E-Health System and EHR. Health and Wellness Atlantic Access and Privacy Workshop June 27-28, 2005

Similar documents
Building a healthy legacy together. Presentation by Shelley Lipon, Executive Regional Director, Canada Health Infoway to ICTAM October 28, 2009

Data Sharing Consent/Privacy Practice Summary

the BE Technical Report

Health Information Exchange 101. Your Introduction to HIE and It s Relevance to Senior Living

Ontario s Digital Health Assets CCO Response. October 2016

Continuity of Care Maturity Model Going Beyond EMRAM

TELUS health space. September 10, Luc Sirois Corinne Campney

Three Year Business Plan

Privacy and EHR Information Flows in Canada

Current and future standardization issues in the e Health domain: Achieving interoperability. Executive Summary

POPULATION DATA BC. Privacy in Health Research. Caitlin Pencarrick Hertzman Population Data BC University of British Columbia CFRI, April 2012

Memorial Hermann Information Exchange. MHiE POLICIES & PROCEDURES MANUAL

Health Technology Review Business Case Template

1. What are the requirements for Stage 1 of the HITECH Act for CPOE to qualify for incentive payments?

IVAN FRANKO HOME Пансіон Ім. Івана Франка

Ambulatory Interoperability - Proposed Final Criteria - Feb Either HL7 v2.4 or HL7 v2.5.1, LOINC

Pennsylvania Patient and Provider Network (P3N)

Presentation to the Federal, Provincial and Territorial (FPT) Deputy Ministers of Health Meeting

Health. Business Plan to Accountability Statement

THE FUTURE OF HEALTHCARE TECHNOLOGY CareTech Solutions

CIO Legislative Brief

The Continuity of Care Maturity Model (CCMM) John Rayner Regional Director HIMSS Analytics

Chapter 9 Legal Aspects of Health Information Management

June 25, Barriers exist to widespread interoperability

Practice Manual 2009 A S TAT E W I D E P R I M A R Y C A R E P A R T N E R S H I P S I N I T I AT I V E. Service coordination publications

2011 Measures 2013 Objectives Goal is to guide and support care processes and care coordination

St George Private Radiology

Definition of Meaningful Use of Certified EHR Technology for Hospitals Approved by the HIMSS Board of Directors April 24, 2009

appendix a: freedom of information and protection of privacy fact sheet

CONNECTIVITY IN THE COMMUNITY

HL7 capabilities for working with GS1

Department of Defense INSTRUCTION

pic National Prescription Drug Utilization Information System Database Privacy Impact Assessment

HT 2500D Health Information Technology Practicum

Policies Targeting Payer Harmonization: The Provider Perspective

Chapter Three: Direct Care Functions

Healthy Kids Connecticut. Insuring All The Children

Request for Information NJ Health Information Network. State of New Jersey. New Jersey HIT Coordinators Office. Request for Information

MINISTRY OF HEALTH AND LONG-TERM CARE

Health Information Exchange and Telehealth: Opportunities for Integration!

Component Description Unit Topics 1. Introduction to Healthcare and Public Health in the U.S. 2. The Culture of Healthcare

CMS-0044-P; Proposed Rule: Medicare and Medicaid Programs; Electronic Health Record Incentive Program Stage 2

Inaugural Barbara Starfield Memorial Lecture

Manage Resources to Deliver Optimal Care

Accountability Framework and Organizational Requirements

Challenging Behaviour Program Manual

Nova Scotia College of Pharmacists. Standards of Practice. Prescribing Drugs

Foundational Informatics: INFORMATICS COMPETENCIES

Wolf EMR. Enhanced Patient Care with Electronic Medical Record.

AUTHORIZATION FOR INDIRECT COLLECTION OF PERSONAL INFORMATION. Ministry of Health & Ministry Responsible for Seniors

Massachusetts Department of Public Health. Privacy of Health Data

Helping physicians care for patients Aider les médecins à prendre soin des patients

Frequently Asked Questions. Inofile FAQs

An Information Strategy for the modern NHS and relevance to the health system context of the Russian Federation

The Initiate EMPI Proposition

ConnectingGTA Overview. April 29, 2014

PRIVACY AND ANTI-SPAM CODE FOR OUR ORGANIZATION

COMMISSION OF THE EUROPEAN COMMUNITIES COMMUNICATION FROM THE COMMISSION TO THE COUNCIL AND THE EUROPEAN PARLIAMENT

Farm Data Code of Practice Version 1.1. For organisations involved in collecting, storing, and sharing primary production data in New Zealand

ACCF Diabetes Collaborative Registry Program Requirements v1.2 Posted on 9/14/2015

Medicare and Medicaid Programs: Electronic Health Record Incentive Program -- Stage 3 and Modifications to Meaningful Use in 2015 through 2017

CENTRAL LHIN CEO REPORT CORRESPONDENCE

International Perspectives. Marjorie S. Greenberg, MA National Center for Health Statistics Centers for Disease Control and Prevention

3M Health Information Systems. 3M Clinical Risk Groups: Measuring risk, managing care

Advancing Digital Health in Canada

Information Sharing Strategy for Primary Care Home and Across the Continuum of Care

Healthcare Identifiers Service Information Guide

HIE/HIO Organizations Supporting Meaningful Use (MU) Stage 2 Goals

ALC Resource Matching & Referral Provincial Reference Model Overview. ehealth Ontario Information Session at ITAC. Thursday, March 11, 2010


How BC s Health System Matrix Project Met the Challenges of Health Data

The Future of. Health Informatics. in Hong Kong. Dr N.T. Cheung Chief Medical Informatics Officer Hong Kong Hospital Authority. Tuesday, 16 June 2009

Pharmacy Practice Management Systems: Requirements to Support NAPRA s Model Standards of Practice for Canadian Pharmacists

4. Hospital and community pharmacies

What information does Genome.One collect about you and why?

Histopathology National Quality Improvement Programme Information Governance Policy Version 3.0

The Patient Protection and Affordable Care Act Summary of Key Health Information Technology Provisions June 1, 2010

Policy Summary: Managing the Public Private Interface to Improve Access to Quality Health Care (2007)

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

Challenges for National Large Laboratories to Ensure Implementation of ELR Meaningful Use

PRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms.

Measuring Digital Maturity. John Rayner Regional Director 8 th June 2016 Amsterdam

MINISTRY OF HEALTH AND LONG-TERM CARE

Success with ICD-10: Streamlining Clinical Workflow. November 8, 2013

SNOMED CT AND 3M HDD: THE SUCCESSFUL IMPLEMENTATION STRATEGY

DENOMINATOR: All final reports for patients, regardless of age, undergoing a CT procedure

TRANSITIONS of CARE. Francis A. Komara, D.O. Michigan State University College of Osteopathic Medicine

A Study on Computerization of Medical Record at a Corporate Hospital

Benefits Evaluation Experiences at Canada Health Infoway

Proposed amendments to the Marihuana for Medical Purposes Regulations

Minnesota health care price transparency laws and rules

Alberta Health Services. Strategic Direction

Privacy Toolkit for Social Workers and Social Service Workers Guide to the Personal Health Information Protection Act, 2004 (PHIPA)

How the Government of NS and Doctors NS work together to propel IM/IT

The Role of the Federal Government in Health Care. Report Card 2013

Department of Defense INSTRUCTION

Virtua/CHOP Virtua and The Children s Hospital Of Philadelphia: An Example Case Study for Seamless Data Integration

HIE Implications in Meaningful Use Stage 1 Requirements

Technology Standards of Practice

Health Information Technology and Coordinating Care in Ohio

Transcription:

E-Health System and EHR Health and Wellness Atlantic Access and Privacy Workshop June 27-28, 2005

Agenda Overview!"

EHR Defined Electronic Health Record Sometimes confused with EMR, EPR, PHR, CPR, EHCR, ECR, DMR, CDR, CMR, ICEHR, OPOR, iehr ISO TR 20514 EHR Definition The basic generic definition for the EHR is a repository of information regarding the health status of a subject of care, in computer processable form.

ISO TR 20514: Shareable EHR The sharing of EHR information can take place at three different levels: level 1 - between different clinical disciplines or other users, all of whom may be using the same application, requiring different or ad hoc organisation of EHRs, level 2 - between different applications at a single EHR node i.e. at a particular location where the EHR is stored and maintained, and level 3 - across different EHR nodes i.e. across different EHR locations and/or different EHR systems. When level 3 sharing is achieved and the object of the EHR is to support the integrated care of patients across and between health enterprises, it is called an Integrated Care EHR (ICEHR).

ISO TR 20514 :Integrated Care EHR The Integrated Care EHR is defined as a repository of information regarding the health status of a subject of care in computer processable form, stored and transmitted securely, and accessible by multiple authorised users. It has a standardised or commonly agreed logical information model which is independent of EHR systems. Its primary purpose is the support of continuing, efficient and quality integrated health care and it contains information which is retrospective, concurrent and prospective.

ISO TR 20514: Key role of interoperability There are two main levels of shareability or interoperability of information: functional interoperability the ability of two or more systems to exchange information (so that it is human readable by the receiver), and semantic interoperability the ability for information shared by systems to be understood at the level of formally defined domain concepts (so that information is computer processable by the receiving system).

ISO TR 20514: Semantic interoperability a standardised EHR reference model, i.e. the EHR information architecture, between the sender (or sharer) and receiver of the information, standardised service interface models to provide interoperability between the EHR service and other services such as demographics, terminology, access control and security services in a comprehensive clinical information system, a standardised set of domain-specific concept models, i.e. archetypes and templates for clinical, demographic, and other domain-specific concepts, and standardised terminologies which underpin the archetypes. Note that this does not mean that there needs to be a single standardised terminology for each health domain but rather, terminologies used should be associated with controlled vocabularies.

Some Privacy Implications Extremely High Expectation of Privacy Massive Banks of Information Concerns About the Accuracy Not Seek Treatment

Extremely High Expectation of Privacy In R. v. Dyment, the Supreme Court of Canada held that a sample of blood taken by a doctor for medical purposes from a bleeding and unconscious hospital patient is intimately personal and confidential, as is other information about a patient concerning his or her medical treatment. The use for other purposes of bodily substances provided for medical purposes is a profound violation of personal autonomy that infringes on reasonable expectations of spatial, personal and informational privacy, as does the disclosure of specific medical care information without patient consent. In R. v. O Connor and R. v. Mills, the Supreme Court of Canada established that an extremely high expectation of privacy also attaches to therapeutic counselling records. Also in this category, without doubt, would be pharmaceutical records of medications issued to a person for his or her medical care. PRIVACY AND THE USA PATRIOT ACT October 2004 Information & Privacy Commissioner for British Columbia

Massive Banks of Information Advanced technologies have enabled the merging of databases into massive banks of information about identifiable individuals. This, in turn, enables data mining the application of database technology and techniques to uncover patterns and relationships in data and predict future results or behaviour. When personal information is involved, the hidden patterns and subtle relationships that data mining detects are recorded and become new personal information of the individual whose characteristics or habits are being searched and analyzed. PRIVACY AND THE USA PATRIOT ACT October 2004 Information & Privacy Commissioner for British Columbia

Concerns About the Accuracy A key characteristic of data mining is that analysis of an individual s personal information creates new, secondary, information about that person. The hidden patterns and subtle relationships that data mining detects are recorded and become personal information of the individual whose life is being scrutinized and analyzed.... data mining raises concerns about the accuracy and use of derived personal information, not to mention the individual s right of access to and correction of such information. PRIVACY AND THE USA PATRIOT ACT October 2004 Information & Privacy Commissioner for British Columbia

Not Seek Treatment Physicians and the public place high importance on the protection of personal health information. Without confidence that privacy will be maintained, patients may refrain from disclosing critical information; may be reluctant to provide their consent to use their personal health information for research purposes; may lie about their health status or may simply not seek treatment. A 1999 survey by the [Canadian Medical Association] found that 11% of the public held back information from a health care provider because they were concerned about whom it would be shared with, or for what purposes it would be used PRIVACY AND THE USA PATRIOT ACT October 2004 Information & Privacy Commissioner for British Columbia

! " ##$% & '( ) * +

, +/!-'!.-!!!-'! '

Extends personal information protection to non-government agencies and crossborder exchanges of personal information Encourages consistent personal information protection practices for all Health service providers Should simplify contract negotiations

Healthy Futures - Securing NB s Health Care System The Provincial Health Plan 2004-2005

! A single, integrated provincial health care system that is patient focused and community based, providing health services in the official language of choice at a cost New Brunswickers can afford Goals: - a sustainable health care system - improved health for New Brunswickers Strategies: - population health - access and delivery - health human resources - accountability and evidence-based decision making

! " e-health supports the Provincial Health Plan with appropriate technology e-health builds on New Brunswick s health care successes and strengths Helping New Brunswick move to a future where technology is a support to an integrated, patient focused, community-based health care system

! #" Vision: To ensure the development and implementation of a comprehensive approach to e-health within the New Brunswick health care system, with unified processes, information and technology to enhance access, delivery and monitoring Goal: For every New Brunswicker: A complete record of your health care, available to you or your care providers, whenever you need it, anywhere you need it A telehealth system that bridges distances, bringing quality health services and information right to where you live With: The appropriate use of technology to support optimized health care administration and accountability

! " Established by Department of Health and Wellness and the 8 Regional Health Authorities Steering committee Chaired by ADM and a CEO 22 members representing the Department, RHAs, GNB, NB Medical Society Mix of program people, CIOs, IT Dirs and VPs Program office Part of Information Systems Branch Program Director, 2 Architects, Analyst, PM resources

Principles Consistent with health agenda Business driven Stakeholder involvement Early majority adopter Enabling health care Standards based Respectful of privacy Borderless Driven by clinical needs Management information as a byproduct Common solutions across organizations Bilingual systems

New Brunswick s vision of the Electronic Health Record

One Patient One Record Provincial Health Plan alignment: Contributes to better access to care and services By: Improving outcomes due to decision-making enabled by complete, accurate, timely information Improving efficiencies through reduction of duplicate and manual processes, improved access to information Increasing safety through reduction in paper errors (e.g. Drug interactions) and more complete information. Increasing capacity through streamlined processes, avoidance of unnecessary hospitalization, etc.

One Patient One Record provides access to a single health record for each health services consumer (patient-centric) Regional Health Authorities Medicare Primary Care Registration Demographics Service Lab Results Encounters Epidemiology health record information is consistent, comparable (standards) accessible by authorized healthcare providers throughout New Brunswick Pharmacy Mental Health Diagnostic Imaging Patient Diagnosis Drug History Long Term Care Immunization Rehabilitation Ambulance Services Diagnostics & Therapeutics Family & Social Population & Public Health enabled by standards, technology and redefined business and patient care processes

One Patient One Record Placing the person at the heart of health information Partners Public Health Pharmacy Encounter Summaries Clinicians Lab Data Ambulance Drug Info Primary Care Clinical Documentation Secondary Care Wellness Mental Health Finance Immunization Data Addiction Data Reporting Client & Provider Registries Person Diagnostic Images & Reports Diagnosis Data Therapeutics Data Home Health Care Tertiary Care Insured Services Telehealth Health Surveillance Management Information Systems Management Information Systems Management

Evolving the Architecture Primary Care Medicare Registration Demographics Regional Health Authorities Epidemiology Lab Results Diagnostic Imaging Patient Pharmacy Population & Public Health Drug History Family & Social Immunization Rehabilitation Service Encounters Diagnosis Diagnostics & Therapeutics Mental Health Ambulance Services OPOR Vision Conceptual OPOR Architecture Long Term Care

New Brunswick OPOR Architecture 06/2004 Cross- Jurisdictional (National) Health Surveillance Information EHRS Locator Jurisdictional (Province) Point of Service Hospital Systems Electronic Health Record Electronic Health Repository Health Information Access Layer (HIAL) (Integration Infrastructure) Medicare System Public/Mental Health System Diagnostic Imaging Domain Repository Pharmacy Domain Repository Vital Stats System Client Registry (Identity Manager) Provider Registry Location Registry Community Health Centres..Other Systems OPOR Web Viewer

One Patient One Record Representative initiatives: Client registry Provider registry Diagnostic imaging archive Lab systems standardization Drug information system Hospital system interoperability

Telehealth Bridging distances by bringing quality health services and information to all New Brunswickers Representative initiatives: Telehealth Strategic Plan including: - Tele Home Care - Tele Mental Health - Self Care Telecare - Cardiac Post-op Care - Telerehabilitation

Fully Functioning Clinical Systems Full suite of clinical information systems for health care delivery in the Regions Representative initiatives: Community Health Centre software Emergency Department Management system Addiction Services system Cancer Care management Cardiac patient triage

Pan-Canadian Standards Pan-Canadian Health Information Privacy and Confidentiality Framework Canada Health Infoway pan-canadian Electronic Health Record and Health Surveillance Privacy and Security Architecture Canadian Public Sector Security Classification Guideline

Pan-Canadian Health Information Privacy and Confidentiality Framework Trust that privacy and confidentiality of personal information will be protected is critical in the health sector. Developed for FPT Conference of Deputy Ministers of Health Contains harmonized set of core provisions for the collection, use and disclosure of personal health information in both the publicly and privately funded sectors to facilitate: health care renewal, electronic health record systems and primary health care reform.

Pan-Canadian Health Information Privacy and Confidentiality Framework Developed through extensive analysis and consultation Reviewed: domestic and international approaches to protecting PHI privacy; Consulted with FPT departments, ministries, and stakeholder communities; National care provider associations; Obtained feedback from: federal, provincial and territorial privacy commissioners; experts on genetic information; and Canadians by means of a public opinion survey. Core provisions consistent with the Canadian Charter of Rights and Freedoms and PIPEDA protecting the privacy and confidentiality of personal health information enabling flow of information to support effective health care.

Canada Health Infoway: The Big Picture

Canada Health Infoway: The Big Picture CONTINUUM OF CARE

Canada Health Infoway: Privacy and Security Architecture User Identification: establishing a valid and unique identity for each EHRi user; Authentication: validating the identity of EHRi users or devices upon each system access, transaction or message Access control (privilege management and user authorisation): protecting the confidentiality and integrity of EHRi information assets by preventing unauthorised access and use. Identity protection and pseudonymisation: mechanisms for separating, to the greatest extent possible, personal information that uniquely identifies patient/persons from health information relating to treatment, diagnosis, etc. Anonymisation: ensuring that aggregated data is available for research and public health surveillance that protects the privacy of patients/persons to the greatest extent possible. Confidentiality: ensuring information is not made available or disclosed to unauthorised individuals, entities or processes. Integrity: ensuring that the contents of each EHR, transaction or message has not been altered or destroyed in an unauthorised manner. Availability: ensuring that information assets are always available in a timely and reliable manner when needed by authorised EHRi users and devices. Audit and Control: establishing accountability for transaction processing by creating a permanent record of transaction and message history.

Canadian Public Sector Security Classification Guideline Confidentiality - The information requires protection from unauthorized disclosure. Integrity - The information must be protected from unauthorized, unanticipated, or unintentional modification. This includes, but is not limited to: Authenticity A third party must be able to verify that the content of a message has not been changed in transit. Non-repudiation The origin or the receipt of a specific message must be verifiable by a third party. Accountability - A security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. Availability - The information technology resource (system or data) must be available on a timely basis to meet mission requirements or to avoid substantial losses. Availability also includes ensuring that resources are used only for intended purposes.

Canadian Public Sector Security Classification Guideline Category High Medium Low Basic Definition Could reasonably be expected to cause extremely serious personal or enterprise injury, significant financial loss in the hundreds of thousands to many millions of dollars, loss of life or public safety, social hardship and major political or economic impact Could reasonably be expected to cause serious personal or enterprise injury, loss of competitive advantage, loss of confidence in the government program, financial loss in the tens of thousands of dollars, legal action and damage to partnerships, relationships and reputation Could reasonably be expected to cause significant injury to individuals or enterprises that would result in financial losses in the hundreds to thousands, a limited impact in service level or performance, embarrassment and inconvenience Will not result in injury to individuals, governments or to private sector institutions

Questions?

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback