TOC+Policy+and+Service+Analysis

include component="page" wikiName="siframework" page="TOC Header" =ToC Policies and Services Analysis=

The purpose of the ToC Policies and Services Analysis is to provide the community with guidance as to which policies and regulations they must be aware of when implementing specific aspects of transitions of care, and services that are available to help them with their endeavor. The goal is to document and model linkages to the policies and services to ensure a TOC specification is implementable for each care transition. This document is not prescriptive and as such no consensus is required.

Two key dependencies that have been looked at in developing this table are:
 * What are the specific policies and regulations specific to the care transition identified by the TOC Use Case?
 * What are the needed services for implementation of an exchange involving a care transition?

This information would need to go into the following profile documents, outlined here:
 * TOC Direct Profile (Used by Direct Project participants)
 * TOC Modular Specification Profile (Used by Exchange participants)

Policies/Regulations and Services Table
The table below, which has been revised based on participant feedback, provides guidance on which policies/regulations support the care transition, and what the required services to support the care transition are. The events are based on the Transitions of Care Final Use Case. For explanations on each of the policies/regulations and services, please see the sections below the table (e.g. meaningful use requirements).

To access the previous version of the table listed below, click here.


 * **Event Name** || **Needed Policies/Regulations to support the Care Transition** || **Optional Services to support the Care Transition** || **Auditable** ||
 * **Care Transitions - Scenario 1** ||  ||   ||   ||
 * **User Story 1** ||  ||   ||   ||
 * Send Discharge summary to PCP's EHR System or other Provider EHR System || 1- Meaningful Use Requirement ||  || Yes ||
 * || 2 - Use Case requirement ||  ||   ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive Discharge Summary || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * View Discharge Summary/Instructions || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Maybe ||
 * **User Story 2** ||  ||   ||   ||
 * Send Consult Request Clinical Summary to specialist's EHR System || 5 - Clinical Summaries for each Office Visits ||  || Yes ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive Consult Request Clinical Summary from PCP's EHR System || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * View Consult Request Clinical Summary in specialist's EHR System || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Maybe ||
 * **Case Transition Scenario 2** ||  ||   ||   ||
 * **User Story 1** ||  ||   ||   ||
 * Generate and Send: Discharge Instructions to PHR || 1- Meaningful Use Requirement ||  || Yes ||
 * || 2 - Use Case requirement ||  ||   ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive: Discharge Instructions in PHR || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Generate and Send: Discharge Summary to PHR || 1- Meaningful Use Requirement ||  || Yes ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive: Discharge Summary in PHR || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * **User Story 2** ||  ||   ||   ||
 * Generate and Send Consultation Request Summary || 5 - Clinical Summaries for each Office Visits ||  || Yes ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive: Consultation Request Summary in PHR || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Generate and Send: Clinical Summary details || 1- Meaningful Use Requirement ||  || Yes ||
 * || 2 - Use Case Requirement ||  ||   ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive: Clinical Summary in PHR || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement ||  ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||
 * Receive: Clinical Summary in PHR || 3 - Security and privacy policies procedures and practices || 1- DURSA Agreement || Yes ||
 * || 4 - Established network and policy infrastructure || 1- DURSA Agreement ||  ||

ToC Policies and Regulations
The following is a list of relevant requirements when performing a transition of care. These requirements will be used to identify the specific policies and regulations applicable to a specific transitions of care.
 * 1. Meaningful Use Requirement: **
 * (1) Electronic Copy of Health Information: Enable a user to create an electronic copy of a patient’s clinical information, including, at a minimum, diagnostic test results, problem list, medication list, and medication allergy list in: (1) Human readable format; and
 * (2) One electronic media or through some other electronic means in accordance with: (i)The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and (ii) For the following data elements the applicable standard must be used:
 * (A) Problems. The standard specified in §170.207(a)(1) or, at a minimum, the version of the standard specified in §170.207(a)(2);
 * (B) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and
 * (C) Medications. The standard specified in §170.207(d) Electronic Copy of *Discharge Instructions: Electronic copy of discharge instructions enable a user to create an electronic copy of the discharge instructions for a patient, in human readable format, at the time of discharge on electronic media or through some other electronic means.
 * 2. Use Case Requirement: **Electronic Copy of Discharge Instructions: Electronic copy of discharge instructions. Enable a user to create an electronic copy of the discharge instructions for a patient, in human readable format, at the time of discharge on electronic media or through some other electronic means.


 * 3. Security and privacy policies, procedures and practices** are commonly implemented to support acceptable levels of patient privacy and security; i.e. HIPAA, HITECH and EHR certification criteria.


 * 4. Established network and policy infrastructure** to enable consistent, appropriate, and accurate information exchange across clinician systems, data repositories and locator services. This includes, but is not limited to:
 * Methods to identify and authenticate users;
 * Methods to identify and determine providers of care;
 * Methods to enforce data access authorization policies;

Clinical summaries enable a user to provide clinical summaries to patients for each office visit that include, at a minimum, diagnostic test results, problem list, medication list, and medication allergy list. If the clinical summary is provided electronically it must be:
 * 5. Clinical Summaries for each Office Visit:**
 * (1) Provided in human readable format; and
 * (2) Provided on electronic media or through some other electronic means in accordance with: (i) The standard (and applicable implementation specifications) specified in §170.205(a)(1) or §170.205(a)(2); and (ii) For the following data elements the applicable standard must be used:
 * (1) Problems. The standard specified in §170.207(a) (1) or, at a minimum, the version of the standard specified in §170.207(a) (2);
 * (2) Laboratory test results. At a minimum, the version of the standard specified in §170.207(c); and
 * (3) Medications. The standard specified in §170.207(d).

ToC Services
The following is a list of relevant services which address the policies and regulations when performing a transition of care.


 * NwHIN Exchange DURSA Agreement** is a multi-party agreement, a single agreement that establishes the rules of engagement and obligations to which all participants agree and that all participants sign as a condition of joining the community. All participants must sign the DURSA to exchange health information with each other via the NwHIN. The DURSA is based upon an existing body of law (Federal, state, local) and the current policy framework. The agreement, while articulated as a contract, underscores a framework for broad-based information exchange among a set of trusted entities.

The agreement reflects consensus of state-level, federal and private entities on the following policies:
 * Multi-Party Agreement
 * Participants in Production
 * Privacy and Security Obligations
 * Requests for Information Based on Permitted Purposes
 * Duty to Respond
 * Future Use of Data Received Through the NwHIN
 * Duties of Requesting and Responding Participants
 * Autonomy principle for access
 * Responding Participant’s Legal requirements
 * Authorizations
 * Participant Breach Notification
 * Mandatory Non-Binding Dispute Resolution
 * Allocation of Liability Risk


 * Who Developed the DURSA?** The DURSA was developed by the NwHIN Cooperative, including private and governmental entities. This agreement is a contract deliverable for NwHIN option year contracts and grants.

Reference Material
ONC initiatives, OCR-ONC statements summarizing the work to date and indicating future work exchange as well as relevant white papers || 8-10-2011 || ONC ||
 * **Document Name** || **Download** || **Description** || **Date** || **Owner** ||
 * TOC Deployment Models || Access the page through the wiki, TOC Deployment Models || The Deployment Model discussion may be useful in the development of the ToC Policies and Services work. This artifact will not be a deliverable to the RI Team. || 7-21-2011 || Participants ||
 * NwHIN Exchange DURSA || [|NwHIN DURSA] || The DURSA is a multi-party agreement, a single agreement that establishes the rules of engagement and obligations to which all NwHIN Participants agree and that all participants sign as a condition of joining the community. All participants must sign the DURSA to exchange health information with each other via the NwHIN. The DURSA is based upon an existing body of law (Federal, state, local) and the current policy framework. The agreement, while articulated as a contract, underscores a framework for broad based information exchange among a set of trusted entities. The agreement reflects consensus of state-level, federal and private entities on policies. || 8-10-2011 || NHIN ||
 * EHR & Meaningful Use || Access the website [|here] || Provides an overview on the benefits of EHR for providers and patients as well as the positive impacts of EHR on care. Additionally, reference documents and links are included on the legislation and policies stemming from HITECH, EHR incentive program, standards and certification and definitions of meaningful use. || 8-10-2011 || ONC ||
 * Meaningful Use Regulation || Access the document [|here] || Documentation on the final rule for the EHR Incentive program. Provides in depth detail of provisions of ARRA for incentive payments to eligible professionals (EP), hospitals and critical access hospitals (CAHs) participating in Medicare and Medicaid programs that adopt and successfully demonstrate meaningful use of certified electronic health record (EHR) technology. This final rule policies around the initial criteria EPs, eligible hospitals, and CAHs must meet in order to qualify for an incentive payment; as well as payment procedures are covered || 8-10-2011 || CMS ||
 * Privacy and Security || Access the website [|here] || Regulations and guidance surrounding privacy and security in health information exchanges. Includes latest
 * Privacy and Security Regulation || Access the document [[file:siframework/2010-16718.pdf|here]] || Proposed modifications to implement recent statutory amendments under the HITECH Act for the purpose of strengthening the privacy and security protection of health information, and to improve the workability and effectiveness of HIPAA Rules. || 8-10-2011 || OCR ||

Meaningful Use Regulation

include component="page" wikiName="siframework" page="space.template.inc_contentleft_end"