Securing Sensitive Health Information – or any information for that matter
According to a press release, the Department of Health and Human Services (HHS) and the Department of Veterans Affairs (VA) demonstrated how metadata standards can be used to allow sensitive health information to be shared responsibly and comply with confidentiality laws and regulations using electronic health records. In the demonstration they illustrated that sensitive information can be tagged with metadata so when it is sent to another provider with the patient’s permission, the receiving provider will know that they need to obtain the patient’s authorization to further disclose the information with others.
According to the Chief Privacy Officer, Joy Pritts at the Office of the National Coordinator for Health Information Technology (ONC), “This project helps demonstrate that with proper standards in place existing privacy laws and policies can be implemented appropriately in an electronic environment.”
We have many government agencies using conceptClassifier for SharePoint and conceptTaxonomyWorkflow to proactively identify and secure and type of organizationally defined ‘PXX’. This is accomplished by creating a taxonomy that defines the organizationally defined ‘privacy or confidential’ information. As content is created or ingested, using our automatic semantic metadata generation capabilities, any content containing the descriptors or phrases can be routed to a secure repository for disposition. The flexibility also addresses any type of confidential information that the organization defines, such as the different levels of security applied to documents, financials, HR information, and is highly applicable to government agencies.
Simple to use, easy to implement and change. Sometimes I wonder why we make such a big deal about this.
For more information on the above project, please visit the Data Segmentation for Privacy Initiative website.