ONC Asking For Feedback On Patient Identity Tools

Posted on by Frank J. Rosello

The privacy and security panel that advises the Office of the National Coordinator for Health IT has asked for public comment about how the identity of individuals should be verified when they electronically access their health records.

The ability of patients to use health IT tools to access health information and to communicate securely with their providers is a critical foundation to make health care more patient-centered.

The comments will be shared with the federal advisory Health IT Policy and Standards Committees as part of a Nov. 29 online hearing on credentialing patients to assure that patients are who they say they are so they can take advantage of Web tools, according to Deven McGraw, chair of ONC’s Privacy and Security Tiger Team. The hearing was originally scheduled for last month but was changed.

To meet the requirements of Meaningful Use Stage 2, healthcare providers will need to more actively engage patients by enabling them to electronically view, download, and transmit relevant information from their electronic health records (EHRs).

This could include lab test results, a list of current medications and hospital discharge instructions. Patient engagement also includes bi-directional, secure email with patients.

“We want to make sure we facilitate electronic data access and email in a way that protects the privacy, confidentiality and security of that information,” McGraw wrote in a Nov. 8 blog. She is also director of health privacy at the Center for Democracy and Technology.

In addition to verifying the identity of a patient who is remotely accessing a health record, the panel, made up of representatives from healthcare, technology, consumer and government organizations, will explore at the meeting how to issue “digital credentials” without making it too difficult or expensive for patients.

Some patients already may have retrieved their health record online from their physician or hospital. The panel is interested in a description of how that access was granted, for example:

• Did you have to show up in person at your doctor’s office or were you able to establish the account online?

• If you were able to establish the account online, what steps did you have to go through to prove your identity?

• Once you established the account, what steps do you have to go through to access it?

• Do you believe the process for giving you access to your account will keep your information secure?

Commenters may also recommend other approaches to provide patients with secure online access to their medical information. The public may comment online at the blog or email ONC directly at [email protected].

Article written by Mary Mosquera, Senior Editor for Government Health IT

Leave a Reply

Follow GOEILLC on LinkedIn Follow GOEILLC on Twitter