Obviously, managing and protecting patients’ personal health information is very important already. But with high-profile incidents highlighting questionable uses of consumer data — such as the recent Facebook scandal – patients are more aware of data privacy issues than they had been in the past, says Dr. Oleg Bess, founder and CEO of clinical data exchange company 4medica.
According to Bess, hospitals should prepare to answer four key questions about personal health information that patients, the media and regulators are likely to ask. They include:
- Who owns the patient’s medical records? While providers and EHR vendors may contend that they own patient data, it actually belongs to the patient, Bess says. What’s more, hospitals need to be sure patients should have a clear idea of what data hospitals have about them. They should also be able to access their health data regardless of where it is stored.
- What if the patient wants his or her data deleted? Unfortunately, deleting patient data may not be possible in many cases due to legal constraints. For example, CMS demands that Medicare providers retain records for a fixed period, and many states have patient record retention laws as well, Bess notes. However, if nothing else, patients should have the ability to decline having their personally-identifiable data shared with third parties other than providers and payers, he writes.
- Who is responsible for data integrity? Right now, problems with patient data accuracy are common. For example, particularly when patient matching tools like an enterprise master patient index aren’t in place, health data can end up being mangled. To this point, Bess cites a Black Book Research survey concluding that when records are transmitted between hospitals that don’t use these tools, they had just a 24% match rate. Hospital data stewards need to get on top of this problem, he says.
- Without a national patient ID in place, how should hospitals verify patient identities? In addition to existing issues regarding patient safety, emerging problems such as the growing opioid abuse epidemic would be better handled with a unique patient identifier, Bess contends. According to Bess, while the federal government may not develop unique patient IDs, commercially developed master patient index technology might offer a solution.
To better address patient matching issues, Bess recommends including historical data which goes back decades in the mix if possible. A master patient index solution should also offer enterprise scalability and real-time matching, he says.