archive-org.com » ORG » M » MARKLE.ORG

Total: 1237

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Markle Connecting for Health Collaborative Comments on the Proposed Rulemaking for Stage 2 Meaningful Use | Markle | Advancing America's Future
    Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Markle Connecting for Health Collaborative Comments on the Proposed Rulemaking for Stage 2 Meaningful Use Publication Date Monday May 7 2012 The release of two notices of proposed rulemaking on the incentive program for the Meaningful Use of electronic health record technology marks a major positive step forward in the nation s efforts to improve health and health care by putting modern information technology tools at the fingertips of medical professionals and consumers alike Markle Connecting for Health a public private collaborative applauds the U S Department of Health and Human Services for proposing an important set of regulations to improve health outcomes

    Original URL path: http://www.markle.org/publications/1769-markle-connecting-health-collaborative-comments-proposed-rulemaking-stage-2-meanin (2016-02-10)
    Open archived version from archive


  • License | Markle | Advancing America's Future
    on the exclusive rights of the copyright owner under copyright law or other applicable laws License Grant Subject to the terms and conditions of this License Licensor hereby grants You a worldwide royalty free non exclusive perpetual for the duration of the applicable copyright license to exercise the rights in the Work as stated below to reproduce the Work to incorporate the Work into one or more Collective Works and to reproduce the Work as incorporated in the Collective Works to distribute copies of or publicly display the Work including as incorporated in Collective Works The above rights may be exercised in all media and formats whether now known or hereafter devised The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats All rights not expressly granted by Licensor are hereby reserved Restrictions The license granted in Section 3 above is expressly made subject to and limited by the following restrictions You may distribute or publicly display the Work only under the terms of this License and You must include a copy of this License with every copy of the Work You distribute or publicly display You may not offer or impose any terms on the Work that alter or restrict the terms of this License or the recipients exercise of the rights granted hereunder You may not sublicense the Work You must keep intact all notices that refer to this License and to the disclaimer of warranties You may not distribute or publicly display the Work with any technological measures that control access or use of the Work in a manner inconsistent with the terms of this License Agreement The above applies to the Work as incorporated in a Collective Work but this does not require the Collective Work apart from the Work itself to be made subject to the terms of this License If You create a Collective Work upon notice from any Licensor You must to the extent practicable remove from the Collective Work any reference to such Licensor as requested You may not exercise any of the rights granted to You in Section 3 above in any manner that is primarily intended for or directed toward commercial advantage or private monetary compensation The exchange of the Work for other copyrighted works by means of digital file sharing or otherwise shall not be considered to be intended for or directed toward commercial advantage or private monetary compensation provided there is no payment of any monetary compensation in connection with the exchange of copyrighted works If You distribute or publicly display the Work or any Collective Works You must keep intact all copyright notices for the Work set forth the title of the Work and for use with documents of the Markle Common Framework provide the following language This work was originally published as part of the Connecting for Health Common Framework Resources for Implementing Private and Secure Health Information Exchange The provisions of this

    Original URL path: http://www.markle.org/health/markle-common-framework/license (2016-02-10)
    Open archived version from archive

  • Overview | Markle | Advancing America's Future
    must all be crafted in parallel with the design and deployment of the technology And the technology choices themselves must incorporate policy objectives that protect patients and our society s values The Big Picture How the Common Framework Works on a Nationwide Basis The concept underlying the Markle Connecting for Health approach is that information exchange can take place among existing and future health care networks over the Internet if all participants adhere to a small set of shared rules a Common Framework of technical and policy guidelines The Common Framework recognizes that some information exchange networks are defined regionally among trusted and well known local partners and others may be national in scope such as a network of pharmacies or based on other business relationships such as a network of cancer centers We call any network that agrees to conform to the Common Framework a sub network organization indicating that it constitutes one element of the larger network of networks scattered across the nation The Common Framework is based upon common non proprietary technical and policy standards that can work with the information systems already in place regardless of the particular hardware and software being used General adherence to this small set of critical requirements will permit rapid attainment of widespread information sharing in support of modern healthcare practice The Common Framework approach is desirable from a technical perspective because it enables the establishment of health information exchange by building on rather than replacing existing infrastructure Because it does not dictate technology choices it allows great latitude for innovation and for tailoring health information exchange networks to meet diverse needs It is desirable from a policy perspective because its design protects patients privacy Personal health information remains in the hands of those who collect it doctors hospitals labs pharmacies and others In each health information exchange network an index called a Record Locator Service lets clinicians find out where the patient information they seek is stored so that they can request it directly from its source Patients and the doctors they trust can decide with whom to share personal health information and for what purposes The key to this approach is the articulation of a small but necessary set of nationally uniform technical and policy guidelines that every organization that wants to share health information can adopt The Common Framework is the embodiment of that essential core From Principles to Practice How the Common Framework Has Evolved Markle Connecting for Health is a collaborative of more than 100 leading private and public organizations including experts in clinical medicine information technology public policy and patient privacy The collaborative is led by the Markle Foundation and funded by both Markle and the Robert Wood Johnson Foundation Its members are committed to bringing about the nationwide sharing of health information for the benefit of patients and those who treat and support them What can the Common Framework do for those interested in health information exchange The Common Framework puts forth a model of health information exchange that Protects patient privacy by allowing health information to remain under local control with the doctors and hospitals patients trust thus avoiding the need for large centralized databases or creation of a national patient ID Avoids large scale disruption and huge up front capital investments by making use of existing hardware and software This flexibility enables innovation and the ability to customize solutions to meet local needs Supports better informed decisions about key policy topics related to sharing health information Establishes trust among collaborating organizations by applying well vetted model contract language in consultation with local advisors to fit their needs The members of Markle Connecting for Health have worked together for several years to tackle some of the most intractable barriers to widespread information sharing In 2004 the collaborative issued its influential Roadmap report Achieving Electronic Connectivity in Healthcare A Preliminary Roadmap from the Nation s Public and Private Sector Healthcare Leaders available at http www markle org publications 842 achieving electronic connectivity health care summary financial incentives recommen The Roadmap defined a set of policy and implementation constraints that any architecture for health information sharing had to meet for one its design had to protect the privacy and security of personal health information The Markle Connecting for Health Steering Group identified a small number of additional constraints including the idea that any solution must build on existing infrastructure rather than requiring completely new technologies or information systems no rip and replace It also sought to define a model of health information exchange that could be demonstrated within one to three years These objectives led Markle Connecting for Health to avoid proposals that would require large scale disruption or be dependent on large up front capital investments Instead we sketched out a model of nationwide health information exchange that is decentralized can be achieved without requiring a new unique patient identifier is capable of working with any underlying hardware and software and is therefore governed by a small set of technical and policy standards called the Common Framework This theoretical model described in the Roadmap was a step forward but the Markle Connecting for Health Steering Group pressed for a demonstrable test in real world communities engaged in health information exchange In late 2004 in cooperation with local partners Markle Connecting for Health embarked on development of a three state prototype of electronic health information exchange based on the Common Framework in Mendocino County CA Indianapolis and Boston Within a year this effort successfully exchanged electronic health information both within and among the three sites The prototype is based on common open non proprietary standards and on the establishment of robust policies to protect the privacy and security of patient information Development of the prototype occurred over a period of 18 months in lockstep with the interdependent work of two Markle Connecting for Health Subcommittees one focused on Technology the other on Policy Some of the most highly regarded experts in the nation grappled with the challenges of translating the Roadmap s principles into practice They collaborated closely with experts in the three sites to both develop and document solutions to problems and the thinking behind them for the benefit of other communities working on health information exchange An important concept articulated by the Roadmap and proven in the field is that decisions about technical architecture must be guided by policy objectives not the other way around Moreover policy objectives must be considered at the beginning of any technical undertaking The Markle Connecting for Health Common Framework Resources for Health Information Exchange is the first product of these efforts It represents just the initial phase of a continuous process of discovery discussion and fieldwork Markle Connecting for Health s Policy Principles Openness and Transparency There should be a general policy of openness about developments practices and policies with respect to personal data Individuals should be able to know what information exists about them the purpose of its use who can access and use it and where it resides Purpose Specification and Minimization The purposes for which personal data are collected should be specified at the time of collection and the subsequent use should be limited to those purposes or others that are specified on each occasion of change of purpose Collection Limitation Personal health information should only be collected for specified purposes should be obtained by lawful and fair means and where possible with the knowledge or consent of the data subject Use Limitation Personal data should not be disclosed made available or otherwise used for purposes other than those specified Individual Participation and Control Individuals should control access to their personal information Individuals should be able to obtain from each entity that controls personal health data information about whether or not the entity has data relating to them Individuals should have the right to Have personal data relating to them communicated within a reasonable time at an affordable charge if any and in a form that is readily understandable Be given reasons if a request as described above is denied and to be able to challenge such denial and Challenge data relating to them and have it rectified completed or amended Data Integrity and Quality All personal data collected should be relevant to the purposes for which they are to be used and should be accurate complete and current Security Safeguards and Controls Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access destruction use modification or disclosure Accountability and Oversight Entities in control of personal health data must be held accountable for implementing these information practices Remedies Legal and financial remedies must exist to address any security breaches or privacy violations Markle Connecting for Health s Technology Principles Make It Thin Only the minimum number of rules and protocols essential to widespread exchange of health information should be specified as part of a Common Framework It is desirable to leave to the local systems those things best handled locally while specifying at a national level those things required as universal in order to allow for exchange among subordinate networks Avoid Rip and Replace Any proposed model for health information exchange must take into account the current structure of the healthcare system While some infrastructure may need to evolve the system should take advantage of what has been deployed today Similarly it should build on existing Internet capabilities using appropriate standards for ensuring secure transfer of information Separate Applications from the Network The purpose of the network is to allow authorized persons to access data as needed The purpose of applications is to display or otherwise use that data once received The network should be designed to support any and all useful types of applications and applications should be designed to take data in from the network in standard formats This allows new applications to be created and existing ones upgraded without re designing the network itself Decentralization Data stay where they are The decentralized approach leaves clinical data in the control of those providers with a direct relationship with the patient and leaves judgments about who should and should not see patient data in the hands of the patient and the physicians and institutions that are directly involved with his or her care Federation The participating members of a health network must belong to and comply with agreements of a federation Federation in this view is a response to the organizational difficulties presented by the fact of decentralization Formal federation with clear agreements builds trust that is essential to the exchange of health information Flexibility Any hardware or software can be used for health information exchange as long as it conforms to a Common Framework of essential requirements The network should support variation and innovation in response to local needs The network must be able to scale and evolve over time Privacy and Security All health information exchange including in support of the delivery of care and the conduct of research and public health reporting must be conducted in an environment of trust based upon conformance with appropriate requirements for patient privacy security confidentiality integrity audit and informed consent Accuracy Accuracy in identifying both a patient and his or her records with little tolerance for error is an essential element of health information exchange There must also be feedback mechanisms to help organizations to fix or clean their data in the event that errors are discovered Components of the Common Framework These technology and policy principles guided the specific practical decisions about the architecture specifications and policies that support private and secure sharing of health information across the nation From these Markle Connecting for Health has developed a skeletal framework of technology and policy guides at this early stage we have only put flesh on a few of the bones With regard to policy guides The Markle Connecting for Health Policy Subcommittee developed a list of significant topics based on its members experience with early information exchange networks and their own expertise in law health privacy health care delivery administration and technology The Subcommittee developed recommended policies in each area of significant concern The Subcommittee s work assumes underlying compliance with both HIPAA and existing state laws its work looked at health information exchange in the context of this already existing structure for protecting health privacy As with the technical work the Policy Subcommittee s work is in no way comprehensive In many areas the Subcommittee recognized the need for further policy development but felt it important to establish a foundational consensus on key principles before tackling more complex issues in other areas the Subcommittee simply did not have time to conduct the necessary research and build consensus The development of necessary policies will need to continue alongside the evolution of technical work With regard to technical guides We have provided documentation for the Record Locator Service and the Inter SNO sub network organization Bridge the only novel pieces of infrastructure we propose The Record Locator Service forms the basis of a decentralized model and describes the architectural elements needed for sharing information within communities The Inter SNO Bridge provides the architecture for sharing information among communities or sub networks We have documented clinical data exchange for two use cases only retrieving a patient s medication history and retrieving a patient s laboratory results Other use cases and guides will continue to stress test and evolve the model and will need to be developed and published in the future With regard to model contractual language We have distinguished those issues which need to be addressed uniformly across all health information exchanges from those that can be evaluated and implemented according to local preference Markle Connecting for Health has developed a Model Contract for Health Information Exchange that offers a business framework for leveraging national standards while accommodating local needs Policy Guides How Information is Protected The Architecture for Privacy in a Networked Health Information Environment A foundational policy architecture for privacy and health information technology in a networked environment based on nine principles The Markle Connecting for Health approach dictates that these nine principles be balanced together and considered as part of one package elevating certain principles over others will weaken any overall architectural solution to privacy protection in a networked health information environment Model Privacy Policies and Procedures for Health Information Exchange Model privacy policies designed as a starting point for those working to establish sub network organizations that will utilize a Record Locator Service The policies establish baseline privacy protections designed to apply to all individuals receiving care from an institution participating in a SNO The model policies and procedures are intended to accompany and complement the Model Contract for Health Information Exchange Issues addressed in the document include inter alia policies regarding acceptable uses and disclosures of individual health care information ensuring individual participation in and control of their health information and how to handle individual health information that may be subject to special protections Notification and Consent When Using a Record Locator Service Recommended policies for what an institution or provider participating in the Record Locator Service should be required to do to inform patients and give them the ability to decide not to be listed in the index consistent with the privacy principles articulated in The Markle Connecting for Health Architecture for Privacy in a Networked Health Information Environment Correctly Matching Patients with Their Records A review of methods for optimizing the likelihood of finding as many of a patient s records as possible through the Record Locator Service while minimizing false matches False matches in which records associated with one patient are erroneously linked to another patient can result in incidental disclosures of information which compromise patient privacy The policies addressed also include whether and how such incidental disclosures should be handled under the Markle Connecting for Health Common Framework Authentication of System Users Recommended approaches for sub network organization SNO participants to establish user identity for the purpose of access to health information sharing networks Patients Access to Their Own Health Information The discussion includes a review of the state of the current law on individuals access to their own health care information and then makes recommendations regarding such policies in the context of a Record Locator Service and a health information sharing environment Auditing Access to and Use of a Health Information Exchange The advantages and disadvantages of audit logs some criteria for successful audit logs and issues that sub network organizations should consider in implementing successful audit systems Breaches of Confidential Health Information Recommended policies for addressing breaches in confidentiality of personal health information Technical Guides How Information is Exchanged The Common Framework Technical Issues and Requirements for Implementation A high level description of the technical philosophy embodied in the Markle Connecting for Health prototype This document discusses the basic design principles adopted by Markle Connecting for Health the technical constraints governing the work what subsequent choices were made and why those choices were made Health Information Exchange Architecture Implementation Guide The core technical document governing the message standards required for exchange of Common Framework compliant messages between participating entities within a sub network organizations SNO and exchange of messages between entities in different SNOs This document covers the design of the standard messages used in network communication as well as the operation names used to invoke the required services and the design of the Patient Identification segment used in queries for patient data In addition access to the technical code and test servers created for the prototype is available through www connectingforhealth org In order to make the basic workings of the prototype visible we have provided the source code related files and test servers developed in each of the three Markle Connecting for Health prototype sites Markle Connecting for Health in collaboration with the participating sites has left the test servers available for those who would like to experiment with formatting valid queries and parsing

    Original URL path: http://www.markle.org/health/markle-common-framework/connecting-professionals/overview (2016-02-10)
    Open archived version from archive

  • Policy Guides: Markle Common Framework for Private and Secure Health Information Exchange | Markle | Advancing America's Future
    11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Policy Guides Markle Common Framework for Private and Secure Health Information Exchange P1 The Architecture for Privacy in a Networked Health Information Environment The document provides background on the issues at stake explains the current status of health privacy considers new challenges and opportunities and offers some solutions for a comprehensive response to those challenges P2 Model Privacy Policies and Procedures for Health Information Exchange The goal of these policies is to provide a framework for protecting health information while simultaneously permitting use of the information that is both productive and meaningful P3 Notification and Consent When Using a Record Locator Service The Markle Connecting for Health Policy Subcommittee proposes and emphasizes the need for a systematic and architectural approach to these issues P4 Correctly Matching Patients with Their Records There is a risk from false positives matches with records that do not pertain to the subject patient but are wrongly returned in a search False positive matches carry two forms of risk privacy risk and clinical risk P5 Authentication of System Users Every sub network organization will need to define particular policies related to these issues which must take into account both the basic requirements laid out here and the local conditions among the SNO s members P6 Patients Access to Their Own Health Information A central principle of privacy policy is to provide people with access to their own information so that they may make informed choices about who should get their information under what circumstances and be made aware of errors that the records may contain P7 Auditing Access to and Use of a Health Information Exchange Effective logging and audit practices are essential safeguards as electronic protected health information is shared at the regional and national levels and can assure participating institutions that there is compliance with legal requirements P8 Breaches of Confidential Health Information This

    Original URL path: http://www.markle.org/node/2312 (2016-02-10)
    Open archived version from archive

  • Technology Guides: Markle Common Framework for Private and Secure Health Information Exchange | Markle | Advancing America's Future
    Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Technology Guides Markle Common Framework for Private and Secure Health Information Exchange T1 The Common Framework Technical Issues and Requirements for Implementation This document is an overview of the technical philosophy and decisions behind Markle Connecting for Health s Common Framework and to the policy issues related to those technical requirements T2 Health Information Exchange Architecture Implementation Guide This document specifies a technical architecture designed by Markle Connecting for Health for communication of protected health information between sub network organizations SNOs on a Nationwide Health Information Network NHIN T3 Medication History Standards The Medication History schema we used was derived from the National Council for Prescription Drug Programs NCPDP1 SCRIPT specification version 8 1 as described by RxHub T4 Laboratory Results Standards The Laboratory Results schema we used was derived from the ELINCS v2 0 draft specification created by the California Healthcare Foundation T5 Background Issues on Data Quality Data quality concerns

    Original URL path: http://www.markle.org/node/2327 (2016-02-10)
    Open archived version from archive

  • Model Contractual Language: Markle Common Framework for Private and Secure Health Information Exchange | Markle | Advancing America's Future
    Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Model Contractual Language Markle Common Framework for Private and Secure Health Information Exchange M1 Key Topics in a Model Contract for Health Information Exchange This document describes the issues addressed by the Model Contract for Health Information Exchange M2 A Model Contract for Health Information Exchange This document is a model for the organization and content of the

    Original URL path: http://www.markle.org/node/2328 (2016-02-10)
    Open archived version from archive

  • Policies in Practice: Markle Common Framework for Private and Secure Health Information Exchange | Markle | Advancing America's Future
    Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Policies in Practice Markle Common Framework for Private and Secure Health Information Exchange Key Laws and Regulations This document summarizes a survey of important federal legal and regulatory changes since release of the Markle Common Framework through January 2012 that affect the exchange of individually identifiable health care information Consent This document is meant to provide implementation context for the Individual Participation and Control principle and suggest ways for health information sharing efforts to establish their own policies and best practices on this issue including a sequence to inform consideration of consent policies Individual Access This Policies in Practice outlines the basic requirements for giving patients access to personal health information through a download capability HIE Governance This Policies in Practice resource describes how health information sharing efforts can achieve trust and interoperability through sound governance principles and mechanisms and

    Original URL path: http://www.markle.org/node/2329 (2016-02-10)
    Open archived version from archive

  • Overview | Markle | Advancing America's Future
    consensus principles based on accepted international fair information practices are presented fully in The Architecture for Privacy in a Networked Health Information Environment 4 Taken together the nine principles form a comprehensive approach to privacy the hallmark for which is that personal information be handled according to the individual s understanding and consent In brief the principles and the corresponding papers in this Framework are as follows Connecting for Health Core Principles Practice Areas of this Common Framework for Networked Personal Health Information 1 Openness and transparency Consumers should be able to know what information has been collected about them the purpose of its use who can access and use it and where it resides They should also be informed about how they may obtain access to information collected about them and how they may control who has access to it CP2 Policy Notice to Consumers 2 Purpose specification The purposes for which personal data are collected should be specified at the time of collection and the subsequent use should be limited to those purposes or others that are specified on each occasion of change of purpose CP2 Policy Notice to Consumers CP3 Consumer Consent to Collections Uses and Disclosures of Information CT4 Limitations on Identifying Information 3 Collection limitation and data minimization Personal health information should only be collected for specified purposes and should be obtained by lawful and fair means The collection and storage of personal health data should be limited to that information necessary to carry out the specified purpose Where possible consumers should have the knowledge of or provide consent for collection of their personal health information CP2 Policy Notice to Consumers CP3 Consumer Consent to Collections Uses and Disclosures of Information CT4 Limitations on Identifying Information 4 Use limitation Personal data should not be disclosed made available or otherwise used for purposes other than those specified CP2 Policy Notice to Consumers CP3 Consumer Consent to Collections Uses and Disclosures of Information CP7 Discrimination and Compelled Disclosures CT3 Immutable Audit Trails CT4 Limitations on Identifying Information 5 Individual participation and control Consumers should be able to control access to their personal information They should know who is storing what information on them and how that information is being used They should also be able to review the way their information is being used or stored CP3 Consumer Consent to Collections Uses and Disclosures of Information CP5 Notification of Misuse or Breach CP7 Discrimination and Compelled Disclosures CP8 Consumer Obtainment and Control of Information CT3 Immutable Audit Trails CT5 Portability of Information 6 Data quality and integrity All personal data collected should be relevant to the purposes for which they are to be used and should be accurate complete and up to date CP6 Dispute Resolution CP8 Consumer Obtainment and Control of Information CT2 Authentication of Consumers CT3 Immutable Audit Trails 7 Security safeguards and controls Reasonable safeguards should protect personal data against such risks as loss or unauthorized access use destruction modification or disclosure CP5 Notification of Misuse or Breach CT2 Authentication of Consumers CT4 Limitations on Identifying Information CT6 Security and Systems Requirements CT7 An Architecture for Consumer Participation 8 Accountability and oversight Entities in control of personal health information must be held accountable for implementing these principles CP4 Chain of Trust Agreements CP5 Notification of Misuse or Breach CP6 Dispute Resolution CP9 Enforcement of Policies CT3 Immutable Audit Trails 9 Remedies Remedies must exist to address security breaches or privacy violations CP5 Notification of Misuse or Breach CP6 Dispute Resolution CP9 Enforcement of Policies The general standard is that practices must not be misleading or unfair Misleading practices include misrepresentations or omissions that may contribute to a reasonable consumer s decision to use a service provide personal data or grant permissions relating to that data 5 Unfairness may occur when consumers are injured after being forced or coerced into making decisions in the marketplace that are not their own 6 Emerging consumer data streams must be based on trusted and transparent relationships without behind the curtain uses or disclosures of personal information that would catch an average consumer unawares It would be alarming for consumers as well as all legitimate network participants if consumer data streams were harnessed by shadow businesses that exploit indirect and involuntary relationships with consumers Practice Areas for Networked Personal Health Information We contend that a foundational set of practices rooted in the above principles would help sustain public confidence in consumer data streams We sought to propose a set of practices that when taken together encourage appropriate handling of personal health information The Consumer Framework for Networked Personal Health Information introduces nine policy and seven technical resources that provide a foundation for organizations doing any of the following Collecting receiving storing or using personal health information as part of a consumer data stream or PHR services Transmitting or disclosing to a third party any personal health information gathered through or derived from a consumer data stream or PHR services At this early point in the evolution of PHRs and services to support them we propose this as a voluntary framework We recommend that all organizations develop clear and public policies for each of the practice areas in this framework All practice areas must be addressed to provide adequate protections to consumers and to encourage trust across a network The framework consists of Consumer Policy CP and Consumer Technology CT papers although there is often not a firm distinction between policy and technology Indeed it is a hallmark of the Common Framework approach that decisions on policy and technology are interdependent Consumers as Network Participants Explains why consumer participation can be transformative in health care as it has been in other sectors why networked PHRs are a vital tool to empowering consumers and how policies can help guide an emerging industry CP1 Policy Overview Describes the policy landscape including how the Health Information Portability and Accountability Act HIPAA as well as state and contract laws apply to emerging consumer data

    Original URL path: http://www.markle.org/health/markle-common-framework/connecting-consumers/overview (2016-02-10)
    Open archived version from archive



  •