California HIE Demonstration Projects to Move Ahead with Opt-In Framework
This past Wednesday, the California Office of Health Information Integrity (CalOHII) released a comprehensive whitepaper examining patient consent and other HIE framework efforts for entities participating in the HIE Demonstration Projects and HIE throughout the state of California. CalOHII is the state entity designated for overseeing HIE in California as well as establishing and administering HIE demonstration projects within the state.
The whitepaper builds upon initial recommendations of the California Privacy and Security Advisory Board (CalPSAB). Although originally CalPSAB had proposed a bifurcated consent policy (i.e., opt-out for treatment, opt-in for other purposes or where sensitive information was contained in the medical record), the Board withdrew this recommendation after public concern regarding cost effective workability of the policy.
Ultimately, CalPSAB recommended an “opt-in” patient consent framework which this whitepaper incorporates, implementing generally an affirmative consent framework for the demonstration projects. The demonstration project participants would be required to use CalOHII approved consent forms and adopt CalOHII recommended privacy and security policies and procedures.
Although adopting a stricter approach, the whitepaper echoes the ONC Tiger Team’s emphasis on meaningful patient consent, stating,
…CalOHII believes that the reading of an informing document and the signing of a consent form is the step at the end of a process – the process of education. The education of the patient on the various aspects of the electronic exchange of health information, is to guide the patient in making a meaningful decision in giving or not giving his/her consent.
The whitepaper would permit certain exceptions allowing information to be accessed through an HIE without patient consent, namely for public health reporting and emergency “break the glass” situations. In addition, the HIE demonstration projects are permitted under certain circumstances to request to “Demonstrate Alternative Requirements” (DAR process) in order to present other policies and requirements for implementing patient consent and privacy and security requirements.
The two demonstration projects chosen for 2011 are the Western Health Information Network (WHIN) and the San Diego Beacon eHealth Community. Both demonstration projects are currently set to test the opt-in framework as well as the CalOHII privacy and security policies that are to be developed. The purpose of the demonstration projects is to help evaluate solutions for HIE and to test and develop innovative privacy and security practices. Regulations for the demonstration projects are expected to be finalized shortly.
