Hit policy committee privacy and security tiger team
1 / 12

HIT Policy Committee Privacy and Security Tiger Team - PowerPoint PPT Presentation

  • Uploaded on

HIT Policy Committee Privacy and Security Tiger Team. Deven McGraw, Chair Paul Egerman, Co-Chair Summary of 12/9 Hearing on Patient Matching December 13, 2010. Tiger Team Members. Deven McGraw, Chair , Center for Democracy & Technology Paul Egerman, Co-Chair Dixie Baker , SAIC

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' HIT Policy Committee Privacy and Security Tiger Team' - jamil

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Hit policy committee privacy and security tiger team

HIT Policy CommitteePrivacy and Security Tiger Team

Deven McGraw, Chair

Paul Egerman, Co-Chair

Summary of 12/9 Hearing on Patient Matching

December 13, 2010

Tiger team members
Tiger Team Members

Deven McGraw, Chair, Center for Democracy & Technology

Paul Egerman, Co-Chair

Dixie Baker, SAIC

Christine Bechtel, National Partnership for Women & Families

Rachel Block, NYS Department of Health

Neil Calman, Institute for Family Health

Carol Diamond, Markle Foundation

Judy Faulkner, EPIC Systems Corp.

Leslie Francis, University of Utah; NCVHS

Gayle Harrell, Consumer Representative/Florida

John Houston, University of Pittsburgh Medical Center

David Lansky, Pacific Business Group on Health

David McCallie, Cerner Corp.

Wes Rishel, Gartner

Latanya Sweeney, Carnegie Mellon University

Micky Tripathi, Massachusetts eHealth Collaborative

Adam Greene, Office of Civil Rights

Joy Pritts, ONC

Judy Sparrow, ONC


  • Barbara Demster, Chair, HIMSS Patient Identity Integrity Workgroup & Consultant

  • Scott Whyte, Senior Director of Physician and Ambulatory IT Strategy, Catholic Healthcare West

  • Shaun Grannis, Director and Principal Investigator for the Indiana Center of Excellence in Public Health Informatics, Regenstrief Institute

  • Brad Malin, American Medical Informatics Association/AMIA

  • Garland Land, National Association for Public Health Statistics and Information Systems

  • Sara Temlitz, Data Quality Business Product Manager, Veterans Health Administration

  • Paul Oates, Senior Enterprise Architect, CIGNA(National Health Plan)

  • Dr. Scott Schumacher, Chief Scientist, IBM Software Group

  • Rich Elmore, Vice President of StrategicInitiatives, Allscripts

  • Mark Gingrich & Paul Uhrig,Surescripts

  • Ken Tarkoff, Senior Vice President/General Manager,Relay Health

  • Sean Nolan, Chief Architect and General Manager for the Health Solutions Group, Microsoft

  • Laurence Castelli, Privacy Officer, Customs & Border Protection, Department of Homeland Security

  • Timothy Boomershine, Fair Isaac/FICO (Finance)

Proposed questions
Proposed Questions

  • What level of accuracy should be established for patient matching (i.e., matching patients to their data)?

  • What standards, if any, might need to be established to assist with patient matching?

  • Are there best practices that should be recommended to assist with patient matching?

    The focus of today’s presentation will be common themes that emerged from the 12/9 hearing. We will present recommendations at a subsequent Policy Committee meeting.

False positives and negatives used in patient linking
False Positives and Negatives Used in Patient Linking

Clinical information not linked, patient has duplicate records

Clinical information assigned to the wrong patient

Common themes
Common Themes

  • Accurate patient linking has a number of benefits, including potential for improved patient outcomes, patient safety, greater efficiency, improved fraud detection, promoting data integrity, and reduced inappropriate data exposure.

Common themes cont
Common Themes (cont.)

  • Achieving greater accuracy in linking is a challenge

    • Cannot achieve perfection

    • Not just a technology problem – there is a significant human component

    • Poor data quality (both accuracy and completeness) significantly inhibits ability to accurately match

    • No one-size-fits-all solution – acceptable margins of error vary based on purposes, populations and settings

    • Data linking challenges increase as data gets further removed from the source, and when more sources of data are introduced

    • Universal identifiers could be helpful but are not a panacea

Possible areas of recommendation
Possible Areas of Recommendation

  • Broaden scope – ultimately about data quality; about consumers and not just “patients”

  • Measurement of data quality/patient identification accuracy by source organizations - create internal culture of improvement

  • Standards – such as required use of existing demographic data fields and formats, minimum set of patient demographics

  • Development and dissemination of best practices in improving data quality and matching accuracy

Possible areas of recommendation1
Possible Areas of Recommendation

  • Transparency

    • Re: algorithms

    • Re: matching rates

  • Accountability mechanisms, addressing liability concerns

  • Developing evidence base re: what works

  • Role of consumers in improving data quality

  • Propagating corrections

Applicable law universal patient identifier
Applicable Law: Universal Patient Identifier

  • 1999 Public Law 105-277 prohibited HHS from using any of its appropriated funds to promulgate or adopt any final standard providing for, or providing for the assignment of, a unique health identifier of an individual until legislation is enacted specifically approving the standard. Therefore, HHS is constrained from implementing a unique health identifier while this language is in effect.

Applicable law other
Applicable Law: Other

  • HIPAA Privacy Rule – Minimum Necessary Standard

    • Requires evaluation of practices and safeguards to limit unnecessary or inappropriate access to and disclosure of PHI

  • HIPAA Privacy and Security Rules

    • Include a generic provision of assuring the right data is associated with the right person