Home » Dr. Jayne » Currently Reading:

Curbside Consult with Dr. Jayne 11/21/11

November 21, 2011 Dr. Jayne 4 Comments

As the newest member of the HIStalk team, I’m continually amazed at how Mr. H and Inga keep up with the constant barrage of press releases, announcements, news, information, and gossip that circulates around everything related to health information technology. I try not to feel bad when I realize an interesting tidbit has slipped past. Hopefully at HIMSS I can meet with Inga for a mind-meld to learn how she does it (and also to absorb some of her sartorial style.)

The issue at hand is relatively small potatoes in the overall federal funding bonanza – a $1.24 million contract awarded by ONC to APP Design, Inc. The goal of this contract is to help patients better understand choices regarding sharing of health data.

Specifying, building, and deploying a health information exchange have been a major part of my career for nearly half a decade. As a physician, the concept of HIE solves a myriad of problems. Consult letters don’t get lost in the mail; labs don’t wind up being double-ordered because the results aren’t in the chart; and medical misadventures can be prevented through timely sharing of pertinent clinical data.


As those of you who have been down this road know, it’s often unpaved and riddled with pot holes, poor lane markings, and uneven shoulders. For many of us, the road trip has been halted by the barrel monster called “Consent.” This is ironic because our patients think that simply by virtue of the fact that we’re documenting using computers, that all their providers are already fully sharing patient information. I’ve had patients yell at me in the exam room because I don’t have a particular piece of data on my screen.

As long as data sharing is within a physician group (especially if they are all under the same tax ID and within a single state) it seems relatively uncomplicated. But add non-employed physicians, independent providers, multiple health systems, and (heaven forbid) multiple states and you have a real mess on your hands.

When we sought to add providers outside our large employed physician group, the recommended consent language created by outside counsel was over five pages long and was totally unintelligible to the average person. Remember all those carefully crafted patient education handouts that have to be at the fifth-grade reading level so that patients can hopefully understand them? Think again. I have multiple graduate degrees and couldn’t follow this one.

Days of revising turned to weeks and then months as we struggled to get the consent document to even a single page. What felt like years of my life were sucked away on endless conference calls with our in-house attorneys and outside counsel. I jokingly proposed the following:

Check one below:

a) I want my physicians to share all information available so they can treat me the best way possible

b) I don’t want my physicians to share information and am aware this could possibly hurt or maybe even kill me

c) I don’t want to share my information because I am a drug seeker and am afraid you will no longer treat me if you find out

Not surprisingly, the attorneys didn’t find it funny. Most of my physician colleagues however found it hilarious.

Regardless, I’m looking forward to the outcomes of this exercise. The E-Consent trial being funded by ONC has several goals, including finding new ways to educate patients about data sharing as well as finding ways to move from paper consent to electronic consent.

The trial will take place at four sites in western New York that use the HEALTHeLINK exchange system. APP Design plans to create a new user interface to inform patients about data sharing and their choices, and also to document the patient’s permission. Looking at the timeline for deliverables, by now the project kickoff meeting should have occurred as well as creation of the project approach and work plan. APP Design will have 48 weeks to deploy a pilot, then an additional 32 weeks to evaluate patient understanding and satisfaction. Biweekly status meetings with ONC and monthly progress and financial reports will occur throughout the project.

Let’s hope they do well and avoid the potholes. May the construction barrels steer them to smooth pavement, slow gradual turns, and well-lighted parking.


E-mail Dr. Jayne.

HIStalk Featured Sponsors


Currently there are "4 comments" on this Article:

  1. In NYS, how are you handling the fact that adolescents have privacy rights (i.e., the right to keep their visits private from their parents), yet the insurance lobby has mandated that the covered party always has the right to know all of the clinical details on their EOB. Two reasonable positions, of course, but NYS has both laws on the books and you can’t do both…

  2. Tommy, doesn’t that NYS teen privacy law just apply to a few things (STDs, etc.)? Also, I’m not sure how this is relevant to an HIE, where we are talking about provider-to-provider data exchange, not provider-to-patient.

  3. Jonathan H:

    I believe – but could be wrong – that the privacy extends to the breadth of the chart (otherwise, you have that age-old dilemma of revealing information by indicating that there are things you can’t reveal), but it doesn’t matter, either way.

    Why? Because the examples of real issues are fine with just lab tests (not even diagnoses) needing to be confidential Most people look at confidentiality as being an issue about hiding information about the patient from staff or “commercial” third parties. Very, very few public registries that I’ve worked with actually consider the nature of child privacy.

    So, does Dr. Jayne’s HIE even recognize the different “levels” of privacy required in a pediatric setting (just an example)? As much as I recognize the stance behind her humorous 1-2-3 examples she gives above, will the HIE know to mark an adolescent STD or pregnancy test as confidential FROM THE PARENTS? Will it know that just because the Dad shows up at a related clinic, he doesn’t necessarily have access to a kid’s record, ANY part of it? [insert very real divorce dramas here]

    Heck, I went to an MGMA talk which featured speakers from, I believe, the HIE in question a few weeks ago (it’s in upstate NY). Boy, the room got a laugh when they suggested that their lives would be a lot easier if they could just get rid of confidentiality issues.

    Instead, do you know what most pediatricians do in NYS when they have to do pregnancy or STD tests on kids? They EAT THE COST. They can’t bill for it, because if they do, they can’t keep the chart confidential…which they are also required to do. So it’s all off the books. A nice unintended consequence.

    My point in all this rambling – an HIE had better be diligent in considering its privacy issues because they DO stand to put patients at risk and, even more likely, the doctors will be paying for things that they weren’t expecting to. Surprise!

  4. It is always difficult to balance patients’ real concerns about privacy with reasonable methods to manage consents. Developing an approach that is not dependent on individual providers managing stacks of legal papers seems to be a priority, if patient consent is going to work.

    At MITRE (a non-profit Federally Funded Research and Development Center (FFRDC)) we have worked for two years on a demonstration of a patient centric distributed cloud model for consent management. A detailed overview of our approach and prototype system’s capabilities is available at http://sourceforge.net/projects/kaironconsents/files/docs/Nationwide%20Patient-Centric%20Consent%20Mgmt.docx/download.

    Our aim is to advance the field – we’re happy to discuss all our ideas, are writing papers as fast as we can, and our software is available for free (open source but unsupported).

    We are patient centric in 3 ways: patients get to choose their release policy, to choose the constructs for expressing it (not just among a provider’s options), and to have all their Consent information at one easily edited place, accessible over the Web. We discuss the tradeoffs involved in such choices, for patients, providers, and government.

    Because the consent is in one place, and (preferably) uses generalized conditions (e.g., “ I consent to share data with individuals I [or my specified PCP] have specified as treating me”), patients can accumulate rules gradually, instead of starting from scratch at each provider. We provide a means to generate executable rules, where possible – simple ones explained by a user interface. It’s not acceptable for either the patient or the physician to need lawyers to decide what’s allowable (except perhaps on the precise definition of protected categories). We provide a means to incorporate government rules – both defaults (e.g., Opt-out) and mandates (e.g., public health).

    The architecture is very modular, and designed to be useful even today, and more useful as standards and automation progress.

    We understand that some attorneys may not be comfortable with allowing the patients to specify rules in their own way. Policy and regulations may have to change to accommodate this approach. However, it relieves a great deal of the burden for both patients and providers, making the patient’s wishes available immediately upon a request for the record without requiring the providers to manage consent on their own. We think that if health information exchange is really going to provide any sort of privacy protection, then some sort of patient-managed consent specification repository will be necessary.

    We would be happy to discuss these ideas. Contact Arnie@mitre.org

Text Ads


  1. Upvote for Living Colour. And I had lost track of them too, after their initial breakout success. "Cult of Personality"…

  2. The part that Gurley totally missed, and I as many others lived thru it, was that in the early 2000's…

  3. Does use of the "cloud" infrastructure mean that Oracle's newly transformative platform will be vaporware like many of Cerner's previously…

  4. To Code Spewer (above): 100% agree re CASE tool hype/hope, and long known - sadly ignored by IT - reality…

  5. Four points - 1. Is an "Epic" possible in today's regulatory world? 2. How many EHRs were there in 2009?…

Founding Sponsors


Platinum Sponsors















































Gold Sponsors