Quick Links



Meeting Schedule




How to Get Involved



Feedback Welcome

We value your input!
Have a suggestion or idea for the initiative wiki? Send an email the Project Manager.
Need help using the Wiki? Send an email to Wiki Admin/Support.

Edit SidebarRightEdit Action ItemsEdit Page Tabs




What is Data Segmentation?

The term “data segmentation” refers to the process of sequestering from capture, access or view certain data elements that are perceived by a legal entity, institution, organization, or individual as being undesirable to share. This basic definition, however, does not account for the multiple permutations of segmentation in the health care context (i.e., granularity), nor does it adequately capture the varied considerations required for development of segmentation policy.

Challenge

Enable the implementation and management of disclosure policies that originate from the patient, the law, or an organization, in an interoperable manner within an electronic health information exchange environment, so that individually identifiable health information may be appropriately shared for: 1) Patient treatment and care coordination; 2) Third party payment; 3) Analysis and reporting for operations, utilization, access quality and outcomes; 4) Public health reporting; 5) Population health, technology assessment and research

Purpose and Goals

The purpose of this initiative is to enable the implementation and management of varying disclosure policies in an electronic health information exchange environment in an interoperable manner with the goal to produce a pilot project allowing providers to share portions of an electronic medical record while not sharing others, such as information related to substance abuse treatment, which is given heightened protection under the law.

Scope

This initiative will focus on defining the use case, its user stories and requirements supporting a standards-based privacy protection architecture and specifically application of data segmentation for interchange across systems. Together with recommendations from the HITSC, the requirements will serve as the basis for a reference model validating the completeness of the standards in fulfilling the defined requirements and maintaining the privacy of the patient data based on patient consent decisions, applicable law and policies. Initial use case functional and data set requirements will encompass metadata tagging of privacy attributes in clinical and policy records and specifically considerations for 42 CFR Part 2 and non-disclosure to payers of patients paying out-of-pocket for their care as defined in Proposed Rule 45 CFR Part 164.522(a)(1)(iv) Existing relevant standards, implementation guides, prototypes and technologies will be looked to when developing the reference model.

Roadmap

  • Successful pilot test of a privacy protection prototype compliant with HIPAA privacy and security enforcement rules across multiple systems demonstrating interoperability (prioritize care settings for the pilot).
  • Validation of the applicability and adequacy of the recommended standard(s) in implementing a data segmentation solution.

Members

Recognizing the importance of perspective, it is critical to the success of this initiative to include: Patients, State HIEs, Providers, Provider Organizations, HISPs, Federal Agencies, Private HIEs, SDOs, Payers, Security/Privacy professionals, Privacy Advocacy Groups, Consumers and YOU.


Notional Project Timeline

DS4P Timeline Updated 03252013.jpg

Initiative Contacts

Name
Role
Contact Information
Johnathan Coleman
Initiative Coordinator
jc@securityrs.com
Julie Chua
ONC Sponsor
julie.chua@hhs.gov
Zachary May
Project Manager, RI/Pilot Lead
zachary.may@esacinc.com
Amanda Nash
Standards/Harmonization Lead
Standards Development Support Team Lead
amanda.j.nash@accenturefederal.com
Edit Contacts