NoVaRHIO Legal Documents Committee
11/03/06
Minutes
Attendees:
- Sharon Arndt
- Mark Diorio
- Alan Goldberg
- Kristin Seitz
- Rubin Varghese
Discussion addressed issue of RHIO not recognized as covered entity under
HIPAA’s Administrative Simplification subtitle rules definitions, but group
concurred NoVaRHIO could adopt all or most requirements applicable to a CE,
including similar policy and procedures.
As a HIPAA Business Associate, the RHIO would follow BA contract requirements
imposed by covered entities.
RHIO to be promoted and presented as proactive protector of health care information,
so that patients and others are more likely to be willing to participate.
Central themes of discussion:
- Privacy Issue
- Assure participants and individuals of privacy and security
- Participants will be sharing information and must be comfortable with
a sharing process
- Concern for individual control of health information and disclosure
- Patients need to understand benefits of RHIO from its initial steps
- What’s the incentive to participate
- Value to patients
- Disclosure of information as and when needed to help patients
- Emergencies:
o
Personal emergency – pre-set permissions authorized if patient
unable to communicate
o
Individual emergency and disaster disclosure
·
Concern regarding the accuracy of information when input by
patient
·
Presumption (whether or not warranted?) by doctor that all
data is within system
o
More data, better data, more available data
·
More accurate information from emergency room setting
o
Allergy information
o
Operations
o
Medications
·
It is in the patient’s interest for doctors to have the most
accurate information
·
Updated medications within RHIO
·
Patients or hospital involved in RHIO
·
Real-time on-going updating
·
Hospital discharge
·
Pharmacy inputs
- Documentation that supports 1 & 2
·
RHIO policies and procedures
·
Patient Centric
·
Vendor standpoint
o
Discussion of “HIPAA complaint”
·
Business Associates
·
Disclosure Permissions
o
Treatment
o
Payment
o
Health Care Operations
