Privacy Tiger Team tackles non-targeted queries

Tools

After a hearing last week on non-targeted queries in health information exchange, the Privacy & Security Tiger Team began discussing potential recommendations.

In non-targeted queries, a provider asks an exchange for all records on a patient when the providers are not known. The Tiger Team, an ONC workgroup, submitted recommendations to the HIT Policy Committee in April, but it also asked for more study of non-targeted queries.

Two issues from the hearing could have the biggest impact on exchange organizations: HIE participation agreements and how best to deal with sensitive data.

Dixie Baker, senior partner with consulting firm Martin, Blanck & Associates, said organizations should be able to come to some common agreement.

"Surescripts works well because everyone has knowledge of agreement and each participant has the same agreement. Although I'm not fond of forcing regulations that require everyone to have some common agreement, a trust fabric can't exist unless there's something that people presume to be there. In the cases we heard [last week] and the HIEs today, that doesn't exist. I think there should be at least some small form of common agreement," she said,according to an article at HealthITSecurity.

The California Office of Health Information Integrity is working on a framework to help HIEs scale in a way that doesn't require them to draft separate data-sharing agreements with each partner.

The other issue is segmenting information that a patient might want to keep private, such as substance abuse treatment. Some committee members have been worried that patients who did not want sensitive information shared would opt out of health data exchange altogether.

"We're still waiting to get some results from the data segmentation pilots that might give us some clue as to how we would deal with a lot of these networks not including sensitive data because of additional constraints around sharing and added sensitivity. I'm not sure how far we can go with this because the pilots are still pending," Chair Devin McGraw said, according to the article.

To learn more:
- read the HealthITSecurity article
- find the hearing analysis on HealthIT.gov

Related Articles:
Can patients cherry-pick health information to be exchanged?
Providers: Expect patients to start asserting their privacy rights
State laws, patient preferences pose privacy challenges for HIEs
How to mitigate unintended consequences of data exchange
Network neutrality key to health information exchange
Framework aims to scale state's HIE trust agreements