Sunday, October 11, 2009

Opt-In, Opt-Out.... Don't publish THAT!

The standards for Privacy-Policies including Consent and Authorizations is being feverishly developed right now. These efforts are trying to fill all the gaps that exist today, and there are many. In the mean time we have a very Basic solution that can support very basic privacy-policies including Opt-In and Opt-Out (aka. HITSP/TP30 - Manage Consent Directives (IHE-BPPC profile)) This might support %80 of patients or might be only %20, I suspect it is closer to %80. But no matter what, there is some fragment of the population that will not be happy with these options. For these patients time will bring the solution, but today they can withhold information, a time tested solution.
People Can Opt Out of Listing STDs, Abortions in Gov't-Mandated Electronic Health Records, Patrick Kennedy Says
(CNSNews.com) - Rep. Patrick Kennedy (D.-R.I.) says people will be able to stop doctors from including records of sexually transmitted diseases and abortions in the new national system of Electronic Health Records that was mandated by the stimulus law enacted in February.

The law says that doctors, hospitals and other health care providers must create an Electronic Health Record (EHR) for every American by 2014 or else face deductions in their Medicare payments. The EHRs are supposed to be integrated into a national health care IT system where health-care providers nationwide as well as the government would have the ability to access them when authorized.

“This is totally going to be up to the individual,” Kennedy told CNSNews.com when specifically asked if these EHRs would include any STDs or abortions in a person's medical history. More

2 comments:

  1. We have a legal concept of "informed consent" to work with. What we don't have is "informed non-consent", i.e., knowing and implicitly agreeing to the medical consequences of failure share one's healthcare data. I think it would be important to healthcare providers to have such a legal construct, for example, to protect them from liabiity when a patient makes a harmful choice. Same/same for people who act on behalf of patients, such as parents acting for their children.

    ReplyDelete
  2. All 'consents' must be 'informed'. If the consenter does not understand what they are agreeing too then the agreement is invalid.

    I think the issue you point out is a result of the current use of the word 'consent'. The current use is being equated to "Opt-IN". Yet the word 'consent' is a generic agreement. It does not scope what the context of the agreement is. Thus one can 'consent' to an "OPT-OUT" policy.

    This miss-understanding of the word 'consent' is the exact reason why IHE-BPPC Change Proposal 398 was balloted and passed. ftp://ftp.ihe.net/IT_Infrastructure/TF_Maintenance-2009/CPs/Completed/CP-ITI-398-04.doc. The change didn't change any normative statements, but did make many changes to be clear that a 'privacy-policy' is being 'acknowledged'.

    ReplyDelete