HIE+Policy+Implications+-+Query+Health

include component="page" wikiName="siframework" page="Query Health Header" =HIE Policy Implication Discussion=

This page will capture thoughts and details on HIE policy implications, and will serve as supplementary material for the Operations Working Group review of the Query Health Technical Approach.

Initial language has been provided by Scott Weinstein as follows:

There has to be accountability both to the provider and the HIE if the HIE is the query source. The provider should always know what the information shared with the HIE should be used for and have the opportunity to tell the HIE not to make their data available for certain queries. Here’s language about governance in the transmittal letter that I also think comes into play here:


 * As noted above, the permitted uses of Query Health results and prohibitions against re-identification should be set forth in the data use agreement, but as Query Health scales beyond the pilot phase, ONC should consider the need for a governance structure that can enforce compliance with data use agreements and other policies. ONC should also use the experience of the pilots to help inform the type of governance that may be needed for oversight of Query Health in the future.

Relevant HITPC Language on HIE Policy Implications
The following language has been suggested by Alice Leiter as being relevant to this discussion:


 * ONC Policy #1:**

Disclosing Entity (data holder): Whether or not to run a particular query, and to release any results, will be under the control of the disclosing entity/data holder.


 * Policy Committee Recommendation:**

The Policy Committee endorses this policy. It is consistent with the core value that patients trust their providers with respect to the privacy and security of health information; it is also consistent with our most recent recommendations on secondary uses of EHR data, which called for provider entities to be accountable for all access, use and disclosure of health information from their EHRs, including for secondary purposes.

Open Questions for Working Group Review

 * 1) Do we want HIEs to be accountable for use/disclosure of health info in the event they are a query source, or do we want the original provider/collector to retain this accountability due to relationship with the patient?)

include component="page" wikiName="siframework" page="space.template.inc_contentleft_end"