{"type":"data","nodes":[{"type":"data","data":[{"mainNavPagesCollection":1,"subnavPagesCollection":26},{"currentSlug":2,"topLevelSlug":-1,"total":3,"items":4},"identity-and-privacy-why-patients-should-care",6,[5,8,11,14,17,20,23],{"title":6,"slug":7},"Home","",{"title":9,"slug":10},"About GPII","about-gpii",{"title":12,"slug":13},"Why the Need?","why-the-need",{"title":15,"slug":16},"Our Services ","our-services",{"title":18,"slug":19},"Privacy Protection","privacy-protection",{"title":21,"slug":22},"Contact Us","contact-us",{"title":24,"slug":25},"Articles","articles",{"currentSlug":2,"total":27,"items":28},0,[]],"uses":{"params":["slug"]}},{"type":"data","data":[{"title":1,"sanitizedBodyMarkup":2,"published":3,"author":4,"category":7,"tagsCollection":10,"pdf":17,"link":19},"Identity and Privacy: Why Patients Should Care","\u003Ch2>Introduction\u003C/h2>\u003Cp>Each of us takes our identity for granted. Virtually every minute of our waking life we are aware of\nwho we are and what our current context is. When it comes to healthcare information processing,\nhowever, things are not so clear. Healthcare information represents some of the most personal and\nprivate data concerning each one of us. As more and more of that information is captured and\nprocessed by automation systems, the ability to accurately identify the person the data is about and to\nhonor that person’s privacy wishes have become more and more problematic.\u003C/p>\u003Cp>When someone asks “Who are you?” our usual response is to give our name and perhaps where we\nare from. That’s a start, but for a healthcare automation system it is not nearly enough. The\nautomation system might have a dozen persons named “Tim Smith” in its database. In order to be sure\nit has the right one the computer will want your birthday, your address, your Social Security Number,\nyour mother’s maiden name; everything it can possibly learn about you to make certain it knows who\nyou are. This is a good thing. You don’t want the computer to confuse your medical information with\nsomeone else’s! However, this does give rise to two problems:\u003C/p>\u003Ch3>1. Inaccurate identification\u003C/h3>\u003Cp>Despite all the data they collect about you, computers still make identity mistakes; a lot of them. It\nis difficult to obtain accurate quantification but the literature indicates error rates of at least 5% and\nthere are many reports of 10% or higher. This is not good. If the computer doesn’t know the right\nperson then some of your data might be lost. Even worse, someone else’s information might be mixed\nin with yours. Needless to say, both of these circumstances are problematic and can lead to serious\nconsequences.\u003C/p>\u003Cp>Medicine is well aware of how dangerous the situation is. There have been ongoing concerted\nefforts to reduce the rate of medical misidentification errors for over a decade but it has proven to be a\nremarkably intractable problem--and it is getting worse. As healthcare evolves to exchange clinical\ninformation across larger and larger domains--cities, states, and eventually the entire nation--identity\nerrors become more and more frequent. An increasingly large number of healthcare organizations are\ninvolved. There are more systems to interface--with dissimilar policies, different sets of identifying data,\ndifferent technologies, etc. Furthermore, identification needs to occur across larger and larger patient\npopulations. The chance that someone else has identifying information similar to yours, what is called\nyour “biographic profile,” increases the more people there are in the system.\u003C/p>\u003Ch3>2. Privacy is diminished\u003C/h3>\u003Cp>All the information that health systems collect about you (for a good reason) can make it difficult to\nmanage your privacy. Firstly, the information indicates who you are and, secondly, it is subsequently\nattached to your medical information, i.e. some of the most private information about you that exists.\nWhen the medical system wants to order a test about you, they use part of your biographic profile.\nWhen they want to report a result, they use part of your biographic profile. When they want to submit\na bill…, you guessed it, they use part of your biographic profile.\u003C/p>\u003Cp>Remember, all of this use of your private data is with the best of intent. You wouldn’t want your lab\nresult to end up in someone else’s medical chart. Nor would you want to be billed for someone else’s\nmedical procedure. Yet, all of that information sharing puts your privacy at risk. Large parts of your\nbiographic profile are being attached to parts of your sensitive medical information and being\ntransmitted electronically to a variety of locations that are outside of your control. “You,” or at least\nenough about you to identify you, are being sent to various medical facilities, being seen by their\npersonnel, and being stored in their databases. Is it any surprise that medical identity theft is one of the\nfastest growing crimes in America?\u003C/p>\u003Ch2>The solution\u003C/h2>\u003Cp>Fortunately there is a simple and straightforward way to “solve” both the identity and privacy\nproblems for healthcare. GPII, a private not-for-profit corporation, creates and manages unique\nidentifiers that can be used by healthcare organizations to manage personal identities. A healthcare\norganization can obtain a Voluntary Universal Healthcare Identifier (VUHID) from GPII for you, store it as\npart of your biographic profile, and hand it to you on a personal identification card.\u003C/p>\u003Cp>From that point on you can hand the ID card to every new caregiver who treats you and ask them to\nadd the identifier to your biographic profile--or the network of automation systems may be able to do\nthis for you. Over time, all of your clinicians will be able to identify you using your unique identifier.\\\u003C/p>\u003Cp>A few notes about VUHID identifiers. They are globally unique, they are never reused, and they are\nissued to only one person. They are permanent and they cannot be counterfeited. Once you get your\nidentification card you should be able to use it for the rest of your life.\u003C/p>\u003Cp>VUHID identifiers remove any ambiguity about your identity. If you are Peter Smith, it doesn’t\nmatter if there are none, one, or one hundred other persons named “Peter Smith” in your town. Each of\nthem can have their own unique identifier and their records should never be confused with anyone\nelse’s. It doesn’t matter how many patients a large healthcare organization treats, the use of VUHID\nidentifiers will help ensure that they never confuse one person with another.\u003C/p>\u003Ch2>Privacy support\u003C/h2>\u003Cp>What about the privacy of my healthcare information? Let’s look at just a few aspects of how the\nuse of VUHID identifiers makes your privacy better.\u003C/p>\u003Cp>Note that once your caregivers begin to use your VUHID identifier to identify you, they can stop\nusing most of the other data in your biographic profile. They might want to send your initials along with\nyour identifier but they won’t need to use your name and they certainly should not send your Social\nSecurity Number. This means that your privacy can make a comeback. Your VUHID identifier is at risk as\nit is sent back and forth between medical facilities but your private biographic profile can stay safe at\nhome.\u003C/p>\u003Cp>GPII offers VUHID identifiers in two varieties, “open” and “private.” You will want to use an open\nidentifier (OVID) for all of the medical information that you want to be freely available to all of your\ncaregivers, e.g. the time you had a broken arm, your immunizations, the fact that you had appendicitis,\netc. However, you may also have some medical information that you want to keep private. Perhaps you\nare concerned that the history of your treatment for depression should not be widely known. This is\nwhen you want to use a private identifier (PVID). You can have your psychiatrist obtain a PVID, give you\na PVID card, and use it to identify your psychiatric records. With a PVID as its primary link, your\npsychiatric data can be kept separate from the rest of your medical information. Because you control\nyour PVID card you can decide who has access to that information. If you provide your PVID to your\nprimary care provider then he or she can view your psychiatric information, otherwise not. Later, if you\nhave some genetics testing and need to keep your genetics information separate you can get a different\nPVID for that. So, in the general case, you will have one open identifier and as many private identifiers\nas are needed for your particular medical circumstances and privacy preferences.\u003C/p>\u003Ch2>What about errors?\u003C/h2>\u003Cp>Getting privacy right can be tricky, especially since we haven’t managed it very well in the past. In\naddition, what one person needs for privacy of their healthcare data is likely to change over time. So we\nhave to make provisions to correct errors when they occur and to make changes when they are needed.\nIf you change your mind about what data you want to keep private, if you develop a new disease, if you\nget divorced, or any of dozens of other events; you may need to make a change in your privacy\nspecifications.\u003C/p>\u003Cp>Fortunately, with VUHID you are in control. You can acquire new private IDs as you have need. If\nyou determine that an existing PVID can no longer meet your needs you can decide to have it\nterminated and/or replaced with a new one. It is important to note that you cannot turn back the clock.\nAlthough data that was previously public can be made private at any point in time, this new privacy\nstatus cannot hide this data from someone you gave it to previously. With this one caveat, VUHID can\nsupport virtually any set of privacy requirements that you require. VUHID represents an example of full\npatient empowerment. As the user of one or more VUHID identifiers, you are in control and are able to\nconfigure them to fully meet your privacy needs.\u003C/p>\u003Ch2>Summary\u003C/h2>\u003Cp>The GPII solution represents a simple and cost-effective way to achieve accurate identification and it\nalso enables a fundamentally different approach to patient privacy. Through the deployment of unique\nidentifiers that are under the direct control of each patient both identification and privacy functions are\neasy to accomplish. By making privacy simple, VUHID identifiers give users the best chance to get their\nprivacy right. And by making it easy to make changes, VUHID lets patients readily correct the infrequent\nerrors that will occur.\u003C/p>\u003Cp>The twin requirements of accurate identification and improved privacy continue to increase in\nimportance within healthcare. The GPII approach, using VUHID identifiers, represents a straightforward\nway to achieve these important goals. Hopefully GPII will be able to play a central role as healthcare\nmoves more deeply into the era of automation. I hope that it will not be long before you have an\nopportunity to use a VUHID identifier to improve the medical care that you receive.\n\u003C/p>","2013-10-29T00:00:00.000Z",{"firstName":5,"lastName":6},"Barry","Hieb",{"slug":8,"title":9},"patient-matching","Patient Matching",{"total":11,"items":12},2,[13,15],{"slug":14,"title":14},"privacy",{"slug":8,"title":16},"patient matching",{"title":18,"url":18},"",{"title":18,"url":18}],"uses":{"params":["slug"]}}]}