781-890-7446 Health Delivery Services May 29, 20090 Eastern Massachusetts Healthcare Initiative Policy Work Group Session 2 May 29, 2009.

Slides:

Advertisements

Similar presentations

Georgia Department of Community Health

Advertisements

Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.

A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

Breaking Down Barriers to Health Information Exchange: How Clinical Leadership is Shaping ConnectingGTA e-Health Conference 2013: Accelerating Change May.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

Supportive Services for Veteran Families (SSVF) Data Bigger Picture Updated 5/22/14.

Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.

A Primer on Healthcare Information Exchange John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.

April 2, 2013 Longitudinal Data system Governance: Status Report Alan Phillips Deputy Director, Fiscal Affairs, Budgeting and IT Illinois Board of Higher.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

Query Health Business Working Group Kick-Off September 8, 2011.

A SOUND INVESTMENT IN SUCCESSFUL VR OUTCOMES FINANCIAL MANAGEMENT FINANCIAL MANAGEMENT.

HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.

TELECARE CORP HIPAA AND THE AMENDMENT PROCESS Updated 11/17/09.

OSIAM4HE Proposed org structure Authored by the strategy and organization team.

State Alliance for e-Health Conference Meeting January 26, 2007.

“ Jericho / UT Austin Pilot” Privacy with Dynamic Patient Review April 9, 2013 Presented by: David Staggs, JD, CISSP Jericho Systems Corporation.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

HIT Policy Committee Privacy & Security Tiger Team Update Deven McGraw, Co-Chair Center for Democracy & Technology Paul Egerman, Co-Chair June 25, 2010.

Privacy and Security Tiger Team Today’s Discussion: Query/Response Scenarios for Health Information Exchange February 21, 2013.

MED INF HIT Integration, Interoperability & Standards ASTM E-31 January 14, 2010 By Imran Khan.

Organizational and Legal Issues -- Developing organization and governance models for HIE Day 2 -Track 5 – SECOND SESSION – PRIVACY AND SECURITY CONNECTING.

Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.

Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.

Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.

IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.

Health eDecisions Use Case 2: CDS Guidance Service Strawman of Core Concepts Use Case 2 1.

Privacy and Security Solutions For Interoperable Health Information Exchange Presented by Linda Dimitropoulos, PhD RTI International Presented at AHRQ.

Identity Proofing, Signatures, & Encryption in Direct esMD Author of Record Workgroup John Hall Coordinator, Direct Project June 13, 2012.

Scalable Trust Community Framework STCF (01/07/2013)

Data Access Framework (DAF) Relationship to Other ONC Initiatives 1.

DISPARITIES COUNCIL Legislative Working Group Hank J. Porten Steve Shestakofsky Camille Watson.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

The Patient Choice Project Project Kickoff December 14 th, 2015.

Grant Management Seminar Session 3 1 Session 3 Oversight and Reporting 10/13/2012.

Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.

Assessment Entry Module (AEM) Kick-off November 15, 2012 interRAI Preliminary Screener Toronto Central LHIN.

Electronic Submission of Medical Documentation (esMD)

Oregon Project Independence 2013 Rule & Fee Schedule Changes Information for AAA Directors September 19, 2013.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

Connecting for Health Common Framework: the Model Contract for Health Information Exchange Gerry Hinkley com July 18, 2006 Davis Wright.

S ecure A rchitecture F or E xchanging Health Information in Central Massachusetts Larry Garber, M.D. Peggy Preusse, R.N. June 9 th, 2005.

The Patient Choice Project Use Case Working Session February 12 th, 2016.

The Patient Choice Project Use Case Working Session January 29 th, 2016.

Information Sharing for Integrated Care A 5 Step Blueprint.

V April 2016 Training Guide 1 NOTE: All screen shots from Communicare indicate PCEHR. Any reference to the PCEHR or the My Health Record within this.

Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.

Pennsylvania Health Information Exchange NJHIMSS - DVHIMSS Enabling Healthcare Transformation Through Information Technology September, 2010.

Health Information Exchange: Alaska’s Health Pipeline Alaska Bar Association Health Law Section February 2, 2012 Carolyn Heyman-Layne.

Protection of Minors Program Coordinators Information Session November 2015 Carolyn Brownawell Melisa Giraldo Dietrich Warner.

CIS 170 MART Teaching Effectively/cis170mart.com FOR MORE CLASSES VISIT HCS 430 OUTLET Inspiring Minds/hcs430outlet.com FOR MORE CLASSES.

Incorporating Privacy Into Systems Development Methodology Phil Moleski Director Corporate Information Technology Branch Saskatchewan Health

Under the new grants process, both districts and clubs assume greater responsibility for the management of grants. The Rotary Foundation has established.

Objectives 1. Define and describe each of the Agreement types being discussed today; 2. Highlight specific questions to ask when determining the administrative.

District and Club Qualification

Information Sharing for Integrated care A 5 Step Blueprint

Privacy & Confidentiality

IT Applications Theory Slideshows

Health Information Security and Privacy Collaborative (HISPC) Overview

Employee Privacy and Privacy of Employee Information

Model Contract for Health

Dashboard eHealth services: actual mockup

Enforcement and Policy Challenges in Health Information Privacy

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

District and Club Qualification

Presentation transcript:

Health Delivery Services May 29, Eastern Massachusetts Healthcare Initiative Policy Work Group Session 2 May 29, 2009

Health Delivery Services May 29, Agenda Progress and Remaining Activities Resolution of Previous Issues New Questions and Issues Policy Framework Document Next Steps

Health Delivery Services May 29, Policy Group Work Session Plan PeriodAgendaPreparation Thru May 8 Complete Obtain agreement on approach, schedule, and work group membership Obtain agreement on scope Review general principles Review policy document outline Review example policies Review open questions/issues Request existing policies from work group members and other groups Research policies from NEHEN/MA- SHARE and other sources Document principles Develop policy document outline Develop example policies Document open questions/issues May 29Hold Policy Work Group Meeting: Review draft policies Review open questions and issues Assign follow-up responsibilities Develop additional policies June 5Distribute interim work products to Advisory Group Prepare presentation outlining framework, content, open questions/issues June 12Send policy framework to other EMHI members for review Update framework Prepare summary presentation June 19Hold Policy Work Group Meeting: Review final framework/policies Review open questions and issues Assign follow-up responsibilities Develop/update policies Finalize policy document Draft plan for maintaining policies Draft communication plan June 26Present framework to Advisory GroupPrepare presentation outlining framework, content, open questions/issues

Health Delivery Services May 29, Policy Guiding Principles General –Decisions Based on Guiding Principles –Openness and Transparency –Patients’ Rights –Patient Access and Participation –Data Collection and Use Limitation –Privacy and Security Policy Compliance –Coordinated Decentralization –Broad Adoptability –Anticipation of Change Technical –Open Standards –Federated Data Architecture –Flexibility and Agility –No Rip and Replace –Multiple Implementation Models

Health Delivery Services May 29, Definitions Participant: A Provider Organization, Payer Organization, or Other Organization that has directly entered into a Data Sharing Agreement with NEHEN, accesses Protected Health Information via NEHEN, and actively participates in the exchange of electronic healthcare data via NEHEN. Sending Participant: A Participant engaged in sending clinical data to another Participant via NEHEN. Receiving Participant: A Participant engaged in receiving clinical data from another Participant via NEHEN. Sending User: A person who is associated with a NEHEN Participant and sends clinical data via that association. Receiving User: A person who is associated with a NEHEN Participant and receives clinical data via that association.

Health Delivery Services May 29, Policy Questions and Issues: Resolutions for Review What is NEHEN’s responsibility as regards Participant compliance with data sharing agreements and policies? Assume compliance or audit for compliance? –Resolution: Create a "statement of compliance" and require a legal signatory of the Participant to sign on an annual basis. The statement should include the right to make unannounced audits regarding privacy at any time. Should all disclosures be reported to a patient upon patient request, or just selected disclosures? –Resolution: Report on all disclosures based on available data. Provide capabilities for Participants to use local NEHEN audit logs in their disclosure reporting work flows. What should be the baseline for privacy and security protection—meeting minimum legal requirements or developing/meeting community best practices? –Resolution: Meet minimum legal requirements. Review Participant practices, and consider common practices for “best practice” implementation.

Health Delivery Services May 29, Policy Questions and Issues for Discussion: Responsibilities of the Exchange Do we need to define the purpose of the exchange to address the issue of the Receiving Participant/User’s liability (e.g., lab results received by a physician other than the physician who ordered the test)? –Examples: The intent of the exchange is to support “live care” The intent of the exchange is to support “better care management” Must NEHEN restrict participation in order to comply with legal requirements, including state laws? –Examples: May individuals and organizations operating in/licensed in New England states other than Massachusetts be users of the clinical data exchange? Must NEHEN policies address requirements for those states (e.g., sensitive information requirements)? Can an organization operating in/licensed in another state be made responsible for compliance with that state’s laws? May an individual operating in/licensed in another state be a user of the exchange?

Health Delivery Services May 29, Policy Questions and Issues for Discussion: Responsibilities of the Exchange Are NEHEN and/or Participants responsible for : –Attempting to influence legislation? –Educating the public about the exchange of clinical data? –Informing users of the potential for increased liability due to increased availability of information? –Informing or training Users on appropriate use of the exchange?

Health Delivery Services May 29, Policy Questions and Issues for Discussion: Responsibilities of Persons/Organizations Receiving Messages Must a Receiving Participant/User view a message received from an external source? –Examples: May a receiver “turn off” receipt of some or all messages? May a receiver “reject” a message that has been appropriately addressed? May a receiver discard a message without viewing it? What are a Receiving Participant/User’s responsibilities for acknowledging a message? –Examples: Notify the sender that the message was received. Notify the sender that the message was delivered to its final destination. Notify the sender that the message could not be delivered (i.e., “addressee unknown”) Notify the sender that the message was addressed to the wrong recipient (i.e., “not me”) Must a Receiving Participant/User retain a message received from an external source? May a Receiving Participant/User specify preferences for how/when they receive messages regardless of message type (e.g., “as soon as available”, “bundled” at end of day)?

Health Delivery Services May 29, Policy Questions and Issues for Discussion: Responsibilities of Persons/Organizations Sending Messages May/must a Sending Participant/User include in a message information that was received from an external source (i.e., not originally collected by the sender)? –If so, should it be identified as having come from an external source? Must a Sending Participant/User resolve ambiguous destinations for a Receiving User (e.g., a physician who practices in multiple organizations or physical locations) –May/must a Receiving User identify a “preferred address” for cases where the ambiguity is not resolved? May a Sending Participant/User specify preferences for how and when messages will be delivered (e.g., specify urgency or method of delivery)?

Health Delivery Services May 29, Policy Questions and Issues for Discussion: Provider Registration/Addressing May a message be addressed to an organization rather than an individual (e.g., a clinic or a CHC)? May a message be addressed to a Receiving Practitioner who is other than a licensed care provider? May a message be addressed to a Receiving Participant who acts as an intermediary for practitioners (e.g., a vendor offering portal access)? Must a Receiving Practitioner be affiliated with a Receiving Participant organization for the purpose of authentication, authorization, and routing? –Examples: California pediatrician refers patients to Children’s and wishes to be “added” as a Children’s user. MMS or a vendor wishes to offer portal access. NEHEN wishes to make access available via the NEHEN Portal. Must NEHEN or the Participant organization obtain a provider’s consent to register the provider in the community directory?

Health Delivery Services May 29, Next Steps Distribute update to Advisory Committee week of June 1 Incorporate today’s decisions and redistribute draft for Policy Group review week of June 1 Distribute draft document and summary presentation to EMHI members not represented on Policy Group week of June 1 or June 8