FHIR Chat · Avoiding HIPAA · implementers

Stream: implementers

Topic: Avoiding HIPAA

view this post on Zulip Tony Nohra (Mar 06 2018 at 17:48):

Hi,
I want to start developping FHIR apps. but I wonder if there is a way to get medical codes like in infobutton without the patient data. I am trying to avoid HIPAA requirements and complications.

Is it possible to get a sessiond ID or ICD10 without the full patient record so I am not liable to HIPAA?

Thanks

view this post on Zulip Michele Mottini (Mar 06 2018 at 19:12):

If the app is going to be used by patients to access their data there is no HIPAA issue

view this post on Zulip John Moehrke (Mar 08 2018 at 14:54):

you need to express more what it is that you want to get... as one way I can read your use-case is that you need to use the terminology resources alone. The terminology services alone are not PHI, they are just codes...

view this post on Zulip John Moehrke (Mar 08 2018 at 14:55):

another read of your use-case is that you are looking for de-identification... see http://build.fhir.org/secpriv-module.html#deId

view this post on Zulip Tony Nohra (Mar 09 2018 at 17:15):

Thank you for your response.

I am writing a FIRE app to access the patient's diagnosis ICD10 / keyword in order to assign relevant educational material. My concern is HIPAA requirements since I'll be accessing the patient's record. Is there a way to use a non identifiable ID like a temporary session ID in order to avoid having access to the full patient's identifiable data which would require HIPAA compliance which I am trying to avoid.

view this post on Zulip Michele Mottini (Mar 10 2018 at 00:20):

No, there is no such non-identifiable ID - but who is going to use the app?

view this post on Zulip Tony Nohra (Mar 19 2018 at 18:00):

The app will be used by patients but in order to automate the suggested educational material, the system will need to access the patient's records for ICD10 codes or keywords. We would prefer not to have access to the rest of the patient's data.

view this post on Zulip John Moehrke (Mar 19 2018 at 18:02):

Tony, I am confused at your use-case. The application is used by the patient, but can't know who the patient is?

view this post on Zulip John Moehrke (Mar 19 2018 at 18:05):

A similar system to what you are describing is a type of CDS-Hooks application. One that would be fed some bundle of medical information that it would use to come up with some HTML markup. The system feeding you the data through CDS-hooks might be asked to provide you only the medial conditions. I think this is an expected method for using CDS-Hooks. In this case you would not be a full app, but rather a CDS-Hooks app. You might find it helpful if you were to do research on CDS-Hooks, and to ask questions on the CDS-Hooks stream.

view this post on Zulip Tony Nohra (Mar 20 2018 at 15:25):

Thank you John. I will elaborate more on my use-case.
I host patient education material on external servers for EMR systems to link to. So far, I have been using infobuttom ( by HL7 ) that sends only the ICD10 code and my server returns a list of relevant educational material. The infobutton appears next to each diagnosis ICD10 code for the patient to click and get educational material. Infobutton does not send any patient data, so it was safe to use.
Now I want to do the same with FHIR but my concern is that I will have to access the full record of the patient data in order to get to the diagnosis in the EMR medical records of the patient. By doing so, I might have full access to the patient record which is a liability to me and I will have to meet HIPAA requirements.

Ideally, I would like to use FHIR to access only diagnosis data in "de-identification" mode as you suggested earlier. I started to look into that feature and would appreciate your guidance or predication whether it would work in my case or not.

view this post on Zulip Lloyd McKenzie (Mar 20 2018 at 17:22):

You would be searching by patient and retrieving diagnosis codes. Even if the only thing that came over the wire, you'd then have knowledge of what diagnoses the patient had and should thus be subject to HIPPA. If you just have someone invoke your service passing in the codes, then you're fine from a HIPPA perspective, but if you're querying the patient record, you can't get around it.

view this post on Zulip John Moehrke (Mar 20 2018 at 17:56):

Im with Lloyd (excuse his spelling of HIPAA, he is Canadian)... If you query, then you know the context of your query... even if the result came back devoid of identifiers, you still knew what (specifically who) you were querying.

view this post on Zulip John Moehrke (Mar 20 2018 at 17:59):

This is specific to your use-case chosen architecture... You need to change your mindset or accept the privacy conclusion. I recommended you look at CDS-Hooks, which can provide to you just the data... There are other use-cases (like population cohort queries) where the result could come back de-identified; but this is not your chosen architecture or your use-case.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -