Automated Policy Cluster

Cluster Leader: Mark Frisse

Goal: developing ways to automate complex decisions about sharing of health records and assure compliance to regulations and consents.

Overview of Contributions
A common impediment to the effective sharing of health information is the complex collection of regulations that must be addressed with each transaction. There is typically a gamut of such regulations, starting with the policy of the originating organization and then including the applicable federal, state, and local regulations, often with additional regulations imposed by any broker (like an HIE) that may be involved, and finally the policy of the receiving organization. All of this must be interpreted in light of patient consents and with deference to sensitivities that may or may not be well represented in specific consents, like the setting of defaults (opt-in versus opt-out and so on). The Automated Policy Cluster is a collection of projects that address various aspects of this problem. Two primary themes in the projects are (1) learning and understanding stake-holder expectations, such as those of patients and regulators, and (2) taking regulations and consents and incorporating them in automated sharing policy. The former used techniques like surveys and focus groups and searches of the regulations while the latter focused on automating rules so they could be deployed computer systems.

Projects: There were 18 projects in the Automated Policy Cluster:

  1. PERCEPTIONS OF PRIVACY – STIGMATIZED GROUPS carried out an interview study of sexual minority men to understand their concerns about whether EHRs would violate their privacy expectations. This study revealed good preliminary information about issues and steps that could be made to put people with heightened concerns at ease with EHRs.

  2. CONSUMER ATTITUDES TOWARDS ELECTRONIC MEDICAL GROUPS (EMRS) collected survey information about the attitudes of healthcare consumers toward EHRs at a national level. The study found that populations that experience healthcare disparities were more likely than the average to express that having electronic versions of their health records was important to them. The study had a number of other interesting and informative results.

  3. CONSUMER USE OF ONLINE TRACKING OF PERSONAL HEALTH INFORMATION surveyed healthcare consumers about their use of online access to their records. The survey showed that education level, immigrant status, and living in an urban location also were significantly associated with online tracking of personal health information. Online users will experience greater exposure to security and privacy threats so understanding the groups that will be the primary initial online users will help in prioritizing security and privacy strategies.

  4. mHEALTH & SOCIAL MEDIA used structured qualitative interviewers with users of a popular fitness device to explore privacy concerns for health self-quantification. The study found that participants were very sensitive to how their health data is shared but were not give sufficient access to privacy protection tools to address their concerns. The study points up the need for developing better privacy capabilities for health self-quantification.

  5. HIE POLICY ENFORCEMENT studied the use of formal specifications and advanced encryption to express and enforce policies concerning the sharing of health data. As in other projects in SHARPS the study considered HIPAA as a benchmark and showed how to encode HIPAA. The study showed how HIPAA can be encoded in a finite representative hospital (that is, one that represents all types of policy action) and can be protected using attribute based encryption (so that only parties allowed to see information are able to decrypt it).

  6. LOGICAL REPRESENTATION OF PRIVACY LAWS aimed to support scalable formal description of health and other types of policies in formal logic. The project produced a tool that takes potential disclosures as inputs and outputs whether the input disclosure is allowed under HIPAA.

  7. ILHIE PROTOTYPE grew out of a collaboration between members of SHARPS and the Illinois Health Information Exchange with the goal of developing technologies to recognize sensitive data in health records on a state exchange and conform to patient consent rules for sharing the data. As it grew beyond that state collaboration as part of SHARPS the project became known as Decision Support for Data Segmentation (DS2) because of its strategy of using a decision support platform to support functions to recognize and tag sensitive data. Contributions included the technical architecture, its prototype implementation, and a series of case studies focusing on HIV and the use of machine learning techniques to detect cases where HIV positive status can be inferred from other aspects of a record.
    A substantial portion of the Automated Policy cluster was devoted to a multi-project study addressing the problem of how to share patient records between healthcare providers with flexibility and automation and respect for policy. The aim was to provide an approach consistent existing enterprise architectures and associated medical considerations such as medical ontology. The overall system came to be known as PolicyForge. PolicyForge was based on simulated systems drawing requirements and inspiration from the Vanderbilt University Medical Center (VUMC) and federal data standards initiatives.

  8. POLICY AUTHORING ENVIRONMENT (PATRN) developed a GUI policy editing tool (also called PATRN) that enables record sharing rules to be written so that they can be subsequently converted to rules that can both be analyzed using formal logic and used as business rules in a practical implementation.

  9. USE CASE AUTHORING AND MODELING ENVIRONMENT developed a GUI tool for specifying scenarios of record sharing. Such scenarios are critical to policy development since it is hard for users to think of policy in the abstract independent of examples to help understand what policies are needed or the consequences of proposed policies.

  10. POLICY VERIFICATION (POVER) developed a tool to support the logical analysis functions of PolicyForge. This was technically based on the FORMULA engine from Microsoft and it supports consistency checking and entailment for policy sets.

  11. GENERATIVE INTEGRATION TOOL (GIT) developed tools needed to convert policy descriptions into business rules in executable languages including FORMULA (which can be executed as well as analyzed) and Drools DRL. The primary implementation strategy is to use basic code templates to provide foundations using the internal data model of the PATRN toolkit.

  12. PRIVACY POLICY TEMPLATE CONSTRUCTION developed techniques to translate from natural language versions of policies into formal policy expressions. As with scenario development, it is difficult to users to directly write formal policy rules so this project supported strategies for migrating from natural language descriptions of policies (especially in legal rules like HIPAA) into formal language. A key challenge confronted by this project was the need address legal ambiguities. To support the development, validation, and application of PolicyForge there are projects to develop libraries of policies and use cases.

  13. PRIVACY POLICY LIBRARY developed federal, state, and institutional policies both in prose and in PATRN.

  14. USE CASE LIBRARY developed a repository of use cases to help users understand and test policies.

  15. VUMC TEST BED used (VUMC), VUMC’s clinically integrated network planning, and federal data standards initiatives as a source of inspiration and requirements for policy development and enforcement by studying systems already struggling with relevant issues through the consideration of Accountable Care Organizations (ACOs), Regional Health Information Organizations, and other emerging structures for sharing health information. Regional Health Information Organizations, and other emerging structures for sharing health information. This project enabled new ideas to be tested in simulations against real operational requirements. To understand how the PolicyForge projects fit together, consider the following use case. VUMC discovers as part of its operations the need for a policy sharing rule for a new ACO operation. A proposed rule is written up by operations staff at VUMC and passed along for consideration by PolicyForge users. This is compared against existing policy and use case libraries to see if there are similar issues encountered elsewhere that can be used as a starting point. Having learned what is new from this process and making use of the authoring and modeling environment, the template construction system is used to develop an input for PATRN, which is used to author a formal policy that can be analyzed by POVER and converted into business rules by GIT.

  16. Three other projects round out the 18 projects in the Automated Policy Cluster.

  17. HOSPITAL HIPAA COMPLIANCE investigated organizational and environmental factors associated with initial HIPAA Privacy and Security Rule compliance aiming to identify hospital characteristics and market factors that affect compliance with federal regulations for information security and privacy. Findings of the study included observations such as a competitive affect: a given hospital was more likely to be complaint if peer hospitals in the same metropolitan area were compliant. The study provided insight into similar issues that go beyond the technology of security and privacy to its market and enterprise context.

  18. STATE HEALTH INFORMATION DISCLOSURE LAWS collected data about state regulations for sharing health data aiming to update a 2003 study of the 50 states. The update provided insights into the rate and direction of change of state regulations.

  19. NPRM COMMENT examined and classified many of the more than 400 responses to the 2011 NPRM concerning accounting of disclosures under the HITECH bill. The study was able to classify the responses into categories and provide a philosophical framework for thinking about the differences of opinion.