archive-org.com » ORG » M » MARKLE.ORG

Total: 1237

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Phyllis Albritton | Markle | Advancing America's Future
    Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Phyllis Albritton Executive Director Colorado Regional Health Information Organization past Member Markle Health Information Exchange Advisory Committee Phyllis Albritton is the former Executive Director of the Colorado Regional Health Information Organization CORHIO a non profit public private partnership created to facilitate health information exchange to improve care for all Coloradans Albritton has more than 20 years experience in health education and telecommunications policy She currently

    Original URL path: http://www.markle.org/health/experts-impact/1731-phyllis-albritton (2016-02-10)
    Open archived version from archive

  • Resources | Markle | Advancing America's Future
    have adopted a transitive trust model to trust Institution A means to trust their employees and to trust that A manages identifiers authentication and authorization well the growth of the NHIN will put that system under some strain There is considerable work being done on federated trust models where information and assertions about authentication and authorization are more fully described and communicated between parties Future work on the NHIN will need to consider this work and if it proves viable figure out how to implement it within the NHIN itself Patient Authentication and Access One core goal of the Common Framework is to make it simpler for patients to gain access to their own records We believe that the network as designed lowers the cost and raises the effectiveness of providing access to patient data however many hurdles still exist before there is widespread use of patient facing access points to clinical data A key hurdle is authentication There is no obvious way to allow a patient to authenticate their own identity outside the context of a relationship with existing care providers the hurdle this poses could potentially be overcome if there were a way to authenticate patients directly Examination of possible direct patient authentication solutions may be a valuable area of inquiry These issues are also addressed in Patients Access to Their Own Health Information part of The Markle Connecting for Health Common Framework Resources for Implementing Private and Secure Health Information Exchange Third Party Participation There is currently no mechanism for allowing entities not covered under HIPPA direct access to the NHIN Possible rationales for allowing such access would be third party data cleaning or warehousing solutions third party format translations and secure repositories acting on behalf of the patient Presently any third party connected to the system must be a sub contractor to a single entity or SNO so that the legal liability remains with that entity There may need to be a framework for allowing third party participation in a way that increases the flexibility of the network without decreasing security Multi SNO Patient Lookup There is no national interface for search in the system as envisioned This is to preserve the partitioning of clinical data so as to prevent major privacy spills However such a system also requires the requesting party to have enough information to know which remote SNO to query As the number of participating SNOs grows large this requirement could become problematic but a single national interface for lookup could be a significant risk to privacy by making fishing easier As the network grows understanding how to balance effectiveness with privacy protection in multi SNO lookups will be critical National Services The NHIN as currently envisioned has no national services separate from the ISB interfaces With the spread of National Provider Identifier numbers increased complexity of multi SNO lookups data translation requirements etc there may be some services best provisioned for the NHIN as a whole Some mechanism for providing these services probably by providing for modified ISB style interfaces will need to be designed so that these services should they be required are broadly interoperable from launch Response Time and SLAs The Common Framework Technical prototype was designed to demonstrate interoperability among diverse actors Significant optimizations remain to be performed in order to reduce the systems response time and profiling will be required before Service Level Agreements can be implemented agreements that promise for example sub 5 second response time for standard queries Metadata and Request Filtering The state of medical data is currently quite variable and there is no obvious way to suddenly and dramatically increase the quality of that data either by providing it in more structured formats or by increasing the accuracy of the fields However as the number of data sources grows clinicians could find themselves moving from a world of little to no data to seeing a flood of data Some way of pre filtering the incoming data will be required ideally by being able to specify relevant data types e g medication history radiology etc but such filtering will require relatively clean and well formatted metadata and must respect policy constraints such as the separation of demographic from clinical data in the system Understanding how to improve metadata how to integrate it in a way that respects policy constraints and how to extract value from semi structured data as it currently exists will be vital to future work on the NHIN Stemming Proliferation of Duplicate Records As we move to a world where more data is shared duplicate records will proliferate Hospital A receives and stores patient data from Lab B later when Clinic C requests data on that patient from both A and B C will get two copies of the lab data Some method of identifying and rationalizing duplicate data will need to be provided as the number of data sources and frequency of requests increases pagebreak Conclusion We began the technical work for Markle Connecting for Health in early 2004 and are very pleased to have arrived in a little over two years at a proof of concept system that demonstrates the core goal of the technical work to date It is possible to link disparate entities and regions together in a way that improves information sharing while protecting privacy and to do so using mainly existing standards across many hardware and software platforms and at relatively low cost With three different regions involved in deploying the actual hardware and software required we ve seen that standards based communications can provide secure links between different health care entities and networks and that the deployment will not require massive hardware or software upgrades will not require uniformity of hardware software or implementation strategies and can be undertaken by different groups of programmers all working to an agreed set of standards As important as this test has been however we want to emphasize the modesty of the achievement relative to the enormity of the task The actual deployment in the three regions is still early and there is insufficient usage to gauge its success While lowering the cost of implementation and working to integrate existing IT investments where possible is necessary it is not sufficient If we want nationwide adoption of interoperable health IT there is considerable additional work to be done both on extending the technical work documented here and on problems outside the technical domain such as improving incentives for interoperability and raising data quality at the point of collection We are optimistic that by taking on the issues of packing and transporting data securely among diverse sets of participants we can create an environment where it will be easier to understand the non technical problems and easier to imagine solutions for them To reach this goal however we need feedback on our efforts to date In 2006 Markle Connecting for Health will continue to host public forums for discussing the issues relevant to improving health care and we welcome any feedback you might have on this document on the technical architecture this document covers and on the related policies documented in the accompanying The Markle Connecting for Health Common Framework Resources for Implementing Private and Secure Health Information Exchange pagebreak Notes Another common acronym for this type of organization is RHIO which stands for Regional Health Care Information Organization Though a SNO is conceptually similar to a RHIO we use SNO because there are a number of national or supra regional institutions such as the VHA the CDC health plans pharmacy chains and State regulatory agencies that are not defined by regional boundaries and that need to connect with entities in more than one geographic region Unlike the regional focus of RHIO a SNO is any group of data sharing entities that agree to be bound contractually by technical and policy standards regardless of actual geographic proximity Though we chose the word entity for its obvious parallel to the definition of covered entities under HIPAA there may be entities in a SNO that are not covered under HIPAA such as data centers These entities nevertheless need to comply with the Common Framework or the entities that employ them need to agree to take on the responsibility of ensuring that compliance This is sometimes called the thin NHIN model it assumes a high degree of autonomy and control remains with today s health care information providers and that no significant new national technical organization is required to operate the NHIN as a whole Instead the existence of policies standards and connectivity allows the secure sharing of data with authorized persons nationwide without staffing new sites of central management or control The application that does the querying could be as simple as a secure web browser or as complex as an integrated medical record system The decision about which of the records to request can be done either with human intervention or by an automated process It is critical in fact that any such aggregation service not cache the clinical data it is handling so that it doesn t become a significantly attractive hacking target Uniform response to intra SNO requests for records are not required nor are they forbidden An individual SNO can as a matter of policy mandate such uniform access if it decides to do so This requirement would override the ability of individual institutions to differ in data access policies This design pattern is known as the End to End principle http web mit edu Saltzer www publications endtoend endtoend pdf There is nothing to prevent a group of SNOs for example all SNOs in a given region or state to develop independently their own inter SNO index of patients It is possible to imagine an entity in a SNO requesting data from an outside entity unaffiliated with a SNO the reverse of this transaction but such a transaction would be completely ad hoc as it involves a data holding entity ungoverned by the Common Framework http www cancerdiagnosis nci nih gov Note that patients may in some cases be considered members of a SNO if they access their data from interfaces supported by the SNO These patients are not covered by Common Framework requirements as they enjoy a different degree of control over their data than incorporated entities do During the proof of concept testing in 2005 interoperating systems used a mix of platforms and tools including the Net framework 1 1 running on Windows XP servers and Java application and Web Services servers Tomcat and Axis running on Linux Note that these requirements don t foreclose optional support of additional data types or interaction patterns They are simply minimum requirements so that new entities joining a SNO have an obvious and small set of required standards to support and so that an entity that wants to belong to more than one SNO is not caught by requirements to support multiple standards Because identity authentication and authorization services are already required by HIPAA we treat them separately below Note that there may be records held by institutions within the SNO that exist but are not listed in the RLS because of some institutional or patient preference for keeping them unlisted This is an option for entities in the SNO unless SNO wide policy overrules such a thing and is not itself overruled by another regulation such as a state wide requirement This second format assumes that the querier has some method of obtaining such a record number either because the patient has provided it or because the querier has used it in the past for the same patient One caveat is SSN if a system uses SSN for matches the RLS should never return the SSN even if the requestor supplied it because of the sensitivity of that particular field New York State Identification and Intelligence System http www nist gov dads HTML nysiis html For a fuller accounting of Markle Connecting for Health s view of national health identifiers see the Markle Connecting for Health 2005 report Linking Health Care Information Proposed Methods For Improving Care And Protecting Privacy pp 11 15 http www markle org publications 863 linking health care information proposed methods improving care and protecting priv In the case of automatic queries the individual identity should be that of the person most directly responsible for dispatching the query e g the clerk who oversees the system doing the querying This is because the goal of the identity reporting is to aid subsequent audits We do envision the possibility of third party providers offering network access to their services but these services exist at the same conceptual layer as the SNOs themselves Uniform Resource Identifier which is effectively a location insensitive version of a URL For more on URIs and URLs see http www w3 org TR uri clarification Though guaranteed uniqueness presents interesting theoretical problems in large systems it does not in small systems Therefore while we hope that someday the NHIN has enough participants to merit inclusion of one or more health care specific schemes for mandated uniqueness along the lines of the Internet s Domain Name System DNS we do not envision a system that large for 3 years at the earliest Because the NPI suffers from the same drawbacks as the SSN it is a public identifier with no accompanying authentication method the presentation of a HIPAA number must never be regarded as authenticating the requesting institution It is possible to imagine an entity in a SNO making an outbound request to an unaffiliated entity but as the recipient would not have implemented the Common Framework the question of standards and policies for such a transaction would be ad hoc The Internet s Domain Name System DNS which we have studied as an example of a distributed system grew out of the failure of such addressing schemes as the number of Internet nodes approached 1 000 Another reason for caution in this domain is that while generic federated identity systems have been under development for much of the last decade no such systems have achieved widespread use and most current multi party identity systems are industry or institution specific Because of the unique responsibilities of health care providers as stewards of data whose misuse can be both catastrophic and irremediable for the patient we have generally erred on the side of accepting less efficiency in return for more safety We also examined the use of one way hashes as ways of allowing the RLS to use SSN like accuracy in matching records without ever holding any patient s actual SSN While the work on this method is impressive the implementation overhead is large both in terms of original cost and in negative effect on speed of individual queries Like mandated on disk encryption we believe this is an area that merits further study There may be only two such cases because we have intentionally restricted our work to a well defined set of problems As the work continues we expect to encounter more of the issues that arise when a standard is required and there are one or more unfinished or impractical candidates to choose from http www w3 org Submission ws addressing http www oasis open org committees security Note that this does not presuppose the involvement of formal standards development organizations SDOs in all cases there are many examples of proposed standards that failed to get any adoption in the field as well as examples of de facto standards that were only blessed by standards bodies after the fact if at all Given Markle Connecting for Health s focus on practical implementation and incremental development we have tended to prefer de facto but unannointed standards to proposed but unadopted ones Uniqueness in this case is contextual A URL only needs to be disambiguated from another URL and email address from another email address and so on Permanence is the characteristic of an identifier being unique in time A permanent identifier once issued is never re used to refer to anything else A permanent identifier may stop being valid when the thing it points to may disappear but it will never point to anything else http www atomenabled org developers syndication Markle Connecting for Health thanks Clay Shirky Chair Technical Subcommittee and Adjunct Professor New York University Graduate Interactive Telecommunications Program for drafting this paper 2006 2012 Markle Foundation These works were originally published as part of the Markle Connecting for Health Common Framework Resources for Implementing Private and Secure Health Information Exchange They are made available free of charge but subject to the terms of a License You may make copies of these works however by copying or exercising any other rights to the works you accept and agree to be bound by the terms of the License All copies of these works must reproduce this copyright information and notice Download T1 The Common Framework Technical Issues and Requirements for Implementation P6 Collecting storing and sharing personal health information about patients is a fundamental component of health care In addition to serving as the information hub to health care providers in treating patients medical records are frequently used by a host of other health care professionals such as quality improvement organizations researchers and public health officials Patients have a vital interest in accessing sensitive information about their own health care A central principle of privacy policy is to provide people with access to their own information so that they may make informed choices about who should get their information under what circumstances and be made aware of errors that the records may contain Access to their own medical records can also empower consumers to become more engaged participants in their own health care Most consumers want access to their medical records A national survey documents that 68 percent of Americans believe that giving people the right to see and make corrections to their own medical records would be an effective way of promoting privacy and health care 1 In fact Americans interest in accessing their personal medical information has increased over the years In 2005 51 percent of Americans tried to access their medical records up from 45 percent in 1999 2 However until recently many people did not have the legal right to see copy and amend their health information held by their providers As of April 2003 the HIPAA Privacy Rule mandates that people have such rights whether their records are in paper or electronic format 3 Patients ability to effectively access their own personal health information could be significantly enhanced with the use of new technologies Although there are significant concerns about privacy that must be addressed accessing personal health information electronically could have a positive impact on how patients participate in their own care Some providers and companies have taken the lead by offering patients electronic access to their medical information The growing movement towards the development of electronic health record EHR systems should include patients as authorized users of their health information for both practical and legal purposes enabling compliance with the privacy regulation and enhancing a person s ability to make informed choices about his or her health and the use of his or her information While the Privacy Rule allows patient access to both paper and electronic records the increasing use of technology in health care fosters the potential for streamlining the process of granting patients access to their records The Privacy Rule provides a floor of protection whereby individual states can and have enforced laws that both provide stronger protections for personal health information and allow patients easier access to their medical records pagebreak The HIPAA Privacy Rule Accessing Protected Health Information In promulgating the HIPAA regulations the United States Department of Health and Human Services HHS recognized that allowing consumers access to their health information is a necessary component of a well functioning health care system Based on the principle of informed consent the Privacy Rule acknowledges that in order to have meaningful control over personal health care decisions including limitations on who can access information individuals need to have access to their own health information The Privacy Rule gives consumers rights with regard to certain health care organizations or covered entities defined as health plans health care clearinghouses and health care providers who transmit health information in electronic form in connection with specified financial and administrative transactions 4 In general protected health information under the Privacy Rule correlates with what most consumers would consider their medical record Whether or not their health information is paper based or stored electronically the Privacy Rule affords patients the right to access their medical record within 30 days of a request The Privacy Rule explicitly gives patients the right to inspect and obtain a copy of protected health information held in a designated record set by the covered entity 5 Protected health information PHI is defined as individually identifiable health information with the exception of some education and other records 6 Consumers only have a right to access PHI if and for as long as it is maintained in a designated record set which the Privacy Rule defines as a group of records maintained by or for a covered entity that is the medical records and billing records about individuals maintained by or for a covered health care provider the enrollment payment claims adjudication and case or medical management record systems maintained by or for a health plan or used in whole or in part by or for the covered entity to make decisions about individuals 7 Although the Privacy Rule grants consumers the right of access in most situations there are several specific situations in which covered entities are neither required to give consumers access to their own protected health information held in a designated record set nor required to allow the individual a review of the denial For instance individuals do not have the right to access psychotherapy notes or information compiled in reasonable anticipation of or for use in a civil criminal or administrative action or proceeding 8 On the other hand there are some circumstances when covered entities have the right to deny access but individuals also have the right to request a review of that denial For example if in the exercise of professional judgment a licensed health care professional believes that the access requested is reasonably likely to endanger the life or physical safety of the individual or another person the covered entity can then deny access 9 Also if the PHI makes reference to another person unless the other person is a health care provider and a licensed health care professional believes that the access requested is reasonably likely to cause substantial harm to such other person a covered entity can deny access to the health information 10 Again in these types of situations an individual has a right to request a review of the denial 11 The Privacy Rule outlines a basic process for individuals seeking access to their medical information and establishes guidelines to ensure covered entities provide access in a timely manner As a basic principle the Privacy Rule establishes that covered entities must allow individuals to request access to their own records the law allows covered entities to require that requests be written provided that patients are informed of this requirement 12 Otherwise patients may request access orally Within 30 days of the receipt of the request the covered entity must act on the request by providing the patient access providing a written denial of access or informing the individual of the reason for which the covered entity needs additional time but no more than 30 days to complete the request 13 The one exception is for information not maintained or accessible to the covered entity on site in this instance the covered entity may take up to 60 days to take one of the above actions 14 If the covered entity grants access it must provide the individual with the information in the format requested if possible and otherwise in a readable hard copy or another format agreed upon by both the covered entity and the individual 15 However the covered entity may provide a summary of the health information if the individual agrees in advance to the summary and to any additional fees it would produce The covered entity must arrange with the individual for a convenient time and place to inspect or obtain a copy of the protected health information or mail the copy of the protected health information at the individual s request and may charge a reasonable cost based fee if the individual requests a copy of the record but the fee can only include costs for copying postage and the development of a summary if the individual agreed to one 16 If the covered entity denies access to a patient it must deny access only to the specific information for which it has grounds to deny access In addition and within 30 days the covered entity must provide the individual with a denial written in plain language The statement must contain the basis for the denial information about the individual s review rights if applicable and how to exercise those rights as well as a description detailing pertinent names titles and contact information of how the individual may file a complaint Furthermore if the covered entity does not maintain the protected health information about the individual requested but has knowledge about where it is stored the law requires the covered entity to inform the individual about where to submit a request for access 17 If the individual requests a review of the covered entity s denial the covered entity must ensure that the review is conducted by a licensed health care professional who was not directly involved in the denial The covered entity must forward the request in a timely manner to the reviewer and the designated reviewing professional must determine within a reasonable period of time whether or not to deny access Once a decision is made the covered entity must immediately provide notice to the individual and take any necessary action 18 pagebreak The HIPAA Privacy Rule Amending Protected Health Information The Privacy Rule recognizes the importance of allowing patients the right to amend inaccurate or incomplete medical records Under the law after an individual has reviewed his or her medical records he or she may request that the covered entity amend the protected health information in the designated record set 19 However in order to protect both the integrity of the record and the patient the individual does not have the right to request that the covered entity delete any information from the record 20 Instead information is added to the record identifying and amending the pertinent information The Privacy Rule allows covered entities to require that individuals make amendment requests in writing and also provide a reason for the request as long as individuals are notified in advance of any requirements Within 60 days of receiving the request the covered entity must either make the requested amendment or deny it 21 However just as with the other access provisions the law does allow the covered entity one extension of no more than 30 days provided that it sends the individual a written statement explaining the delay and listing the expected completion date 22 If the covered entity decides to accept the amendment request the Privacy Rule requires that at a minimum it must identify the records that are affected by the amendment and either attach the amendment or provide a link to the location of the amendment The law also requires the covered entity to notify the individual that the record has been amended in a timely manner and to secure the individual s agreement allowing the covered entity to inform other relevant persons Also in a timely manner the covered entity must make reasonable efforts to notify and provide the amendment to anyone that the individual designates as having received PHI needing amendment The covered entity must also notify others including business associates which have the information and may have relied or could rely on the un amended information to the detriment of the individual 23 If a covered entity decides to deny the amendment request it must still abide by several related requirements such as using plain language and within 60 days the covered entity must provide the individual with a written denial that details both the basis for the denial and the individual s right as well as how to exercise this right to submit a written statement disagreeing with the denial If the individual submits a statement of disagreement the statement the original request the covered entity s denial and any rebuttal must be appended to the designated record set and included in any future disclosures 24 Even if the individual does not submit a statement of disagreement he or she may request and the covered entity must comply that the covered entity include the request for amendment and the denial with any future disclosures of pertinent sections of the designated record set 25 In addition the covered entity is required to append or link to the appropriate section of the designated record set as a recordkeeping function the individual s amendment request the denial of request the statement of disagreement and any rebuttal statement 26 pagebreak The HIPAA Privacy Rule Accounting for Disclosures Knowing who has had access to one s personal health information is related to having access oneself Accordingly the Privacy Rule acknowledges the importance of allowing patients the ability to see who accessed their personal health information With exceptions the Privacy Rule gives patients the right to see to whom covered entities have disclosed their personal health information for the six years prior to the date of the request 27 Upon request covered entities must provide consumers with an accounting of disclosures during the previous six years including the date of the disclosure the name of the person who received the information a brief description of the protected health information disclosed and a brief statement of the purpose of the disclosure If a covered entity has made multiple disclosures to the same person for the same purpose it may provide the above information only for the first disclosure as long as it also provides the frequency of the disclosures and the date of the last disclosure 28 Within 60 days of the request a covered entity must provide the accounting or a written statement detailing a reason for why it needs an extension of time no more than 30 days 29 The covered entity must provide an accounting of disclosures once a year without charge However if an individual requests an accounting more than once a year a reasonable cost based fee may be imposed provided that the individual was informed in advance of the fee and the covered entity also provides the individual with an opportunity to withdraw or modify the request in order to avoid the fee 30 Individuals do not have the right to accountings of certain disclosures most notably disclosures to carry out treatment payment and health care operations and disclosures to the individual actually requesting the accounting of disclosures of their own PHI 31 Furthermore a covered entity must temporarily suspend an individual s right to receive an accounting of disclosures made to a health oversight agency or law enforcement official if the agency or official provides the covered entity with a written statement illustrating that such an accounting would be reasonably likely to impede the agency s activities The written statement must also specify the time period for which such a suspension is required 32 The HIPAA Privacy Rule and State Laws In general covered entities are required to follow both the Privacy Rule and related state laws However if a Privacy Rule provision contradicts state law the Privacy Rule automatically preempts that law 33 Still there are exceptions for example a state law prevails when that law provides for the reporting of disease or injury child abuse birth or death or for the conduct of public health surveillance investigation or intervention 34 State law remains in effect in other circumstances as well such as when the Secretary of HHS determines that the state law is necessary to prevent fraud and abuse related to health care services to meet state reporting on health care delivery or costs or for the purposes of serving a need related to public health safety or welfare 35 The Privacy Rule also establishes that patients may be afforded stronger privacy safeguards at the state level The Privacy Rule expressly stipulates that when state laws are more stringent than the Privacy Rule they remain in force 36 Therefore in some states patients are granted easier access to their personal health information For example some state laws actually cap copying and postage fees for medical records institute shorter time frames for granting access or require additional accountings of disclosures State laws vary widely in terms of how they address health privacy including the right to access personal health information Whereas in some states patients will be afforded only access rights guaranteed under the Privacy Rule other states offer stronger rights of access For instance in New York patients have a right to see their protected health information within 10 days as opposed to the 30 days allowed by the Privacy Rule 37 New York caps copying charges at 75 cents per page while California establishes a fee of 25 cents per page for a regular photocopy 38 In fact many states including Illinois Missouri Georgia Arkansas New Hampshire and Nevada cap copying fees to varying degrees 39 Meanwhile states such as New York and Florida stipulate that access cannot be denied because of inability to pay 40 pagebreak The HIPAA Privacy Rule and Electronic Access to Medical Records The Administrative Simplification section of HIPAA under which the Privacy Rule is mandated was aimed at fostering the electronic exchange of health information In that section Congress called for the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information 41 The Privacy Rule and the related Security Rule42 were devised to establish a baseline of policies and practices to safeguard health information to ensure that technology would improve care without jeopardizing confidentiality As the health care industry adopts more technologically sophisticated methods of record maintenance and patient communication patients access to their own personal health information could potentially become easier and more cost efficient By guaranteeing patients access to their own health information the Privacy Rule set in place an important incentive for consumers to actively engage in health information technologies such as electronic medical record EMR systems and personal health records PHRs 43 In fact the Privacy Rule requires that covered entities provide information in the requested format if it is readily producible 44 At the same time covered entities can exercise their ability to impose reasonable fees associated with providing access to personal health information As such the preamble of the Privacy Rule points out that if in the course of providing access to a patient electronic copies are made to a computer disk any fees could include for instance the cost of the computer disk 45 It is important to note that where covered entities receive the services of vendors or business associates in the course of developing an EMR system for instance the contract must stipulate that the business associate will make protected health information available for access amendment and accounting of disclosures 46 However since the Privacy Rule only applies to covered entities some entities that have access to protected health information are not covered by the federal law For instance some private companies offering consumers PHR services are not covered by the law and therefore the federal right to

    Original URL path: http://www.markle.org/resources/rework-america/video/about-markle/event/general-markle-financial-information/health/rework-america/video/economic/commentary-rework-america-members?term_node_tid_depth=All&tid_1=All&date_filter[value]=&page=17&tid=All (2016-02-10)
    Open archived version from archive

  • Television Audience Assessment | Markle | Advancing America's Future
    Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Television Audience Assessment Publication Date Thursday January 1 1987 In this essay former Markle president Lloyd N Morrisett discussed programming viewership ratings and advertising in network television paying special attention to the work of Television Audience Assessment Morrisett wrote The landmark work of Television Audience Assessment established and funded by the Markle Foundation proved conclusively that viewers react in different ways to television programs and that their

    Original URL path: http://www.markle.org/publications/1135-television-audience-assessment (2016-02-10)
    Open archived version from archive

  • Television: America's Neglected Teacher | Markle | Advancing America's Future
    s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Television America s Neglected Teacher Publication Date Saturday January 1 1983 In this essay former Markle president Lloyd N Morrisett examined the condition of education in the United States and explored the potential of television as an educator for American youths Morrisett wrote that television transmits skills knowledge attitudes and values and when it does so systematically through a sustained effort

    Original URL path: http://www.markle.org/publications/1134-television-americas-neglected-teacher (2016-02-10)
    Open archived version from archive

  • The Twilight of Television | Markle | Advancing America's Future
    s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos The Twilight of Television Publication Date Saturday January 1 1994 In this essay former Markle president Lloyd N Morrisett discussed the development of television and computers and explored the interplay between the two media Morrisett also wrote about the development of multimedia which is the integrated use and display of visual images motion sound data graphics and text with the user

    Original URL path: http://www.markle.org/publications/1133-twilight-television (2016-02-10)
    Open archived version from archive

  • The Markle Foundation 1985 | Markle | Advancing America's Future
    Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos The Markle Foundation 1985 Publication Date Tuesday January 1 1985 In this essay former Markle president Lloyd N Morrisett discussed the evolution of communications media since 1969 when the Markle Foundation adopted its mass communications focus and the corresponding adaptations made to the program Morrisett wrote In 1985 this focus has been broadened to include both mass communications and information technologies reflecting the technical advances and widening availability of new technologies This broadening included four new areas for

    Original URL path: http://www.markle.org/publications/1132-markle-foundation-1985 (2016-02-10)
    Open archived version from archive

  • The Age of Television and the Television Age | Markle | Advancing America's Future
    News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos The Age of Television and the Television Age Publication Date Thursday January 1 1970 Twenty years into the Television Age former Markle president Lloyd N Morrisett examined the impact this medium was making on the lives of its viewers particularly its youngest viewers Morrisett wrote What needs to be asked and what is beginning to be asked by more and more people is the nature of

    Original URL path: http://www.markle.org/publications/1131-age-television-and-television-age (2016-02-10)
    Open archived version from archive

  • Sesame Street at Ten | Markle | Advancing America's Future
    Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos About Markle Page Sections About Markle A Message from Zoë Baird Our Principles Our Impact Board of Directors Senior Team Our History Quick Links Conference Space Events Markle in the News Media Releases Past Initiatives President s Letters Rework America Page Sections About Rework America A Message from Rework America Opportunity for All Our Impact Initiative Members Expert Advisors Quick Links Rework America Connected Our Book America s Moment Initiative Overview Latest News Letters to Members Member Commentary Personal Stories Rework America Library Health Page Sections About Health Our Impact Steering Group Consumer Work Group HIE Committee Quick Links Blue Button Common Framework Health IT Health Library National Security Page Sections About National Security Post 9 11 Legacy Our Impact Task Force Quick Links National Security Library Reports and Recommendations Sharing and Collaboration The Lawfare Blog Library Quick Links Our Book America s Moment Archive Media Releases Member Commentary President s Letters Videos Sesame Street at Ten Publication Date Sunday January 1 1978 In this essay former Markle president Lloyd N Morrisett examined the development and success of Sesame Street for lessons that could be applied in the development of new successful mass communications projects Morrisett wrote The story of Sesame Street has been well told in several studies but there is still reason I think to ask whether conclusions drawn from the Sesame Street experience can provide guidance for others who wish to turn the power of mass

    Original URL path: http://www.markle.org/publications/1130-sesame-street-ten (2016-02-10)
    Open archived version from archive



  •