Technology | June 11, 2007

Integration of Privacy Policies, Patient Consent Directives at Granular Leve

The HIPAAT consent aggregation solution with new application interface (API) functionality provides all health information stewards – from care delivery organizations (CDOs) to regional and national health networks – the ability to securely integrate privacy policies and patient consent directives at a granular level.

HIPAAT’s solution simplifies consent management functioning across disparate applications to enable CDO health networks to control organizational privacy policies; patients to block access to some or all of their electronic health information (PHI) on a case-by-case basis; caregivers to have override ‘break the glass’ access to PHI; a secure, centralized audit trail; and automatic, immediate breach reporting to the privacy officer through email alerts.

Components of the solution include Privacy eSuite, the server (service-oriented architecture) where consent directives are defined and automated; Universal Audit Repository, the stand-alone repository of PHI access events and source of privacy breach alerts; and Privacy Manager, client software controlling user access to PHI based on patient and system directives.