Mary Mosquera reports:
The Privacy and Security Tiger Team yesterday began exploring how current technologies can help patients make decisions on consent and access to their electronic health records when more sensitive patient data is involved.
The team, composed of government and private sector healthcare privacy experts, teed up questions related to how to accommodate patients who might want to exercise highly-selective levels of control over electronic versions of their personal health information or portions of that data.
Read more on Government Health IT. The story gives a useful example of how quickly things can become complicated:
Some technologies can enable patients to release parts of their medical record to their providers, but the tools and techniques supporting such piece-meal management of patient data are far from fool-proof, noted Paul Egerman, a software entrepreneur and also co-chair of the tiger team.
For example, a provider can decide to not show certain codes in the exchange of a standard Continuity of Care Document (CCD) that specify a condition or illness that the patient does not want shared, such as a sexually transmitted disease (STD), Egerman said.
However, other codes in the record for test results or medications can still allow others to infer the patient has an STD. “It’s leaky,” Egerman said. “Downstream inferences are beyond the state of the art.”