A pilot program at the University of Texas at Austin is looking at how to enable patient tracking of who requests and receives their protected health information (PHI), according to a Health Data Management article.
The pilot, approved by a the Office of the National Coordinator (ONC) for Health Information Technology, involves the exchange of simulated Electronic Health Records (EHR) between large healthcare providers using Nationwide Health Information Network (NwHIN) Information IT standards. Each access request over the simulated NwHIN Exchange will be decided in real time based on computable policy that includes privacy metadata. Patient consent directives (PCD) will be included in the evaluation of the access request. The goal of the pilot is to present a secure, scalable solution that allows consumers to evaluate if their PCD is operating as they planned.
"Healthcare consumers currently do not have the ability to review remote electronic requests on the NwHIN Exchange for their PHI or learn the outcome of those requests," states the pilot's Wiki posting. "The pilot will add transparency to the exchange of PHI released by the consumer's provider organization to requesting organizations. Further, the pilot will explore how subsequent requests made to requesting organizations (3rd party requests) can be reported to consumers.
Dallas-based access control provider Jericho Systems is a partner with the University of Texas at Austin on the pilot. In an interview, David Staggs, chief technology officer at Jericho Systems, said the pilot started in April 2013 and is part of the ONC Standards & Interoperability (S&I) Framework's Data Segmentation for Privacy (DS4P) initiative. O
"As the financial and health impact of accidental or inappropriate sharing of PHI becomes more apparent, patients will demand the same level of transparency in the exchange of their PHI as they have come to expect in their credit card statements," said Staggs. "The technical challenge is to provide a system that provides transparency to the patient without undue burden on the exchange."
In related news, a provision to the updated HIPAA rule that requires providers to honor a patient's request to restrict disclosure of their PHI to their health plan has some leaders wringing their hands. The new regulation states that as long as a patient pays for a healthcare item or service in full and out of pocket, they can ask a provider to not disclose PHI related to that item or service to their insurance company. However, some providers aren't too happy with the change.