With the increasing use of health information technology and electronic health records, health care provider’s share and access health information using their computers. There are multiple ways a provider can share patient information with another entity. One way is to provide data from one EMR in a portable format that the patient can take to another provider, which is then uploaded into the second provider’s EMR. Another way is to exchange patient data through the electronic Health Information Exchange (eHIE). Health information exchange (HIE) is a third-party organization that helps route information among various participating providers. In some HIEs, a provider can request information about a particular patient from all the provider participants’ patient database, and if any participating provider has any information about that specific patient, it will be relayed to another participating provider.
As eHIEs increase, patients must be made aware of these entities and their trust in HIEs must be ensured. This brings us to a question of the patient’s agreement to share his/her information from one participating provider to the other. The patient should now be asked to make a “consent decision.” This consent decision concerns the sharing and accessing of the patient’s health information through an HIE for treatment, payment, and health care operations purposes. When patients are asked to make consent decisions, the providers, HIEs, and other health IT implementers need to help patients make the consent decisions meaningful.
A Meaningful Consent
Consent is meant to be meaningful when you make sure that the patient considers the key parts – Patient education and engagement, Technology, and Law & policy while making their decision.
Patient Education and Engagement
This involves educating patients about their rights in the consent process – what options they have, what they are consenting to, who may see their information and what the significance of their consent choice is.
This component is a particularly important and evolving one. It involves utilizing technology that can provide proper security for sensitive health information and the option to limit access to particular health information per patient’s wish. Patients need to be made aware of the existence of such technology to ensure that their consent decisions are properly captured and maintained such that the sensitive portions of patient information remain restricted from access and these restrictions are properly communicated electronically with others.
Law and Policy
This component involves assurance to patients that the entity obtaining consent is following federal and state law that govern protection of the individuals’ health information and that their policies are in alignment with HIPAA and Privacy Laws whichever is more stringent.
Finally, consent should not be a “check-the-box” exercise. Meaningful consent is said to occur when patients understand their rights, risks and benefits, and make informed decisions, and where the choice is properly recorded and maintained.
Reference: HealthIT.gov (http://www.healthit.gov/providers-professionals/patient-consent-electronic-health-information-exchange/meaningful-consent-overview)