Progress on Data-Sharing Agreements

Nov. 16, 2011
We've all heard that the legal and policy issues around sharing data are more difficult and time-consuming than the technical details of designing a system.

We've all heard that the legal and policy issues around sharing data are more difficult and time-consuming than the technical details of designing a system.

In the post-mortem of the failed Santa Barbara County Care Data Exchange in California a few years ago, participants noted that privacy and liability concerns were major impediments to success. The complexity level is even greater for organizations trying to share data across state lines.

But after listening to a June 30 seminar put on by the Inter-organizational Agreements (IOA) Collaborative of the Health Information Security and Privacy Collaboration (HISPC), I was encouraged by the progress its members reported on developing templates for data-sharing agreements.

The IOA Collaborative developed models for both sharing data between private entities, which might be used between two hospitals in an HIE, and for public-to-public entity exchanges, for use in sharing public health data such as immunization data for registries. They are also working on a private-to-public model. Collaborative members reported on successful pilot projects in which participants worked through issues and agreed that the data-sharing agreement models were workable.

As IOA Collaborative co-chair Roy Wyman, a North Carolina attorney, explained, their main goal was to come up with agreements that people would actually sign.

In the public-to-public model pilot project, Bill O'Byrne, state coordinator of electronic health information technology development at the New Jersey Department of Banking and Insurance, described his state's successful effort to exchange immunization data with the state of New York and progress toward exchanging data with the Commonwealth of Pennsylvania. Another pilot involved the exchange of data between bordering counties in South Dakota and Iowa. The American Immunization Registry Association has endorsed use of the data-sharing agreement template.

Seventeen organizations in the North Carolina Healthcare Information and Communications Alliance (NCHICA) that are engaged in a trial of the Nationwide Health Information Network used the IOA model agreements for the simulated exchange of medical information between providers. Although many made suggestions for minor changes and improvements, all the organizations said they could work with the model.

Jo Ellen Whitney, an attorney with the Iowa law firm of Davis Brown, wrapped up the presentation by saying the IOA agreements will be welcomed by the CIOs and CFOs who are her clients. They want standardization and consistency in legal agreements, she said, so they are not reinventing the wheel each time they share data.

The IOA Collaborative has defined the core privacy, security and liability provisions partners must consider. There are always many specific issues to work out in any agreement, but as Whitney described it, the IOA model is like the Christmas tree, and the provisions specific to the exchange are the ornaments that decorate it.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?