Ensuring confidentiality key in integration
Ensuring confidentiality key in integration
Restricted access, audit trails established
When it comes to sharing medical information about millions of people across the wide expanse of an integrated delivery system, ensuring confidentiality is at the top of everyone’s list of concerns, says Barbara Wegner, CHAM, regional director of access services for Providence Health System in Portland, OR.
"Briefly, our goal is to give employees of the health system only the information they need to do their job," Wegner says. "We want them to have access to the [records of] patients who are theirs and nothing else."
Discouraging browsers
As a deterrent when access can’t be completely restricted, Providence is developing a message that will appear on screen when employees go outside the purview of their jobs to look for information. "It would say something like, It’s being recorded that you’re accessing this information,’ and [would give the name of] the person who may know you’re doing it." Such a device might prevent, for example, a physician who knows his neighbor is in the hospital for treatment from indulging his curiosity about the reason, Wegner says.
For the past two years, a multidisciplinary group made up of representatives from throughout the health system has been working on a statement of its position on patient confidentiality, says Joan Sifferle, MBA, CCHRA(c), regional director of medical records and a key player in the process. "We wanted to hammer out at the beginning the principles that will guide us, and they really arise from a patient’s right to privacy."
The team has worked closely with the information services department to make sure its systems have the necessary safeguards, Sifferle says. And if it’s not possible to restrict access to just the clinicians involved in the patient’s care, "an audit trail is created and monitored, and there is feedback and disciplinary action."
Team members have tried hard to foster trust among the divisions sharing data, she says, by meeting one-on-one with physicians and their operations managers.
"We’re starting small, with demographic and insurance information, and leaving the door open to [transferring] clinical data when it’s right for the patient," Sifferle adds. "Each step is assessed and treated with respect."
The procedure has been to identify the data elements that are most needed, and then to work with physicians in as small a group as necessary to share that data, she says. "I wouldn’t think we would ever get to the point where [data sharing] is absolutely mandatory, but I would hope that physicians would see that it’s a valid goal when you look at the benefits to the patient."
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.