Difference between revisions of "Consent Directive Use Cases"
| Line 68: | Line 68: | ||
==Consent Directives Filter Health Record Information== | ==Consent Directives Filter Health Record Information== | ||
| − | Filtering mechanisms and algorithms are required that apply consent directive rules to an individual's health record content. Consent directives may include restricted access filters | + | Filtering mechanisms and algorithms are required that apply consent directive rules to an individual's health record content. Consent directives may include restricted access filters that are applied to a category of health information (e.g., all HIV related information) or to a particular data element (e.g., filter all instances of a provider's name). A consent directive may also require that personally identified health information is "masked" to hide the patient's identity. |
===Pre-condition=== | ===Pre-condition=== | ||
| Line 74: | Line 74: | ||
===Basic Scenario=== | ===Basic Scenario=== | ||
| − | Depending on whether the information is structured or unstructured, | + | Depending on whether the information is structured or unstructured, filtering may be applied at the record or document level, or on subsections. Structured information, which is encoded data, can be filtered at the data element level. Unstructured information, which is unencoded data that may be transmitted, e.g., as an image or bit map, can only be filtered at the document or document section level. |
===Actors=== | ===Actors=== | ||
See also: [[CBCC Use Cases#Actors | Actor definitions]] | See also: [[CBCC Use Cases#Actors | Actor definitions]] | ||
* Consent Directives Management Service (CDMS) | * Consent Directives Management Service (CDMS) | ||
| − | * | + | * Consent Requestor |
==Flag Filtered Health Record Information== | ==Flag Filtered Health Record Information== | ||
Revision as of 19:18, 25 August 2008
Back to: CBCC Main Page > CBCC Use Cases
See also: Glossary of Consent Terms for defintion of acronyms and terms.
Contents
- 1 Introduction
- 2 Use Cases
- 2.1 Grant for Protected Health Information to Consumer
- 2.2 Consenter Manages Consent Directives
- 2.3 Provider Requests Consent Directives for a Patient
- 2.4 Provider Looks up Protected Health Information (PHI)
- 2.5 Consent Directives Filter Health Record Information
- 2.6 Flag Filtered Health Record Information
Introduction
The following use cases describe requirements for the creation and use of consent directives.
Use Cases
Grant for Protected Health Information to Consumer
Pre-condition
The right/license to control one's medical information is assigned by jurisdiction to the Patient.
Basic Scenario
Based on the current regulation, the Jurisdictional Authority assigns the right to control personal health information to the Patient who is its subject or to their designated Substitute Decision Maker (SDM) that acts on behalf of the Patient.
Actors
See also: Actor definitions
- Jurisdictional Authority
- Patient
- Substitute Decision Maker(SDM)
Consenter Manages Consent Directives
This use case assumes that the Consenter has access to a CDMS through some type of portal (e.g. web) and manages consent directive rules intended to be shared with a variety of providers, payers, etc.
Pre-condition
Basic Scenario
Consenter uses the portal provided by the CDMS to set the privacy consent directives for their medical record information. By default, the CDMS will include the protection specified by CFR 42, Part 2. The user will not be able to disable the directives derived from CFR 42, Part 2 for Alcohol and Substance Abuse information.
Actors
See also: Actor definitions
- Consenter
- Consent Directives Management Service (CDMS)
Provider Requests Consent Directives for a Patient
Basic Scenario
- The Consenter supplies the Provider with a reference to the consent directives already specified by the patient and maintained by the patient's CDMS.
- Implementation Note: The reference may be a URL that references a set of user-readable rules and computer-readable consent directive rules.
- The Provider retrieves the consent directives and compares them with the privacy consent directives currently supported in the organization.
- If the local consent directive rules contradict the local rules, the Consumer has the option to decline the medical services. Otherwise, the Consumer agrees with the local consent directive rules.
Alternate Flow
- There are no consent directives for Patient.
Post-condition
The Provider's Information System stores a copy of the Consumer's Consent Directives.
Actors
See also: Actor definitions
- Consenter
- Provider
- Provider's EMR System
- Consent Directives Management Service (CDMS)
Provider Looks up Protected Health Information (PHI)
Pre-condition
- The patient has completed the consent directive and persisted it in the CDMS.
- The patient's medical record contains a variety of protected health information (e.g. HIV-related, mental health, substance abuse, clinical genomics, etc.).
- The patient needs healthcare services a healthcare organization that has never treated the patient in the past or has treated the patient prior to introduction of consent directives and PHRs.
Basic Scenario
- The patient provides the Provider with a references to his/her CDMS.
- The Provider's EHR System retrieves the medical record and the associated consent directives.
- The EHRS uses the rules contained in the consent directive to disclose the PHI to those clinicians involved in care, administration, and payment.
Post-condition
The Provider's Information System stores a copy of the agree consumer preferences.
Actors
See also: Actor definitions
- Provider
- Provider's EMR System (EHRS)
- Consent Directives Management Service (CDMS)
Consent Directives Filter Health Record Information
Filtering mechanisms and algorithms are required that apply consent directive rules to an individual's health record content. Consent directives may include restricted access filters that are applied to a category of health information (e.g., all HIV related information) or to a particular data element (e.g., filter all instances of a provider's name). A consent directive may also require that personally identified health information is "masked" to hide the patient's identity.
Pre-condition
- The patient has completed entry of consent directive rules.
Basic Scenario
Depending on whether the information is structured or unstructured, filtering may be applied at the record or document level, or on subsections. Structured information, which is encoded data, can be filtered at the data element level. Unstructured information, which is unencoded data that may be transmitted, e.g., as an image or bit map, can only be filtered at the document or document section level.
Actors
See also: Actor definitions
- Consent Directives Management Service (CDMS)
- Consent Requestor
Flag Filtered Health Record Information
If Consumer decides to mask certain information, he may have the option of deciding whether to permit PHI Repository to send a flag to an authorized party alerting the requester that masked information is available upon Consumer's consent or by "breaking the glass" in an emergency. "Breaking the glass" occurs when a provider who is authorized by organizational policy or jurisdictional law overrides a consent directive.
Pre-condition
- The Consumer has completed entry of consent directive rules.
Basic Scenario
Authorize a specified type of provider to access all unmasked health information, and to receive a flag that masked information may be accessed, following Patient's consent. A provider's access to masked information is restricted to read-only for a limited time, after which the privacy password will expire.
Actors
See also: Actor definitions
- Consenter
- Consent Directives Management Service (CDMS)
- PHI Repository
