Home » News » Electronic Health Record | Health Information Exchange (HIE) | Population Health
Receive News
By Email

  • del.icio.us
  • Digg
  • Facebook
  • Google
  • Reddit
  • StumbleUpon
  • RSS Icon
  

Why Harvard's Health Record Bank could be a turning point

April 20, 2012 | William Yasnoff, MD, PhD, President, Health Record Banking Alliance

Related Resources

In a major new development in the world of health IT, the Data Privacy Lab in the Institute of Quantitative Social Science at Harvard University will soon unveil a health record bank (HRB) that allows anyone to own and manage a complete, secure, digital copy of their health records and wellness information with a free account. This is the first time that a prominent academic institution is hosting an HRB for use by the general public and communities nationwide.

The service, called MyDataCan, is a secure and trustworthy technical infrastructure for receiving, storing and facilitating consumer-controlled access to personal information, including medical data. Its design is extensible to cover various forms of personal data, customizable through third-party applications, and benefits from a multimillion-dollar investment by Harvard.

[See also: PHRs will need mroe than data to flourish.]

MyDataCan was conceived and developed by Dr. Latanya Sweeney, the well-known computer scientist and privacy expert, who is also a member of the HHS HIT Policy Committee. Its purpose is to demonstrate, develop and study how a real-world platform that stores and protects sensitive data and makes information available for aggregate analysis (with permission) can operate successfully. It evolved from the Indivo open-source patient-controlled health record software previously developed at Harvard Medical School.

This launch is important for health IT because an HRB can provide and sustain all the capabilities of a fully functional health information infrastructure (HII):

1. It allows access to comprehensive individual electronic patient records, aggregation of population information for public health and medical research, and record searching to facilitate patient-specific notifications;
2. Privacy is protected since each patient determines who can access which portions of their own health records;
3. Collecting patient information is assured – since patients request their records, all providers must supply them (under HIPAA and for Stage 2 Meaningful Use);
4. It is inexpensive to operate since it obviates the need for the complex and costly real-time record locator services necessary when each patient’s records from all sources are not centrally stored;
5. Patient consent enables innovative applications linked to HRB accounts, providing compelling value to consumers and other stakeholders (e.g., reminders and alerts), thereby ensuring more than enough revenue for financial sustainability. HRBs could even fund permanent, ongoing EHR incentives to office-based providers to help further promote widespread adoption and standards compliance. The HRB at Harvard therefore represents a feasible and readily achievable HII paradigm that can be utilized by individuals and communities nationwide.

The business model for this HRB is analogous to the "app store" concept in the smart phone world. The Data Privacy Lab anticipates that lots of MyDataCan applications ("apps") will be built. While many of these apps will be free to account-holders, some will provide sufficiently compelling value that consumers and other stakeholders will pay modest fees for them. The project will retain a small percentage of those fees to support the infrastructure.

Importantly, all user data is double encrypted so that, like a safe deposit box, two keys are required to make the data available - one from Harvard and one from the user. In this way, users can be confident that their data is only available with their permission. MyDataCan is hosted in a highly secure data center with power and network backup, fire suppression systems and a second, physically separate, fully-capable backup data center, operated and utilized by Harvard for highly sensitive data.

[See also: The 5 (PHIve) steps you can take now to protect PHI.]

To facilitate use of MyDataCan as an HRB, the Data Privacy Lab will provide both a physician and patient portal for easy, intuitive access and expects to implement interfaces to holders of electronic medical information, such as prescriptions, to facilitate direct electronic deposits of patient data. Ultimately, it is expected that patient information will also flow to MyDataCan through secure messaging using the Direct Protocol. In this way, the HRB at Harvard can be a patient-designated destination for health records transmitted from provider EHRs to meet the "download and transmit" requirement of Stage 2 Meaningful Use. MyDataCan is also implementing online data collection for home medical devices (e.g., glucometers) so patients can easily upload information to their accounts electronically from such devices (without manual transcription).

It will be interesting to see if the Data Privacy Lab at Harvard can overcome the challenges of making MyDataCan a sufficiently valuable service to attract large numbers of consumers. If so, it may prove to be a turning point in the road to our nation’s health information infrastructure.

William Yasnoff, MD, PhD, FACMI, is a health IT consultant and President of the Health Record Banking Alliance. His prior work at HHS resulted in the creation of ONC in 2004. He is the author of the Health Information Infrastructure chapter in the textbook Biomedical Informatics (Shortliffe & Cimino, eds.).

Related Topics:

Reader Comments (1)Login to Post a Comment

ZaQ54 says: Why are schools trying to build Healthcare IT systems?
June 21, 2012 | 3:11PM GMT
I do not know why so many so called experts keep missing the point about patient-centric healthcare information! ! ! Once again William Yasnoff, MD wants to tag along with a group that says they have the solution. Why is he not looking at the innovation that is being created by real innovative IT companies? Harvard is great school. Not an IT solution company. Indivo has been around for a long time and has not been valuable for Dossia or anyone else. If anyone really wants to find innovative Healthcare IT solutions, then go search for real healthcare technology that is being created by IT engineers. Technology Engineers do not practice medicine! Why then do medical caregivers try to practice technology engineering? Patient Privacy Advocates will kill this product because you are using the patient’s data without their constant authority. Who would ever give you real medical data to use somewhere in the cloud? Not me. I want my medical data to help my healthcare, not Harvard’s reporting capability. Is Harvard in search for another research grant, and need patient data to get it done? Good Luck