Healthcare Business News
Deven McGraw, director of the Health Privacy Project at the Center for Democracy and Technology

Cerner using metadata tagging to help share patients' medical records

By Joseph Conn
Posted: February 26, 2014 - 5:00 pm ET

Behavioral health has long been an island unto itself when it comes to the electronic sharing of patient medical records with other healthcare providers because of a specific federal privacy rule to protect these patients' highly sensitive information.

But Cerner Corp., by using metadata tagging for privacy, has built a bridge between that island and the mainland of healthcare providers.

For now, Cerner's capability for the transfer of medical records remains rudimentary, limited to sending and receiving records via e-mail in the Continuity of Care Document format and limited to only transactions between providers using Cerner products.

A clinician in a hospital with a Cerner EHR who is receiving a medical record from a behavioral health clinic or hospital using Cerner's behavioral health software must go to his or her e-mail folder to open and receive the message. The patient's name will be left blank on the incoming e-mail until the clinician reads and agrees to accept the provisions of 42 CFR Part 2, a federal privacy rule that applies to medical records of patients of providers who receive federal funds for drug and alcohol abuse treatment.

Advertisement | View Media Kit


“At a very high level, the goal for doing the data segmentation for privacy initiative was to help healthcare providers share information that's protected at a higher level than HIPAA,” said William Stadler, strategist for behavioral health at Cerner. “The project was not created to design new policy. It was to implement policy. What's really exciting in this context is it's really going to enable integrating behavioral health with primary care.”

Under 42 CFR Part 2, patient information cannot be disclosed without patient consent. In addition, the patient consent requirement flows with the data; that requires a receiving provider to obtain a new patient consent before he or she can legally re-disclose the information.

Cerner, which is demonstrating its new approach at Healthcare Information and Management Systems Society convention in Orlando, Fla., is exploring the use of metadata tagging for other privacy uses, Stadler said.

Adding metadata tags to medical data for privacy protection was an innovative recommendation in a report by the President's Council of Advisors on Science and Technology in 2010. Metadata tags for privacy are being used by the Health Administration of the Department of Health Affairs for privacy constraints.

The work by the VA and the Substance Abuse and Mental Health Services Administration at HHS was one of four pilot projects funder under the Data Segmentation for Privacy Initiative sponsored by the Office of the National Coordinator for Health Information Technology at HHS.

But commercial vendors had largely steered clear of metadata tags, which are essentially information about a given piece of data, due to the complexity they add to data handling.

Privacy advocates see the Cerner effort as a welcome move by a software developer to leverage health information technology for privacy protection.

“I am really encouraged by the Cerner behavioral health product,” said Deven McGraw, director of the Health Privacy Project at the Center for Democracy and Technology, a Washington, think tank, who saw the software at HIMSS. “It is the first step toward giving providers the tools to honor patient choices about the sharing of their health information, particularly in circumstances where the law already gives them this right. “

“This approach is an important first step, and provides a mechanism for substance abuse treatment providers to actually share data,” McGraw said. “Historically, because there was a lack of technical options for sending this data even when the patient consented, behavioral health providers were left out of health information exchange arrangements. This approach begins to chip away at those barriers, which is a real win for patients.”

Joy Pritts, chief privacy officer at the ONC, said the development of Accountable Care Organizations is going to drive the need for integrating behavioral heath records with primary care records.

“We're very happy to see a major vendor involved in this effort and we hope other vendors follow that lead in adopting this technology to ensure that behavioral health patients and other segments of our society are not left behind,” Pritts said.

Follow Joseph Conn on Twitter: @MHJConn

What do you think?

Share your opinion. Send a letter to the Editor or Post a comment below.

Post a comment

Loading Comments Loading comments...



Switch to the new Modern Healthcare Daily News app

For the best experience of on your iPad, switch to the new Modern Healthcare app — it's optimized for your device but there is no need to download.