Monday, April 14, 2008

Barriers to Health Information Exchange


Quote of the Day:
Everything that can be invented has been invented.
--Charles H. Duell

 

In this column I often write about promoting health information exchange.

In all cases, however, we must comply with HIPAA and place barriers for confidentiality and privacy to protect patients from unauthorized access to their health records without proper authorization.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) is an expansive set of rules to privacy for patient information.  The lesser known aspects of it may be largely unknown by physicians.  I came across a survey of dentists which had some interesting information, although not all aspects apply to medical offices. It is available for a full read at:Dental Survey

Several lesser known requirements are:

Inventory and Control of all hardware and software

Security and disposal of all media

Log of maintenace of hardware/software

WRITTEN work station

Further details are in the article itself.

Such questions arise such as:

Should patients have the option to specify that their medical records not be shared on a common HIE?

Should there be an audit trail for 'shared information'?

Map image

No comments: