Military Health System examines privacy, identity challenges

As the U.S. Department of Defense and Veterans Affairs work toward an effective electronic exchange of healthcare records, issues of patient privacy and identity management remain.

As part of that process, the Military Health System undertook a literature review to identify data-integration processes as well as the related techniques and standards necessary for a shared EHR that also exchanges data with civilian healthcare providers, reports Health IT Security.

These parameters need to be in place for the data-sharing, along with the interoperability to make it happen, speakers told the recent HIMSS Privacy and Security Forum.

After issuing a 300-page report, the next step will be producing a DoD handbook on patient privacy and identity management.

The report covers EHRs,  health information exchange, personal health records, mobile devices, remote monitoring systems and wireless sensor networks, radio-frequency identification (RFID), Web-based e-Health resources and cloud-based solutions.

The DoD is also inviting industry, government and academic experts to take part in building the roadmap for this technology.

The researchers say that existing studies can point out lessons learned, but much research remains to be done on the effects of technology, policies and practices.

The joint EHR project faces challenges of designing a meaningful patient consent procedure; recording patients' consent preferences and using technology to effectively carry them out; and figuring out how to best perform patient identity matches, according to Rand Health Quarterly.

The report suggests that following the VA's lead on developing a patient consent-management system for non-active duty beneficiaries might be the best approach for DoD.

The lack of a national system of unique patient identifiers makes patient matching difficult, but even with one, challenges would remain. However, it says that here's an array of possible approaches.

"Following a sociotechnical approach, it is important to consider how technical, social and organizational factors work together. Addressing isolated issues regarding patient identity management and consent will not be productive; research and implementation need to address multiple factors and their interactions in supporting successful HIE," according to the report.

The DoD and VA in February nixed plans to build a new joint EHR system from scratch, saying instead they would focus on integrating their current systems via "existing solutions." Over the summer lawmakers from both sides of the aisle introduced legislation to set strict timelines for making that data-sharing happen.

To learn more:
- read the Health IT Security post
- find the forum slide deck
- check out the Rand Health Quality issue

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses.

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.