Challenges remain with EHRs in protecting privacy for adolescents
Click Here to Manage Email Alerts
The current health information systems lack the capability to protect health information in the adolescent patient population, which makes treatment of these patients even more complicated, according to the AAP.
“Privacy and trust between the adolescent and provider during the health care visit is complicated by requirements to document care in the record, bill for services, and communicate with the parent/guardian within the boundaries of applicable state laws,” according to a policy statement from the AAP Committee on Adolescence and Council on Clinical and Information Technology.
Current problems
Current health information technologies, which include electronic health records (EHRs), personal health records (PHRs), personally controlled health records, health information exchanges (HIEs) or other patient portals, typically do not have the ability to support policies to allow minors to provide their own consent for health care or to protect their health care data.
“Continued lack of privacy protection in EHRs risks diminishing adolescent access to care, potentially resulting in higher adolescent pregnancy and STI (including HIV) rates, and unraveling significant gains that have been achieved,” the statement read.
Ideal EHR
The AAP recommends nine basic principles for ideal EHR systems. The first two principles include the creation and implementation of EHR system criteria that meet privacy standards for adolescents and that allow determination of who has access to, or who has the ability to control access to, the medical record either in total or in part.
The third and fourth principles relate to the creation and implementation of criteria for EHR systems that allow adolescents to record their treatment consents/authorizations based on privacy rules and laws and for EHR systems to allow the explicit and specific consent of the adolescent for release of specific protected health information.
The fifth and sixth principles include providing flexibility of these standards that allow protection of privacy for diagnoses and associated laboratory test results, prescriptions and essentially any documentation/note that contains confidential data, and in addition, to ensure that certified EHR systems meet privacy standards that are consistent with state laws.
The next two principles for developing an ideal EHR deal specifically with the ability to flag data being imported or exchanged between health entities so the information can be placed in a confidential section of the EHR if necessary, but also the ability to apply state and federal privacy/confidentially rules to prevent identification of individuals by unauthorized parties.
The final principle relates to billing and the importance of having a system that can suppress billing to the parent/guardian when an adolescent seeks care for health issues that are delivered during general visits and protected under state or federal statutes.
This policy statement was endorsed by the Society for Adolescent Health and Medicine.