1 electronic records & confidentiality (focus on research) lawrence h. muhlbaier, phd assistant...
TRANSCRIPT
![Page 1: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/1.jpg)
1
Electronic Records & Electronic Records & ConfidentialityConfidentiality
(Focus on Research)(Focus on Research)Lawrence H. Muhlbaier, PhDLawrence H. Muhlbaier, PhD
Assistant ProfessorAssistant ProfessorBiostatistics & BioinformaticsBiostatistics & Bioinformatics
Duke University School of MedicineDuke University School of Medicine24 March 200724 March 2007
![Page 2: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/2.jpg)
2
This talk is NOT specifically about:This talk is NOT specifically about:
21 CFR 11 Compliance21 CFR 11 Compliance
Genetics Data BasesGenetics Data Bases
Specimen RepositoriesSpecimen Repositories
Technology of DatabasesTechnology of Databases
![Page 3: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/3.jpg)
3
Possible Electronic Records:Possible Electronic Records:
Primary Data CollectionPrimary Data Collection
Clinical Systems (LIS, CPOE, …)Clinical Systems (LIS, CPOE, …)
Billing Systems/Admin DataBilling Systems/Admin Data
Electronic Medical Record, NHIN, RHIOElectronic Medical Record, NHIN, RHIO
Outside Systems (PHIN, Tumor Registry,…) Outside Systems (PHIN, Tumor Registry,…)
"Old" Research Data"Old" Research Data
Physician "personal" logsPhysician "personal" logs
![Page 4: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/4.jpg)
4
Possible Electronic Records:Possible Electronic Records: Clinical Systems Clinical Systems
LISLIS Laboratory Information SystemsLaboratory Information Systems HL7 Export (2 Flavors)HL7 Export (2 Flavors) Coding differs by Institutions/VendorsCoding differs by Institutions/Vendors
CPOECPOE Computerized Physician Order EntryComputerized Physician Order Entry PrescriptionsPrescriptions MedsMeds
![Page 5: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/5.jpg)
5
Possible Electronic Records: Possible Electronic Records: Billing Systems/Admin Data Billing Systems/Admin Data
Coarse measures of consumptionCoarse measures of consumption DemographicsDemographics ICD coded Dx & ProceduresICD coded Dx & Procedures CPT coded ProceduresCPT coded Procedures Meds billed (not administered)Meds billed (not administered) Resource useResource use
Vent hours, blood, room use, OR useVent hours, blood, room use, OR use
![Page 6: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/6.jpg)
6
Do you use and Electronic Health Do you use and Electronic Health Record at your Hospital:Record at your Hospital:
1.1. No No
2.2. YesYes
3.3. MaybeMaybe
4.4. Don't work with HospitalDon't work with Hospital
![Page 7: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/7.jpg)
7
Do you use and Electronic Health Do you use and Electronic Health Record at your Hospital:Record at your Hospital:
1.1. No No
2.2. YesYes
3.3. MaybeMaybe
4.4. Don't work with HospitalDon't work with Hospital
1 2 3 4
22.2%
69.4%
2.8% 5.6%
1 2 3 4
22.2%
69.4%
2.8% 5.6%
![Page 8: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/8.jpg)
8
Possible Electronic Records: Possible Electronic Records: Electronic Medical Record Electronic Medical Record
Rich data sourceRich data source
Often text basedOften text based
Difficult to extract dataDifficult to extract data
Extends to Extends to RHIO (Regional Health Information RHIO (Regional Health Information
Organizations)Organizations) NHIN (National Health Information Network)NHIN (National Health Information Network)
![Page 9: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/9.jpg)
9
Possible Electronic Records:Possible Electronic Records: Outside Systems Outside Systems
PHIN (CDC)PHIN (CDC) Public Health Information NetworkPublic Health Information Network Bioterrorism, ED usage, …Bioterrorism, ED usage, …
Tumor Registry (State)Tumor Registry (State)
Compliance/QA RegistriesCompliance/QA Registries JCAHO (Premier)JCAHO (Premier) Specialty (ACC, STS, MI, Ortho)Specialty (ACC, STS, MI, Ortho)
![Page 10: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/10.jpg)
10
ConfidentialityConfidentiality
confidentiality /con·fi·den·ti·al·i·ty/ (kon?fi-confidentiality /con·fi·den·ti·al·i·ty/ (kon?fi-den?she-al´i-te) the principle in medical den?she-al´i-te) the principle in medical ethics that the information a patient reveals ethics that the information a patient reveals to a health care provider is private and has to a health care provider is private and has limits on how and when it can be disclosed limits on how and when it can be disclosed to a third party. to a third party.
![Page 11: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/11.jpg)
11
SecuritySecurity
Implements ConfidentialityImplements Confidentiality
Cannot do it itselfCannot do it itself
Currently not very integratedCurrently not very integrated
![Page 12: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/12.jpg)
12
Pessimists ViewPessimists View
"You have no privacy anyway. Get over it.""You have no privacy anyway. Get over it."
Scott McNealy, Sun Microsystems (1/25/1999)Scott McNealy, Sun Microsystems (1/25/1999)
![Page 13: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/13.jpg)
13
At work, how many UserID + Passwords At work, how many UserID + Passwords do you have?do you have? 1. 01. 0
2. 12. 1
3. 23. 2
4. 3-54. 3-5
5. 6-105. 6-10
6. 11+6. 11+
![Page 14: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/14.jpg)
14
At work, how many UserID + Passwords At work, how many UserID + Passwords do you have?do you have? 1. 01. 0
2. 12. 1
3. 23. 2
4. 3-54. 3-5
5. 6-105. 6-10
6. 11+6. 11+
1 2 3 4 5 6
4.9%12.2%
46.3%36.6%
1 2 3 4 5 6
4.9%12.2%
46.3%36.6%
![Page 15: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/15.jpg)
15
SecuritySecurity
Moving toward 1 ID/personMoving toward 1 ID/person
Biometric IDsBiometric IDs
HR tie-inHR tie-in
![Page 16: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/16.jpg)
16
Thorny IssuesThorny Issues
Follow-UpFollow-Up
Access to dataAccess to data
QueriesQueries
Access TrackingAccess Tracking
HIPAA/Common Rule InteractionsHIPAA/Common Rule Interactions
![Page 17: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/17.jpg)
17
Thorny Issues:Thorny Issues:Follow-UpFollow-Up
HIPAA vs OHRP (Death)HIPAA vs OHRP (Death)
Permission to FollowPermission to Follow
Passive vs Active Follow-UpPassive vs Active Follow-Up
![Page 18: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/18.jpg)
18
Follow-up when Follow-up when Authorization Revoked Authorization Revoked
OK for FDA Regulated StudiesOK for FDA Regulated Studies
""for the purpose of activities related to the quality, safety or effectiveness of such FDA-regulated product or activity." 45CFR164.512(b)(1)(iii) Part of Public Health Reporting Requires Disclosure AccountingRequires Disclosure Accounting
![Page 19: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/19.jpg)
19
Thorny Issues:Thorny Issues:Access to DataAccess to Data
Read/Write/ChangeRead/Write/Change
OwnershipOwnership
Gatekeeper/"Trusted Broker"Gatekeeper/"Trusted Broker"
Administration (non-IRB review committees)Administration (non-IRB review committees)
![Page 20: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/20.jpg)
20
Thorny Issues:Thorny Issues:QueriesQueries
Who can queryWho can query
Tools to queryTools to query
Technical ControlsTechnical Controls
Administrative ControlsAdministrative Controls
![Page 21: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/21.jpg)
21
Thorny Issues:Thorny Issues:Access TrackingAccess Tracking
P&P: HIPAA securityP&P: HIPAA security
HIPAA Privacy: Disclosure AccountingHIPAA Privacy: Disclosure Accounting
Technical ControlsTechnical Controls What to trackWhat to track How long to storeHow long to store
Administrative ControlsAdministrative Controls Who does itWho does it
![Page 22: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/22.jpg)
22
Thorny Issues:Thorny Issues:OHRP/HIPAA InteractionsOHRP/HIPAA Interactions
HIPAA largely technicalHIPAA largely technical
Definition differencesDefinition differences
Scope differencesScope differences
![Page 23: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/23.jpg)
23
AdvantagesAdvantages
Records available to all care giversRecords available to all care givers
All meds available (All meds available ( drug interactions) drug interactions)
NHIN and ResearchNHIN and Research Long tem follow-upLong tem follow-up Post marketing surveillancePost marketing surveillance
How much sooner would we have known the How much sooner would we have known the cardiac risks of Vioxx?cardiac risks of Vioxx?
![Page 24: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/24.jpg)
24
Specimen Registries vsSpecimen Registries vsData RegistriesData Registries
HIPAA treats them the sameHIPAA treats them the same
Common Rule/Ethical ConcernsCommon Rule/Ethical Concerns Future RiskFuture Risk OwnershipOwnership Limited ResourceLimited Resource Source (leftover, study specific, …)Source (leftover, study specific, …)
NCI draft guidance on Biorepositorieshttp://a257.g.akamaitech.net/7/257/2422/01jan20061800/
edocket.access.gpo.gov/2006/pdf/06-3997.pdf
![Page 25: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/25.jpg)
25
Public Health & PrivacyPublic Health & Privacy
PHINPHIN How much detail does it really have?How much detail does it really have? (Disclosure Accounting)(Disclosure Accounting) http://www.cdc.gov/phin/http://www.cdc.gov/phin/
![Page 26: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/26.jpg)
26
SummarySummary
Electronic Health Data are EverywhereElectronic Health Data are Everywhere
Confidentiality challenges aboundConfidentiality challenges abound
Security tools still evolvingSecurity tools still evolving
Very large Health Data Systems comingVery large Health Data Systems coming Require strong security toolsRequire strong security tools BUT flexible access!BUT flexible access!
![Page 27: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/27.jpg)
27
Resources on the WebResources on the Web
NCHICA: http://www.nchica.org/NCHICA: http://www.nchica.org/
PHIN: http://www.cdc.gov/phin/PHIN: http://www.cdc.gov/phin/
HIPAA: HIPAA: (Databases under HSR)(Databases under HSR)
http://privacyruleandresearch.nih.gov/http://privacyruleandresearch.nih.gov/
![Page 28: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/28.jpg)
28
Selected AcronymsSelected Acronyms
ACC: ACC: American College of CardiologyAmerican College of Cardiology
STS: STS: Society of Thoracic SurgeonsSociety of Thoracic Surgeons
ED: ED: Emergency DepartmentEmergency Department
HRHR: Human Resources: Human Resources
OHRP: OHRP: Office of Human Research ProtectionsOffice of Human Research Protections
NCHICA: NCHICA: North Carolina Healthcare Information North Carolina Healthcare Information & Communications Alliance& Communications Alliance
![Page 29: 1 Electronic Records & Confidentiality (Focus on Research) Lawrence H. Muhlbaier, PhD Assistant Professor Biostatistics & Bioinformatics Duke University](https://reader036.vdocuments.site/reader036/viewer/2022081519/56649ee15503460f94bf2621/html5/thumbnails/29.jpg)
29
Contact InformationContact Information
Doc MuhlbaierDoc Muhlbaier
DUMC 3865DUMC 3865
Durham, NC 27710-7510Durham, NC 27710-7510
919-668-8774919-668-8774
[email protected]@duke.edu