Military Health System Research Findings: Implications on Patient Privacy and Identity Management
Rosemary Nelson, MSN, MA, RN-BC, CPHIMS President & CEO, MDM Strategies, Inc.
Loretta Schlachta-Fairchild, RN, PhD, FACHE, LTC(ret) US Army Independent Consultant, MDM Strategies, Inc.
Rosemary Nelson and Loretta Schlachta-Fairchild today unveiled findings from an exhaustive review of studies, policies, and articles relating to health IT privacy and identity management. In addition to summarize their extensive compilation, they shared a link to all of the resources in the hopes that it will be useful to others interested in knowing what literature is currently available in the domain.
Rosemary Nelson shared context about the research study:
Between DoD & VA, they have responsibility to protect the health information for everyone who enters the service from the time they raise their hand until they reach their grave. This requires information to be transferred from a DoD facility to the VA, and sometimes civilian network providers when a specialist outside of the DoD and VA network becomes involved in patient care.
It’s time to identify the data integration policies, standards, and processes to ensure patient privacy is preserved among the 3 entities (D0D, VA, Network Providers). This report analyzes what happens when this data is moving in these 3 directions.
We were tasked to study the policies that impact policies and procedures in place now, and identify where we need to adapt new policies and standards to meet any existing gaps. We began with a literature review and an assessment of Military Health Systems Standards and Policies.
Loretta Schlachta-Fairchild shared the findings:
Our study used the AHRQ framework. Our literature review spanned the world, not just DoD or VA documentation. We used 4 primary databases: Proquest, PubMed, Gale, Scopus.
98 HITPIM standards
54 ID management standards
44 patient privacy standards
196 HITPIM policies
180 privacy policies
16 are ID Management Policies
36 are DoD policies (27 privacy and 9 ID Management)
184 studies and 3064 articles (grey literature, not proven) on HITPIM from 2008-2012
151 studies ar in privacy
53 studies in ID management
7 themes: Trust, Access/Identity, Control/Consent, Standardization/Interoperability, Security, RIsk, Confidentiality
Some key takeaways:
There were no level 1 Gold Standard randomized control studies in the area of HIT. Most were level 4, so it’s tough to extrapolate this research reliably. To recommend additional research in the coming years, we will definitely recommend some randomized control studies of policies and technology.
Studies ranged from an N of 2 – over 36,000. The research remains immature. We would welcome recommendations from all of you as to what should be investigated in the future.
Our next steps will be to identify the solutions to meet the gaps for military stakeholders. The first draft of recommendations will be turned into the government November 1st. We welcome your feedback and input as to what future research studies related to health IT privacy would be helpful to you.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.