1、Designation: E 2211 02An American National StandardStandard Specification forRelationship Between a Person (Consumer) and a Supplierof an Electronic Personal (Consumer) Health Record1This standard is issued under the fixed designation E 2211; the number immediately following the designation indicate
2、s the year oforiginal adoption or, in the case of revision, the year of last revision. A number in parentheses indicates the year of last reapproval. Asuperscript epsilon (e) indicates an editorial change since the last revision or reapproval.1. Scope1.1 This specification covers the relationship be
3、tween aperson (consumer), organization, or custodian (or other autho-rized representative) and a managing (storing) organization(such as a web site or other organization). However, web-basedpersonal (consumer) health records that are created by health-care providers or health plans are not within th
4、e scope of thisspecification. Further, this specification will not address per-sonal (consumer) health records (PCHR) that are created andmanaged by patients on paper records, on personal computers,or on other media offline.2. Referenced Documents2.1 Other References:Internet Healthcare Coalition2He
5、alth on the Net (HON)3Federal Trade Commission FTC4Hi Ethics Alliance5MedCertain6American Medical Association Guidelines for Medical andHealth Information Sites on the Internet7AHIMA E-health Tenets8URAC (also known as the American AccreditationHealthCare/Commission)93. Terminology3.1 Definitions:3.
6、1.1 consumerthe person who provides information to bestored by the personal (consumer) health record (PCHR)supplier.3.1.2 disclosure statementa prominent notice that de-scribes an organizations policies in order to enable a person todecide whether (s)he can trust this organization with healthinforma
7、tion.3.1.3 Gramm-Leach-Bliley Actfederal legislation enactedin 1999 as part of the Financial Services Modernization Actthat specifies for web activities that “opt-out” is the norm.103.1.4 individually identifiable health informationinformation that is a subset of health information, includingdemogra
8、phic information collected from an individual, andthat: (1) is created or received by a healthcare provider, healthplan, employer, or healthcare clearinghouse; and (2) relates tothe past, present, or future physical or mental health orcondition of an individual; the provision of healthcare to anindi
9、vidual; or the past, present, or future payment for theprovision of healthcare to an individual; and (1) that identifiesthe individual; or (2) with respect to which there is a reasonablebasis to believe the information can be used to identify theindividual. HIPAA113.1.5 patient health record (PHR)th
10、e primary legal recordcreated and maintained by the healthcare provider document-ing the healthcare services provided to a person, in any aspectof healthcare delivery. This term is synonymous with medicalrecord, health record, patient care record (primary patient carerecord), client record, and resi
11、dent record. The term includesroutine clinical or office records, records of care in anyhealth-related setting, preventive care, wellness, lifestyleevaluation, research protocols, special study records, andvarious clinical databases. The records may be in paper-basedor electronic form.3.1.6 personal
12、 (consumer) health record (PCHR)an elec-tronic application through which individuals can maintain andmanage their health information, and that of others for whomthey are authorized, in a private, secure, and confidentialenvironment that allows the individual or other authorizedpersons to access and
13、share such information.1This specification is under the jurisdiction of ASTM Committee E31 onHealthcare Informatics and is the direct responsibility of Subcommittee E31.25 onHealthcare Data Management, Security, Confidentiality, and Privacy.Current edition approved May 10, 2002. Published August 200
14、2.2http:/www.ihealthcoalition.org/3http:/www.hon.ch/HONcode/Conduct.html4http:/www.ftc.gov/reports/privacy3/fairinfo.htm5http:/www.ihealthcoalition.org/ethics/ethics.html6http:/www.medcertain.org/7http:/www.ama-assn.org/ama/pub/category/1905.html8www.ahima.org9www.urac.org10For a summary of the act,
15、 see www.senate.gov/banking/conf/grmleach.htm.11Information on legislation and standards can be found at http:/aspe.hhs.gov/admnsimp .1Copyright ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959, United States.3.1.7 personal (consumer) health record (PCHR)suppl
16、ierthe company or organization that maintains or man-ages, or both, the personal (consumer) health record (PCHR)online service.3.1.8 personal identifiable information (PII)individuallyidentifiable information about an individual collected online,including:(1) a first and last name; (2) a home or oth
17、er physicaladdress, including street name and name of a city or town; (3)an e-mail address or other online contact information, includ-ing but not limited to an instant-messaging user identifier, or ascreen name that reveals an individuals e-mail address; (4) atelephone number; (5) a Social Security
18、 number; (6) a persis-tent identifier, such as a customer number held in a cookie ora processor serial number, where such identifier is associatedwith individually identifiable information; or a combination ofa last name or photograph of the individual with otherinformation such that the combination
19、 permits physical oronline contacting; or (7) information concerning the child orthe parents of that child that the operator collects online fromthe child and combines with an identifier described in thisdefinition. COPPA11NOTE 1This standard is based on the current Gramm-Leach-BlileyAct which speci
20、fies “opt-out” as the standard for e-commerce (ande-health) in the United States. The alternative of “opt-in” was consideredfor this standard but has not been adopted because it would not conformto current e-health legal considerations, practices, and accepted industrythinking.4. Significance and Us
21、e4.1 The purpose of this standard is to provide guidance toconsumers, suppliers of PCHR applications, and the public atlarge regarding the PCHR. Because the PCHR is distinct fromthe provider-based PHR, the laws and conventions forprovider-based patient health records may not apply to thePCHR.5. Term
22、s and Conditions5.1 The PCHR supplier shall allow a consumer or otherauthorized individual easy access at any point in the PCHRapplication to the policies and standards to which the PCHRsupplier site adheres, as well as their associated charges, if any.6. Privacy, Security, and Confidentiality Notic
23、e/Awareness / Disclosure of Policies6.1 The PCHR supplier shall disclose its policies for estab-lishing authorization to create, maintain, or access a PCHR foran individual other than the consumer and its policy forallowing the consumer to rescind such authorization by clearlyidentifying:6.1.1 The e
24、ntity collecting the data (PCHR supplier);6.1.2 The uses to which the data will be put;6.1.3 The recipients of the data; and6.1.4 The steps taken by the data collector to ensure theconfidentiality, integrity, and quality of the data.6.2 The PCHR supplier shall also identify applicable con-sumer righ
25、ts, including any choice respecting the use of thedata, the ability of the consumer to contest inaccuracies; theavailability of redress for violations of the practice code; andhow such rights can be exercised.6.3 Such a disclosure shall be clearly stated, shall be postedin a prominent location, and
26、shall be readily accessible fromboth the sites home page and any Web page where informationis collected from the consumer. It gives consumers meaningfuland effective notice of what will happen to the personalinformation they divulge.6.4 The PHR supplier shall state its policies regarding itssharing
27、and use of information from an individuals PHR (forexample, are there any conditions under which individuallyidentifiable information is made available to or used by thirdparties?). PCHR suppliers shall also state their policies regard-ing access to the consumers PHCR by others than theconsumer, for
28、 example, how a childs record is handled whenthe child reaches the age of majority, and how an individualgains authorization to serve as custodian to a parents recordwhen that parent is no longer competent to do so himself orherself.6.5 Choice/Consent:6.5.1 The PCHR contains both personal identifier
29、 informa-tion (PII) and individually identifiable health information(IIHI). The standard for PII is generally used as opt-out,meaning that a consumer must specifically request that suchinformation is not shared.6.5.2 For IIHI, PCHR suppliers shall allow consumers tochoose if and how any personally i
30、dentifiable informationcollected from them may be used. These choices shall bepresented in a manner requiring that the consumer give specificpermission for use of such data. Options for secondary uses ofinformation shall be provided, that is, uses beyond the PCHRstorage and management application. S
31、uch secondary uses maybe internal, such as placing the consumer on a sponsors orother organizations mailing list in order to market additionalproducts or promotions, or external, such as the transfer ofinformation to third parties.6.6 Access/Corrections:6.6.1 A PCHR supplier shall provide the consum
32、er with theability to access data within the PCHR in order to verify itscorrectness or to contest its accuracy and completeness, orboth. Access policies shall describe the turnaround time relatedto such requests (time from request to access), shall specifyassociated charges, and shall include instru
33、ctions for contestingand correcting inaccurate or incomplete data.6.6.2 The PCHR supplier shall disclose its policies regard-ing when and how the PHR data may be accessed. In particular,a PCHR supplier shall provide instructions for the consumer onhow to get a copy.6.7 IntegrityA PCHR supplier must
34、be able to assure dataintegrity through audit trails and other security methods andshall disclose its quality assurance policies regarding mainte-nance of data integrity. PCHR information must be capturedfollowing defined procedures and must be stored in such a waythat it cannot be tampered with or
35、distorted.APCHR supplierspolicies shall describe how additions, deletions, and updates toPCHR data may be made and by whom (for example, whatdata is a consumer allowed to delete or modify and what datais a consumers healthcare provider allowed to delete ormodify?).E22110226.8 RetentionThe PCHR suppl
36、iers disclosure statementshall state the length of time that the information will be storedand maintained. The policy on data deletion shall also bedisclosed (for example, how does the PCHR supplier addressdeletion of data on electronic backup files?). If information isto be deleted after inactivity
37、, the consumer shall be notified inadvance and given options of transferring such informationelsewhere.6.9 Succession:6.9.1 The PCHR suppliers disclosure statement shall statehow it will manage PCHR data in the event of the suppliersmerger, acquisition, or dissolution. A PCHR supplier shallmake reas
38、onable attempts to notify the consumers aboutcorporate or organizational changes.6.9.2 The PCHR supplier shall disclose a policy for trans-ferring ones information to another site.6.10 Security:6.10.1 The PCHR supplier shall disclose its policies formaintaining the physical security of PCHR data (fo
39、r example,is there a duplicate copy of the data stored off site?).6.10.2 The PCHR supplier shall establish and disclose itsmanagerial and technical measures to protect against loss,unauthorized access, destruction, use, or disclosure of theconsumer data it stores and manages. Managerial measuresincl
40、ude internal organizational measures that limit access todata and ensure that those individuals with access do not usethe data for unauthorized purposes. Technical security mea-sures to prevent unauthorized access include encryption in thetransmission and storage of data; limits on access through us
41、eof passwords or, other security measures, or both; and thestorage of data on secure servers or computers that do not allowunauthorized access.6.10.3 A PCHR supplier shall disclose the extent of datamining.7. Consumer Rights7.1 In a PCHR application, a consumer has the right toknow about the followi
42、ng:7.1.1 The PCHR suppliers business model or a generaloutline of how its revenues are generated;7.1.2 How PCHR information is handled;7.1.3 How to get a copy of the PCHR;7.1.4 The extent of data mining, whether it is in aggregate orde-identified form, as well as options for opting-out of suchdata m
43、ining activities;7.1.5 PCHR suppliers privacy policy;7.1.6 Options for transferring the PCHR to another supplieror elsewhere;7.1.7 Provisions for identifying the audit trail for access tothe consumer record when suppliers change and when changesoccur in the business enterprise under which the suppli
44、er andrecord keeper operates; in case the business enterprise changes,the reissuance of privacy statements and positive reconfirma-tion of postal and mail address by the consumer following anycorporate changes is recommended; and7.1.8 How to request deletion or destruction, or both, of apersonal fil
45、e at a PCHR suppliers system.8. PCHR Data Portability8.1 The PCHR supplier shall disclose its capabilities foraccommodating usable transfer of data if the consumer sorequests. For example, can the consumer receive, on demand,the complete content of the PHR in a legible and usable formvia electronic
46、transfer, paper, or other media, such as CD?9. Use of Patient Information9.1 The PCHR supplier shall not disclose or use any PCHRinformation without explicit consent of the consumer, eitherupon enrollment or subsequently. If the PCHR supplier wantsto use such information for any purpose, such purpos
47、es shall belisted as part of any consent. Such consent shall requirepositive entry by the consumer and shall not be a default value.9.2 The PCHR supplier shall disclose its planned or poten-tial use of de-identified information (for example, informationthat has been stripped of data that would allow
48、 it to be linkedto the consumer) for data analysis, aggregation, and reports inthe general terms and conditions of its agreement with theconsumer. The consumer shall have an opt-out option inregards to such use, that is, the consumer shall be given theoption to not be included in the PCHR suppliers
49、planned orpotential use of de-identified information for data analysis,aggregation, and reports.9.3 The PCHR supplier or its successor or any other entityobtaining the consumers health information shall not changeany of the terms for disclosure or use of individually identifi-able information without the explicit notification and approvalof the consumer. The PCHR supplier or its successor, or anyother entity obtaining the consumers health information, maychange use of de-identified information upon good faith noticeto consumer (for example, post on
