the patient through methods such as out-of-band confirmation. In cases where a patient is incapacitated, the Tiger Team said that providers must consider the appropriateness of VDT access for treatment information. In particular, the team said, providers should consider how they can update current processes for granting access, including the capability to store documentation of proxy status and patient authorizations for access.
The team also said that processes need to be developed for cutting off VDT access by such proxies in the event of a change in preferences or changes in personal representative legal status.
"It is important to educate patients on whatever options are available, so they can make informed decisions about the scope of proxy access to be granted to friends/family," the Tiger Team's presentation stressed. In particular, Tiger Team chair Deven McGraw said, "all-or-nothing" access to accounts needs to be taken into consideration.
McGraw touched on the VDT capabilities of patient proxies at the Tiger Team's Jan. 27, meeting, although no formal recommendations were made at that time.