Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
access_of_health_information [2016/06/21 00:40] jillian_nadette_de_leon |
access_of_health_information [2016/07/19 15:22] jillian_nadette_de_leon |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ##ACCESS OF HEALTH INFORMATION | ##ACCESS OF HEALTH INFORMATION | ||
| - | **Access of Health Care Providers**\\ | + | **Access of Health Care Providers.** Upon patient consent, only the health care provider shall have access to the patient's health information and authorized entities as defined in Article IV, Section 1. \\ |
| - | * Upon patient consent, only the health care provider shall have access to the patient's health information and read-only access shall be given to secondary health care providers. \\ | + | |
| - | *Accessible information for secondary healthcare providers shall be the following:\\ | + | **Accessible Information for Health Care Providers** shall be the following:\\ |
| - | | + | a.) History of past illness;\\ |
| - | a. History of past illness\\ | + | b.) Family history of illness;\\ |
| - | b. Family history of illness\\ | + | c.) History of present illness;\\ |
| - | c. History of present illness\\ | + | d.) Clinical history, including immunization records, previous operations and treatment;\\ |
| - | d. Allergies\\ | + | e.) Allergies;\\ |
| - | e. Adverse effect of medications given\\ | + | f.) Medication history including adverse effects, if any;\\ |
| - | f. Treatment outcome. Final diagnoses shall be included whether clinical or confirmed.\\ | + | g.) Results of laboratory and diagnostic procedures;\\ |
| - | g. Laboratory and diagnostic procedures\\ | + | h.) Treatment outcome (Final diagnoses shall be included whether clinical or confirmed).\\ |
| - | h. Any information approved by the patient for viewing\\ | + | |
| - | //Approval of Access//\\ | + | **Approval of Access.** The head of the medical record section or unit shall recommend the creation of user credentials for personnel that shall have access to the electronic medical records. The head of the facility shall approve the system access request.\\ |
| - | * The head of the section or unit (ex. medical director, chief nurse) shall approve the creation of user credentials for personnel that will have access to the hospital information system. The head of the facility shall approve the system access request.\\ | + | |
| - | + | ||
| - | **Access of User/Patient**\\ | + | |
| - | * Consenting patients shall have rights to access, view, request amendments to, and request restriction over how their health information is used. The health facility shall ensure that disclosures and any subsequent changes are documented. Health care providers shall be notified once update has been done.\\ | + | |
| - | * Patients who gave consent for their information to be processed in PHIE shall have the preference to choose which portal provider to use and shall have access to their own record even if their doctors are not yet enrolled in PHIE.\\ | + | |
| - | * For child- joint parental authority, either parent or legal guardian if one has been appointed can have access to the child's health information. If separated, the one granted legal custody, or legal guardian if one has been appointed by court will have the right to access. \\ | + | |
| - | **Access of Third Party**\\ | + | **Access of User/Patient.** Consenting patients shall have the rights to access on how their health information is being used. The health facility shall ensure that disclosures and any subsequent changes are documented.\\ |
| - | * A third party is allowed access to health information that is provided in the contract with the health care provider or as required by law. | + | |
| - | //__Notes re: Third Party Relationships__//\\ | + | **For Minors.** Either parent or legal guardian shall have access to the child's health information. If the parents are separated, the one granted legal custody, or legal guardian if one has been appointed by court shall have the right to access.\\ |
| - | * Types of 3rd party relationships: \\ | + | |
| - | (1) //Infrastructure only//- provides key infrastructure, such as network and servers, and their administration but doesn't provide any applications or application support.\\ | + | |
| - | (2) //Managed Applications//- exerts some control over installation, maintenance and support of the infrastructure and applications. Includes cloud computing, infrastructure and software as a service.\\ | + | |
| - | (3) //All Data//- includes infrastructure and managed applications, as well as support, maintenance and disaster recovery of the infrastructure and applications (e.g., backup and recovery site.\\ | + | |
| - | **Authorization to Access Information**\\ | + | **Access of Third Party.** A third party is allowed access to health information that is provided in the contract or a required by law.\\ |
| - | * Authorization must be written in plain language, and must contain specific information such as: \\ | + | |
| - | (a) A description of the health information to be used and disclosed.\\ | + | |
| - | (b) The name of the person to whom the health care provider may disclose the health information.\\ | + | |
| - | (c) An expiration date.\\ | + | |
| - | (d) The purpose which the health information may be used or disclosed. \\ | + | |
| - | * A protocol on how to identify authorized persons to access patient information shall be made. The authorized person approving the request to access health information shall ensure that proper authorization from proper authorities is obtained by the requesting party. \\ | + | |
| - | * In cases when the person requesting for information is incapacitated, special power of attorney shall be allowed.\\ | + | |
| + | **Third Party Use and Disclosure.** A third party shall not disclose health information other than as provided by contract or as required by law. They shall also agree to use appropriate safeguards to prevent use and disclosure of the health information other than as provided by contract or as required by law.\\ | ||
| - | **Others**\\ | + | A third party shall report to the health care provider any use or disclosure of health information not provided for by the agreement of which it becomes aware, including breaches of unsecured health information, and any security incident of which it becomes aware.\\ |
| - | * Add more specific guidelines for Joint AO VII, item 1.C. Specify what data is to be shown.\\ | + | |
| - | (//Can be discussed further. This section was a recent amendment from TWG.//)\\ | + | |
| - | * A 24/7 hotline shall be provided to help in cases when necessary information is required at any point in time.\\ | + | |
| - | * There shall be no UID or PWD. | + | |