Download PDF
Appl Clin Inform 2023; 14(03): 544-554
DOI: 10.1055/s-0043-1769924
Adolescent Privacy and the Electronic Health Record

Shifting into Action: from Data Segmentation to Equitable Interoperability for Adolescents (and Everyone Else)

Authors

  • Chethan Sarabu

    1   Department of Pediatrics, Stanford University School of Medicine, Palo Alto, California, United States

  • Marianne Sharko

    2   Department of Healthcare Policy & Research, Division of Health Informatics, Weill Cornell Medical College, New York, New York, United States

  • Carolyn Petersen

    3   Department of Artificial Intelligence and Informatics, Mayo Clinic, Rochester, Minnesota, United States

  • Hannah Galvin

    4   Department of Information Technology, Cambridge Health Alliance, Tufts University School of Medicine, Cambridge, Massachusetts, United States

FundingShift Board member organizations (the American Medical Association, the American Academy of Pediatrics, Integrating the Healthcare Enterprise, the Healthcare Information and Management Systems Society Electronic Health Records Association, Drummond Group, and the AARP) have all made financial contributions and/or donated services in kind to support Shift. These funds are administrated by the Cambridge Health Alliance, a nonprofit entity.
Further Information
Also available at
 
 PDF Download Permissions and Reprints

Abstract

Background Technological improvements and, subsequently, the federal 21st Century Cures Act have resulted in increased access to and interoperability of electronic protected health information (ePHI). These not only have many benefits, but also have created unique challenges for privacy and confidentiality for adolescent patients. The inability to granularly protect sensitive data and a lack of standards have resulted in limited confidentiality protection and inequitable access to health information.

Objectives This study aimed to understand the challenges to safe, equitable access, and interoperability of ePHI for adolescents and to identify strategies that have been developed, ongoing needs, and work in progress.

Methods Shift, a national task force formalized in 2020, is a group of more than 200 expert stakeholder members working to improve functionality to standardize efforts to granularly identify and protect sensitive ePHI to promote equitable interoperability.

Results Shift has created high-priority clinical use cases and organized challenges into the areas of Standards and Terminology; Usability and Implementation; and Ethics, Legal, and Policy.

Conclusion Current technical standards and value sets of terminology for sensitive data have been immature and inconsistent. Shift, a national diverse working group of stakeholders, is addressing challenges inherent in the protection of privacy and confidentiality for adolescent patients. The diversity of expertise and perspectives has been essential to identify and address these challenges.


 

Keywords

interoperability - privacy - confidentiality - standards - implementation - data segmentation - DS4P - adolescent

Background and Significance

We have entered a digital age in which electronic protected health information (ePHI) is becoming accessible and shareable for all patients. Increased patient access to ePHI promotes health care autonomy, improved access to providers, control over personal health information, and is now mandated by the U.S. federal 21st Century Cures Act Final Rule.[1] However, this access to health information raises unique privacy concerns for adolescent patients.[2]

Age of Adolescence

Adolescence is a time of exploration and discovering a sense of self apart from parental influence. Adolescence is also a time of increased needs for reproductive, mental, and behavioral health.[3] [4] [5] Multiple studies have found that adolescents will not seek needed health care for issues such as mental health, reproductive health, and intimate partner violence if they fear that related sensitive information will be shared with parents or guardians.[6] [7] [8] [9] [10] [11]

It is essential that adolescents are ensured a private, protected relationship with health care providers, a relationship secured by law in most states. The beliefs and attitudes an adolescent develops during this time regarding one's ability to trust clinicians and the health care system may follow them for the rest of their life. Also, recent state and federal policies have created exigency on the protection of sensitive health data in the electronic health record (her), including legislation related to reproductive and gender-affirming care.


 

Adolescent Privacy Protection in the Electronic Health Record

Protecting adolescent privacy in therEHR has unique challenges.[12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] Varying privacy and confidentiality laws add complexity to interstate health information exchange (HIE). These laws vary by minors' age, type of care, and context. It is imperative to communicate limitations in privacy protection to adolescents and their parents, who are often unaware of the implications of shared sensitive health information.[17] [25] [26] [27] [28] [29] [30] Health care providers encourage adolescents to share sensitive information and thus must find ways to prevent unintended information disclosures. Strategies, such as separate adolescent and parental proxy portal accounts, have been established to help protect this information.[31] However, portal privacy policies vary widely and have limited protection against parental access to adolescent accounts.[32] [33] [34] [35] [36] [37] Research across three children's hospitals reported that 64% of adolescent accounts had been accessed by a parent, presenting an additional barrier to privacy protection.[32]

All 50 states afford varying degrees of adolescent confidentiality for certain types of care (usually substance use, reproductive, and mental health), though there is significant variability in confidentiality limitations and portal policies.[38] At the onset of adolescence, many health systems provide portal access to the patient and move the parent/guardian to a proxy account. When provisioning proxy access, some health systems limit proxy account information to a small subset of health information and allow full access to the adolescent. Other institutions avoid the risk of inadvertent disclosure by allowing the patient and proxy account to access only limited nonsensitive health information. At the age of majority, young adults gain full access and the proxy access must be removed.

These portal access shifts present a challenging workflow for most health IT platforms. With significant effort and clinical informatics resourcing, health systems may be able to structure limited granular segmentation of data that cross to different portal users. However, this is institution-specific and cannot be leveraged for interoperability. The limitation of standards and lack of implementation guidance render this build complex and resource-intensive, so it remains a limited alternative.[39] Similar considerations exist for digital health platforms targeted to teens.


 

Sensitive Data

What is “sensitive” to one individual may not be sensitive to another. Based on federal and state law, information related to reproductive health (sexually transmitted infections, pregnancy, and genetic information), sexual orientation, behavioral health, and substance use are commonly considered “sensitive.” However, other data may be considered sensitive in certain contexts (e.g., an injury for a serious athlete). Some do not regard certain health data as sensitive and may be offended when others consider it so (for instance, a proudly gay individual or an advocate for the destigmatization of mental health conditions). Furthermore, patients may face implicit and explicit biases basheron EHR information.[40] [41] [42] [43] [44] [45] [46] [47] Patients may wish to block certain data from being shared, but due to limitations in segmentation abilities, must share data in an all or none fashion regardless of platform. Furthermore, requesting that data not be shared through the HIE and the health system requires a savvy patient and institutional compliance.

Even if agreement is reached around sensitive data elements and deployment of the necessary technical capabilities, unaddressed usability questions such as how patients request withholding of data, what informed consent would involve and how it would apply to adolescents, and how clinical systems would operate under redaction or obfuscation and interact with other systems (e.g., decision support) remain. For the portal, in particular, questions exist about whether and how proxies would know (or not know) that data are present but redacted.


 

Equitable Interoperability

The ability to share medical records seamlessly among health care providers has been a goal over the past decade. However, as health information becomes more readily shared between health care systems and clinicians, numerous complexities arise. For example, a patient may not want sensitive information, such as a prior abortion, readily shared with their allergist. However, there are concerns about potential safety issues if data redaction blocks view of a patient's full medical history.

Lack of mature standards prevents reliable, consistent granular protection of sensitive data, leading to information blocking of larger segments of ePHI and inequitable patient access to health information.[39] This differentially affects vulnerable patient groups with increased needs for sensitive data protection, such as LGBTQ youth and victims of abuse. Currently, patients without sensitive data can fully benefit from interoperability, whereas those with sensitive data may fear doing so, resulting in health inequities. Some organizations resort to blunt algorithms or manual processes to withhold data sharing for broad populations, which may result in care inequities and potential information blocking, as patients with stigmatized conditions may decline to consent to data sharing. As some sensitive conditions are more prevalent in vulnerable populations (including adolescents) and historically disenfranchised populations, such concerns contribute to disparities in care.


 

Information Blocking

The 21st Century Cures Act Information Blocking Final Rule and the Dobbs v. Jackson Women's Health Organization Supreme Court decision intensified the need to segment and protect sensitive data.[1] [48] Information blocking is “a practice that is likely to interfere with the access, exchange or use of electronic health information, except as required by law or specified in an information blocking exception.”[49] [50] [51] [52] The Dobbs decision heightens the urgency for development of functionality enabling granular segmentation of reproductive health and pregnancy outcomes data from a broad range of health care stakeholders, particularly for interstate data sharing.[40] [41] Lack of granular segmentation standards that accommodate information blocking exceptions may ultimately result in less information sharing. Implementation of functionality to comply with information blocking provisions has made privacy concerns a lived reality for clinical staff, patients, and technology vendors alike.


 

 

Methods

Shift

There have been efforts to address these challenges involving the granular segmentation of sensitive data, but current technical standards to identify and protect sensitive health data are immature and inconsistent. Although value sets for sensitive terminologies exist, they are neither comprehensive nor maintained, and fail to identify all sensitive adolescent health information. Health care providers need more sophisticated functionality to identify, segment, and protect sensitive ePHI while complying with regulations and improving general access to ePHI. Other populations besides adolescents (e.g., racial, ethnic, and sexual minorities) may experience medical mistrust and implicit biases if sensitive health information is shared without their knowledge, explicit consent, and ability to withhold certain data.

Shift, an independent task force for equitable interoperability, was formalized in 2020 to address challenges arising from the need to segment data. The Governing Board for Shift includes representation from the American Academy of Pediatrics, American Medical Association, Electronic Health Records Association, Integrating the Healthcare Enterprise, Drummond Group, AARP, and the Office of the National Coordinator for Health IT (ONC) as an ex officio member. The Drummond group has been a stakeholder and supporter of the work of Shift; in this capacity, they are one of several Governing Board organizations who guide Shift's mission, vision, and deliverables. Also in this capacity, they have provided in-kind services such as Web site hosting, project management services, and personnel. Shift (http://www.shiftinterop.org) brings together more than 200 expert stakeholders to tackle these questions through a consensus-driven approach to advance standards development, implement guidance, and drive policy.


 

Brief Review of Existing Work

Shift first explored the work that had already been done in this space to understand the challenges and opportunities of where existing work could be leveraged and where new development was needed. To address the need for a national standard to support tagging of sensitive data for interoperable data sharing, the Data Segmentation for Privacy (DS4P) HL7 Clinical Document Architecture (CDA) Implementation Guide (IG) standard was developed in 2011 and accredited by the American National Standards Institute in 2014.[53(p7)] This IG was primarily developed around data exchange subject to 42 Code of Federal Regulations (CFR) Part 2 restrictions related to federally funded substance use treatment programs. The original standard allowed for tagging of Consolidated Clinical Document Architecture (C-CDA) metadata at the document, section, or entry level to indicate that the data contained therein was restricted and subject to redisclosure restrictions. A handful of pilot implementations are described in [Supplementary Table S1] (available in the online version).

Since then, DS4P HL7 version 2.9 and DS4P Fast Healthcare Interoperability Resources (FHIR) IGs have been developed. DS4P FHIR allows direct labeling of data elements as sensitive without the dependency of sending the C-CDA document. DS4P has also provided the data segmentation underpinnings then supported by several consent management platform tools, which allow a patient or organization to define how they would designate their data to be shared. Since May 2020, the HL7 Security Work Group has been developing an evolving FHIR DS4P IG leveraging the HL7 Healthcare Privacy and Security Classification System for security labeling. Further development of DS4P FHIR implementation guidance for the use of FHIR security labels based on an expanded set of use cases is needed.

Some EHR vendors have, and continue to, develop vendor-specific functionality that supports tagging of sensitive data, specifically for release to the portal. These development efforts accelerated in response to the 21st Century Information Blocking Final Rule. While this work may benefit some users, some vendor-specific approaches do not promote interoperability or the ability to share data with established exceptions across the health care ecosystem.[54]

While DS4P allows for tagging of data to specify its sensitivity, a consent management platform is then needed to capture patient sharing preferences. Several these have been developed and piloted, including Consent2Share, an open-source tool developed by the Substance and Mental Health Services Administration (SAMHSA), which utilized DS4P CDA. More recently the San Diego Regional HIE Leading Edge Acceleration Projects (LEAP) project focused on implementation of the FHIR Consent Resource to manage consent for privacy, medical consent, advance directives, and research, as well as using a security labeling service.[55]

Although DS4P and various consent management platforms have had successful individual pilots within a single regional system, implementation of granular segmentation and consent management to support individual privacy preferences and equitable interoperability has not scaled nationwide.


 

Shifting the Approach

After understanding the existing landscape of data segmentation efforts, Shift developed an approach that was not only narrowly focused on technical standards alone but also simultaneously considered the usability, implementation, ethics, legal, policy, provider, and patient considerations as key pillars. Shift identified key leaders and stakeholders passionate about all of these aspects of the work and then created subworkgroups that scoped out these challenges described in detail below. The first step involved creating high-priority use cases that were based on real-world needs that cut across different age groups, sensitive conditions, and types of data exchange. The adolescent use case with fictional patient Maritza is depicted in [Fig. 1] with the other use cases summarized in [Fig. 2].

Zoom
Fig. 1 (Top) Maritza a 16-year-old female visits her primary care physician for a visit where she and her mother discuss Maritza's worsening asthma for which she is prescribed an inhaler and referred to a pulmonologist. (Bottom) While Maritza and the primary care physician talk alone, she shares that she plans to be sexually active and an oral contraceptive pill (OCP; ethinyl–estradiol–norethindrone) is prescribed. This order and documentation about it are highlighted in yellow in the diagram (data presented in this figure are imaginary). EHR, electronic health record.
Zoom
Fig. 2 Shift use cases. EHR, electronic health record; HIE, health information exchange.

 

Standards, Terminology, and Technical Challenges

One challenge to moving beyond blunt “all-or-none” information-sharing policies and toward granular data segmentation is to define specifically which data need to be segmented. Such effort often begins with legal guidance around broad categories such as reproductive or mental health, followed by the translation of those concepts into medical terminology and structured codes needed to automate this work in a standardized fashion. As a result, individual institutions must create their own list of sensitive diagnoses, procedures, laboratory results, and vital sign codes that must be regularly updated. Such efforts require a significant amount of informatics resources that many institutions lack. Laws defining protected categories of data exist at the broad level of reproductive health or behavioral health and provide no translation into specific diagnostic (e.g., the International Classification of Diseases Tenth Revision), procedure (e.g., Current Procedural Terminology), laboratory (Logical Observation Identifier Names and Codes), or medication (RxNorm) codes, which has resulted in a patchwork of nonstandardized lists. The variation in lists of sensitive conditions may render a condition treated as sensitive at one institution to be treated as not sensitive at a second institution posttransmission.

This may impact adolescent practitioners when addressing reproductive health concerns such as contraception. In the adolescent Maritza use case, EHR managers at the primary care physician's (PCP) health care system would have defined a list of sensitive medications and included the oral contraceptive pill (OCP) on that list and also defined where that information would and would not show up in the EHR and portal. However, the EHR used by the pulmonologist's health system—even if from the same vendor—might be configured differently, including without a list of sensitive medications ([Fig. 3]).

Zoom
Fig. 3 The complex interplay of systems and data across multiple electronic health record systems. While health system 1 (green circle) may have particular policies around sensitive medications, that information will travel to other systems such as a specialist provider, pharmacy, or payor who all may have different rules with handling classifications of sensitivity. EHR, electronic health record; PCP, primary care physician.

Another challenge is to use standardized condition lists to tag sections of the EHR with the appropriate sensitivity label. This has been done at the time of data transmission through the C-CDA, but there is increasing exploration of security labeling using FHIR resources, which would allow tagging of individual data elements within the chart itself and even potentially the tagging of free text via natural language processing. Many settings specialized in caring for adolescents may be attuned to the privacy protection needs of this population and their specific relevant state legislation. They may set up vendor-specific functionality and train their staff in workflows to support these protections. However, when an adolescent's data leave the confines of these settings, protecting their privacy may become more challenging. In the use case, the PCP's EHR may have defined the OCP as a sensitive medication and may prevent any sensitive medications from being listed in the medication list of the proxy portal account. When Maritza's medication list is sent to the pulmonologist's EHR system, the OCP on the medication list may no longer be marked as sensitive, thereby showing the OCP in Maritza's medication list on the pulmonologist's portal, where her mother has proxy access. This issue is partly a technical challenge of EHR structure and becomes much more of an implementation and usability challenge based on how institutions build and train clinicians to use EHRs.


 

Usability and Implementation Challenges

While the technical challenges are myriad, solving them is only part of the work. Usability, which covers everything from the way patients request sensitive data segmentation to how clinicians view and interact with segmented data in EHRs, must be taken into account. This conversation usually starts when patients are first given information about a health care practice's notice of privacy policy (NPP) and documentation about the Health Insurance Portability and Accountability Act (HIPAA) and are asked to sign a document describing how their information will be used and shared. Some of this process takes place face-to-face, and some preferences may be captured digitally such as through an eConsent mechanism. The examples discussed here largely focus on provider-based care, but patients may use self-selected digital health services, which have their own protocols and usability considerations. When Maritza and her mother first sought care at the PCP and pulmonologist's office, they would have been asked to review and agree to the NPP and HIPAA policies, and in the current state would not have had the ability to make specific data segmentation requests.

On the clinician side, usability questions such as how redacted data show up in EHRs and whether there are alerts to clinicians suggesting that the record contains data they cannot see. EHRs use data such as diagnosis to inform clinical decision support and other functionality, and if the data powering such systems are obfuscated the function of downstream processes must be managed. For instance, if in the future Maritza requires treatment such as an antiepileptic medication, a drug–drug interaction checker may find potential adverse reactions between the antiepileptic and the OCP through functionality that providers rely on as a safety check.

Beyond the usability challenges, variation may result from EHR vendors' technology, variation in institutional IT resources, and the ability to implement more complex workflows. Institutions have their own legal and policy mandates around granular data segmentation, and these challenges affect other stakeholders such as pharmacies and payors. When Maritza's PCP ordered both the new inhaler medication and the OCP, the orders were both sent to the same pharmacy, where Maritza's mother might be listed as the primary contact. The pharmacy information systems would also need to know that the OCP is a sensitive medication and that the pharmacy should not inform Maritza's mother that there are two medications. Similarly, when the claim goes to the insurance company, the details of the visit are shared with the primary guarantor (who is usually not the adolescent) in an explanation of benefits (EOB) form, and again the OCP as a sensitive medication should not appear ([Fig. 4]). As an aside, this raises a complex ethical and legal question around whether information can be obfuscated from the person paying the health insurance premium and/or copay.

Zoom
Fig. 4 The primary care physician's EHR system and patient portal is configured so that the oral contraceptive pill (ethinyl–estradiol–norethindrone) is identified as a sensitive medication and not shared with Maritza's mother through the proxy portal access. However, when this medication information is exchanged to the pulmonologist's EHR system (part of a separate health care system), the medication is not identified as sensitive and furthermore is revealed to Maritza's mother in the second proxy portal account, indicated with the red outline. EHR, electronic health record.

 

Ethical, Legal, Administrative, and Policy Challenges

There are complex ethical and legal considerations to address. For example, categories of sensitive data need to be identified and codified. However, due to broad legal variability across state lines with nuanced gray areas of interpretation, differing institutional interpretations leads to differing policy development. Ethical questions remain around patients' rights to redact data they do not want to share and whether such rights supersede a clinician's belief that a complete medical record is essential for safe medical decision-making.

More recently, the legal risks for patients and providers alike have been escalating, particularly around the criminalization of reproductive care and gender-affirming care. If a patient crossed state lines to receive such care in a state where care is legal, details about this care could follow them back to states where such care is illegal and thereby expose patient and provider to legal risk. Even when such care is lawful, data redaction could prevent the stigma and bias experienced by some patients when providers are aware of the care.[40] [42] [43] [44] [45] [46] [47]


 

Existing Work

Some EHR vendors have, and continue to, develop vendor-specific functionality that supports tagging of sensitive data, specifically for release to the portal. These development efforts accelerated in response to the 21st Century Information Blocking Final Rule. While this work may benefit some users, vendor-specific approaches do not promote interoperability or the ability to share data with established exceptions across the health care ecosystem.[54]

While DS4P allows for tagging of data to specify its sensitivity, a consent management platform is then needed to capture patient sharing preferences. Several these have been developed and piloted, including Consent2Share, an open-source tool developed by the SAMHSA, which utilized DS4P CDA. More recently the San Diego Regional HIE LEAP project focused on implementation of the FHIR Consent Resource to manage consent for privacy, medical consent, advance directives, and research, as well as using a security labeling service.[55]

Although DS4P and various consent management platforms have had successful individual pilots within a single regional system, implementation of granular segmentation and consent management to support individual privacy preferences and equitable interoperability has not scaled nationwide. DS4P and consent management tools do not adequately address other high-value clinical use cases such as Maritza's, and as a result, granular segmentation of data leveraging these tools has not been prioritized.


 

 

Results

The pilot implementations of the DS4P standard advanced the notion and technical possibility of granularly segmenting data within a narrow clinical and technical scope. Shift's approach introduces additional high-value real-world clinical use cases, develops a reusable methodology, and builds on pilot implementations and standards development work already underway.

Clinical Use Cases

Shift has developed four high-priority clinical use cases to be addressed in two phases, as depicted in [Fig. 2].

Clinicians with subject matter expertise developed these use cases in an iterative process along with other Shift stakeholders who provided feedback on informatics, data, and ethical considerations. The range of topics that were determined to be important were divided across the use cases. The Pareto principle was used to create comprehensive, representative use cases that are detailed but not overly complex to ensure that initial implementation would be feasible. The use cases include a patient narrative followed by discrete data elements, the specification of specific methods of exchange, and privacy concerns including harms. Shift's clinical use cases have also been leveraged in other related stakeholder work such as that featured in the Stewards of Change Institute report, the OpenID Heart Working Group, and the Gravity Project on the social determinants of health use cases.[56] [57] [58]


 

Standards and Terminology

Standards development work, in alignment with the HL7 Security Workgroup, is focused on formulating a framework methodology that can:

  • Identify use case data elements harmonized using the U.S. Core Data for Interoperability.

  • Use a decision-tree process to better standardize the translation of broad categories (i.e., reproductive health) to subcategories (i.e., sexually transmitted infections) to specific code sets.

  • Curate value sets for the data elements, which includes defining a nationally available, steward-maintained Value Set Authority Center (VSAC) terminology value set for sensitive conditions.

  • Leverage DS4P FHIR work for designing and implementing computer consumable HL7 data tags.

  • Define privacy policies and identify patient consent preferences through an existing consent management engine to develop sandbox demonstrations of increasing complexity.

The National Library of Medicine maintains the VSAC Web site, which acts as a central database of value sets developed by various organizations for clinical, operations, and research purposes. SAMHSA developed a C2S VSAC Value Set of sensitive conditions, largely focused on the 42 CFR Part 2 use case, but this was not comprehensive around other conditions and has not been maintained since 2016, so is now outdated. Shift is bringing together organizations that can be stewards of a Shift-guided value set that can become a de facto standard.


 

Implementation

Implementation guidance is needed to address several challenges and controversial issues. If a single site or system has the resources to invest in a pilot, it can determine how to manage such challenges within its own system, but for granular segmentation of data to scale nationally, such recommendations are needed on a broader level.

Shift is engaging expert stakeholders in a modified Delphi process to develop consensus-driven guidance around areas identified as specific barriers to implementation, including those outlined above. At a high level, this will involve determining how to achieve the appropriate balance between patient safety and privacy considerations as well as the balance between allowing specificity while limiting provider burden. Once drafted, Shift will seek feedback and ultimately endorsement of this implementation guidance from clinical and industry professional societies.


 

Ethical, Legal, and Policy

Shift is developing a foundational legal framework, including a specific adolescent roadmap, to help implementers navigate compliance and jurisdictional considerations. This work will facilitate the required standards revision and implementation guidance with a scalable methodology needed to drive widespread adoption. Future work will include advocacy for and sponsorship of governmental policy to promote equitable interoperability across the health care ecosystem.

Stakeholders are unlikely to adopt new standards without a financial or policy driver. ONC has introduced DS4P as an optional standard, as in the past industry regarded required standards with unease due to the effort and cost of development and implementation. Shift's goal is to work across the industry to mature the standard and implementation guidance while working closely with ONC to advance policy that drives widespread adoption.


 

 

Discussion

The use cases across the different age spans have been designed to address the high-yield clinical scenarios encountered in the real world. These span reproductive health, mental or behavioral health, substance use issues, as well as integration with sensitive social determinants of health data. The use cases each identify a specific challenge around sensitive data exchange including EHR to patient portal, EHR to EHR directly and through an HIE, as well as plans to address connections between EHR data and third party mobile applications.

There is a significant amount of common framework that all use cases can benefit from around standards for segmenting sensitive data. However, there are unique aspects for each of the cases that are being developed as well. While most states provide adolescents' with the right to seek confidential care around certain topics, it is uncertain if this means they also have the right to request that their medical records are not exchanged to a specialist at a different health system if their parent/guardian wants them to. These additional ambiguities and scenarios regarding adolescent rights necessitate further refinement and implementation by health care systems.[59]


 

Conclusion

Adolescence is a time of increasing desire for and benefit from privacy during growth into adulthood. Advances in health information, digital access to personal health information, and regulatory mandates supporting individuals' access to their EHR have created new opportunities for adolescents to manage their privacy. Such advances also have created new complexities in the management of health information and—more importantly—the human relationships with parents and medical care providers that underlie effective health management. The development of information sharing standards and integrated applications along with the clarification and coordination of policy across states and the federal government increasingly support development of data segmentation functionality. Shift reviewed the insights from previous work and assessed persistent gaps to identify additional high-value real-world clinical use cases, build upon ongoing standards development, and develop a scalable methodology. The progression of this work will advance the implementation of an adolescent health record that supports youths' growing autonomy and privacy needs as well as provider requirements for administering effective, appropriate care.


 

Clinical Relevance Statement

This manuscript is clinically relevant due to the current pressing challenge that health care systems and providers of health care data wrangle with regarding the provision of access to adolescents' regarding their own health care data while maintaining confidentiality.


 

Multiple-Choice Questions

  1. Which of the following is not a challenge of protecting adolescent privacy in EHRs in today's interoperable ecosystem?

    • Understanding state law and translating broad categories into standardized terminology

    • Inability to granularly segment data

    • Lack of access to patient portals for adolescents

    • Transmission of data to guarantor on the EOB

    Correct Answer: The correct answer is option c. Today's EHRs do provide access via patient portals to adolescents who meet the criteria for access as defined by state law, regulation, and institutional policy.

  2. What is meant by the term “equitable interoperability”?

    • Making sure everyone has access to high-speed bandwidth Internet

    • Making sure that everyone gets the benefits of interoperability by providing the ability to granularly segment data instead of forcing individuals to choose blunt “all or none” privacy protections

    • Ensuring that every health care organization is connected to a Qualified Health Information Network (QHIN)

    • Making sure that every clinic has a patient portal that can be accessed using a mobile device

    Correct Answer: The correct answer is option b. Equitable interoperability ensures that all individuals receive the benefits of an interoperable health care ecosystem.

  3. Which one of the following is not a deliverable of Shift?

    • Identify a steward to maintain a nationally available VSAC terminology value set for sensitive conditions

    • Build a consent management platform

    • Leverage a modified Delphi process to produce consensus-driven expert data segmentation implementation guidance regarding several complex issues related to patient safety, usability, and ethics

    • Advocate for a policy driver to advance widespread adoption of granular segmentation capabilities

    Correct Answer: The correct answer is option b. Shift is not developing a consent management platform but rather is building on existing technology to advance consent processes and granular segmentation of data.

  4. How can I get more information about Shift or get involved in this work?

    Correct Answer: The correct answer is option a. Information about Shift initiatives that are currently recruiting assistance is available at http://www.shiftinterop.org.


 

 

Conflict of Interest

C.S., M.S., C.P., and H.G. are all volunteer members of Shift; H.G. is Shift Board cochair. H.G. works for Cambridge Health Alliance, the nonprofit entity through which Shift funds are administered. C.S. is an employee of Sharecare; however, none of the work in this paper is based on his work or time there.

Protection of Human and Animal Subjects

No human or animal subjects were involved in this work.


Supplementary Material


Address for correspondence

Chethan Sarabu, MD
Department of Pediatrics, Stanford Medicine
453 Quarry Rd, Palo Alto, CA 94304
United States   

Publication History

Received: 17 January 2023

Accepted: 19 April 2023

Article published online:
19 July 2023

© 2023. Thieme. All rights reserved.

Georg Thieme Verlag KG
Rüdigerstraße 14, 70469 Stuttgart, Germany


  Permissions and Reprints
Zoom
Fig. 1 (Top) Maritza a 16-year-old female visits her primary care physician for a visit where she and her mother discuss Maritza's worsening asthma for which she is prescribed an inhaler and referred to a pulmonologist. (Bottom) While Maritza and the primary care physician talk alone, she shares that she plans to be sexually active and an oral contraceptive pill (OCP; ethinyl–estradiol–norethindrone) is prescribed. This order and documentation about it are highlighted in yellow in the diagram (data presented in this figure are imaginary). EHR, electronic health record.
Zoom
Fig. 2 Shift use cases. EHR, electronic health record; HIE, health information exchange.
Zoom
Fig. 3 The complex interplay of systems and data across multiple electronic health record systems. While health system 1 (green circle) may have particular policies around sensitive medications, that information will travel to other systems such as a specialist provider, pharmacy, or payor who all may have different rules with handling classifications of sensitivity. EHR, electronic health record; PCP, primary care physician.
Zoom
Fig. 4 The primary care physician's EHR system and patient portal is configured so that the oral contraceptive pill (ethinyl–estradiol–norethindrone) is identified as a sensitive medication and not shared with Maritza's mother through the proxy portal access. However, when this medication information is exchanged to the pulmonologist's EHR system (part of a separate health care system), the medication is not identified as sensitive and furthermore is revealed to Maritza's mother in the second proxy portal account, indicated with the red outline. EHR, electronic health record.