ONC Asking For Feedback On Patient Identity Tools

Posted on November 21, 2012 by Frank J. Rosello

The privacy and security panel that advises the Office of the National Coordinator for Health IT has asked for public comment about how the identity of individuals should be verified when they electronically access their health records.

The ability of patients to use health IT tools to access health information and to communicate securely with their providers is a critical foundation to make health care more patient-centered.

The comments will be shared with the federal advisory Health IT Policy and Standards Committees as part of a Nov. 29 online hearing on credentialing patients to assure that patients are who they say they are so they can take advantage of Web tools, according to Deven McGraw, chair of ONC’s Privacy and Security Tiger Team. The hearing was originally scheduled for last month but was changed.

To meet the requirements of Meaningful Use Stage 2, healthcare providers will need to more actively engage patients by enabling them to electronically view, download, and transmit relevant information from their electronic health records (EHRs).

This could include lab test results, a list of current medications and hospital discharge instructions. Patient engagement also includes bi-directional, secure email with patients.

“We want to make sure we facilitate electronic data access and email in a way that protects the privacy, confidentiality and security of that information,” McGraw wrote in a Nov. 8 blog. She is also director of health privacy at the Center for Democracy and Technology.

In addition to verifying the identity of a patient who is remotely accessing a health record, the panel, made up of representatives from healthcare, technology, consumer and government organizations, will explore at the meeting how to issue “digital credentials” without making it too difficult or expensive for patients.

Some patients already may have retrieved their health record online from their physician or hospital. The panel is interested in a description of how that access was granted, for example:

• Did you have to show up in person at your doctor’s office or were you able to establish the account online?

• If you were able to establish the account online, what steps did you have to go through to prove your identity?

• Once you established the account, what steps do you have to go through to access it?

• Do you believe the process for giving you access to your account will keep your information secure?

Commenters may also recommend other approaches to provide patients with secure online access to their medical information. The public may comment online at the blog or email ONC directly at [email protected].

Article written by Mary Mosquera, Senior Editor for Government Health IT

• Recent News

  • Texas Launches Certification Program To Bolster HIPAA Compliance
  • Internet Explorer Vulnerability: Steps To Take
  • Five Misconceptions About Cloud Computing
  • ONC Chief’s Perspectives On Patient Privacy and Security
  • ONC Chief DeSalvo Charts New Course

• Press Release Archives

• EI Connections Newsletter Archive

  
  

  Sign up for the
  EI Connections Newsletter

  * Email

  
  

• Categories

  • ACA
  • ACO Rule
  • ACOs
  • Cloud Computing
  • CMS
  • CMS eRx Rules
  • CMS Final Rule
  • CMS Proposed Rule
  • e-Health
  • EHR Adoption
  • EHR Data Sharing
  • EHR Implementation
  • EHR Incentives
  • EHR Information Security
  • EHR Meaningful Use
  • Electronic Health Records
  • Electronic Medical Records
  • EMR
  • Environmental Intelligence
  • Health Information Exchange
  • Health IT
  • Health IT Best Practices
  • Health IT Data Security
  • Health It Interoperability
  • Health IT Policy
  • Health IT Services
  • Healthcare
  • Healthcare Information Security
  • Healthcare Leasing
  • HHS
  • HHS Final Rule
  • HHS Initiatives
  • HIE
  • HIPAA 5010
  • HIPAA Complicance
  • HIPAA Omnibus Rule
  • HIPAA Privacy and Security Rule
  • ICD-10
  • Meaningful Use
  • medical practice best practices
  • mHealth
  • ONC
  • Patient Privacy
  • Personal Health Record
  • PHI Data Security
  • Press Releases
  • Radiology Systems
  • Telehealth
  • Telemedicine

• Tag Cloud

  CMS CMS EHR Incentives CMS Policy EHR EHR Adoption EHR Best Practices EHR Cloud Hosting EHR Consulting EHR Hosting EHR Implementation EHR Incentives EHR Study EHR Technology Enhancements EI Connections Newsletter Electronic Health Records Electronic Medical Records EMR Environmental Intelligence Healthcare Health Information Exchange Health IT Health IT Best Practices Health IT Information Security Health IT Policy Health IT Services Health IT Standards Health IT Tips HHS HIE HIE Standards HIPAA Compliance HIPAA Privacy and Security Rules HIT ICD-10 Meaningful Use medical practice best practices OCR ONC Patient Experience PHI PHI Data Breaches PHI Data Security PHI Security Stage 2 Meaningful Use Rule Stage 3 Meaningful Use