Rules engine touted for interstate exchange of health records

Members of a federally sponsored collaborative will recommend this month creation of a rules engine to facilitate exchange of patients’ e-health information across state lines.

The rules engine – a database and associated software – would determine what privacy and consent laws apply for a given transfer of information and report those findings, simplifying the process of obeying disparate state laws and rules governing health information.

The recommendation will come from the 11-state Interstate Disclosure and Patient Consent Requirements Collaborative, part of the Health Information Security and Privacy Collaborative (HISPC) that has been working since 2005 to overcome the barriers created by disparate state laws and regulations.

For example, Minnesota requires that patients give consent before their health records can be disclosed to a third party in most cases, while Indiana’s laws place few restrictions on sharing of that information. If a patient in Indiana wants a Minnesota doctor to forward certain health records to a California doctor, what rules apply, and how could they be implemented in online communications?

Uncertainty about the applicability of laws in other states and lack of knowledge of those laws has hampered the interstate exchange of health information and could keep the Nationwide Health Information Network from achieving its potential, experts have said.

Victoria Prescott, a leader of the disclosure collaborative, told a HISPC conference audience in Bethesda, Md., March 4^th that the group is proposing a disclosure and authorization requirements engine, already known by the acronym DARE, in response to those concerns.

Laws and rules of each participating state would be entered into the engine and would form the basis of the advice the engine would provide to those engaging in a transfer of information across state lines.

The engine would need some specific information, such as whether the information concerned HIV status or pertained to a minor, before it could provide a complete response.

The DARE recommendation will be included in the collaborative’s report that is due at the end of March as the HISPC project comes to a close.

Linda Dimitropoulos, the project director at consulting firm RTI International, said HISPC has requested additional federal funding for further work. But she said there has been no word from the Office of the National Coordinator of Health IT on the fate of that request.