ONC pilot simulates advanced patient privacy control over shared records

A pilot demonstration, conducted in collaboration with the Data Segmentation for Privacy effort of the Office of the National Coordinator for Health IT (ONC), has successfully demonstrated patient control over release of protected health information (PHI) during the exchange of EHRs. Pilot participants include the health IT program at The University of Texas at Austin (UT Austin), Jericho Systems Corporation and Conemaugh Health System.

The pilot simulated various scenarios in which EHRs are requested and exchanged using the eHealth Exchange (formerly known as the Nationwide Health Information Network Exchange). A centralized repository stores the patient’s consent directive (PCD) and enables granular privacy control by the healthcare consumer over his or her EMR. The simulated patient also is informed about who is requesting their medical information. Jericho Systems, with support from the U.S. Army Medical Research and Materiel Command’s Telemedicine & Advanced Technology Research Center, provides EnterSpace Exchange software to authorize requests and secure exchange of data among pilot participants.

The pilot explored 13 electronic exchange scenarios and eight types of data transactions. To test these scenarios, pilot participants performed various roles. Jericho Systems served as primary custodian of the patient’s record and provided access to the PCD repository. The UT Austin HIT Program simulated the role of a research university that requests the patient’s record and subsequently acts as the secondary custodian of the information. Conemaugh played the role of a marketing network that becomes the second requestor. Conemaugh participation is part of the Military Interoperable Digital Hospital Testbed with assistance from Northrop Grumman Information Systems.