Health information exchange is one arrow in the quiver that may lead to promised improvement in the coordination, efficiency and effectiveness of health care services based on the sharing of data contained in individual patients' electronic health records.
An article in the current issue of Medical Economics examines some of the technical, legal and ethical issues around patient consent to the collection and transmission of protected health information by health information exchanges.
I spoke with Ken Terry as he was working on this piece, Health Information Exchanges Introduce Patient Consent Questions, to discuss some of the legal and practical issues involved. The lack of consistency in state laws (some are "opt-in," some are "opt-out, and at least one is "opt-out" at the point data comes into the HIE, and "opt-in" when a clinician seeks to obtain that data) and the lack of general understanding of the issues involved by patients has led to the ONC recommending the obtaining of "meaningful consent" from patients for health information exchange. Ideally, this goes way beyond a simple web-based or paper consent, and must account for the variation between HIPAA and related state laws, must include the provision of information to patients about the information to be shared, its intended use, protections against misuse, etc., and must be captured in a way that can be easily communicated to all potential users of the patient's data.
The article touches on other issues as well — check it out, it's worth reading.