ARMONK, NY and NAPLES, FL – May 15, 2008 – IBM (NYSE: IBM) and HIPAAT
Inc. (HIPAAT), the leading provider
of consent management solutions to the healthcare industry,
are joining forces to bring innovative health-information
privacy controls to patients and care providers everywhere.
The IBM-HIPAAT collaboration extends patient-driven privacy
to Electronic Medical Records (EMRs), Electronic Health Records
(EHRs), Personal Health Records (PHRs) and Health Information
Exchanges (HIEs). Combined IBM and HIPAAT technologies allow
patients to easily specify who is granted access to their
personal health information (PHI), what information can be
accessed and when. They enable caregivers to implement and
enforce patient consent directives, providing “break
the glass” access to PHI and EHR data in emergency-care
situations, where appropriate.
This commercially-available patient-directed solution is
a privacy-based approach to securely controlling PHI access
across diverse healthcare applications and settings. When
installed in HIE environments as the “consent engine,” Privacy
eSuite empowers patients and designated providers to create
and record privacy directives. The software then evaluates
a provider’s authorization to access a patient’s
PHI based on such directives. With the combined offerings,
a patient can restrict a particular clinician from accessing
PHI, even if that clinician – based on medical role – would
typically be granted such access. All access requests are
recorded and an audit trail is created.
"The ability to share electronic health information
nationwide is transforming the industry by placing increased
control of healthcare delivery squarely where it belongs:
in the hands of patients themselves,” said Ivo Nelson,
Vice President, IBM Healthcare Provider. “Our work
with HIPAAT will ensure that, as the use of electronic health
data proliferates and improves healthcare services and results,
patients themselves will be able to ensure their own health-information
privacy as the true custodians of access to such highly personal
information.”
IBM and HIPAAT are integrating HIPAAT’s Privacy
eSuite software – based on Service Oriented Architecture (SOA)
-- with IBM’s SOA Foundation for joint projects. The
IBM SOA Foundation supports IBM's global healthcare strategy,
which is based on the adoption of an asset-based, interoperable
SOA approach and the use of open standards and standards-based
EHRs to ensure secure and private exchanges of records between
authorized healthcare services and benefits organizations.
To achieve these goals, IBM is currently working with partners
and clients within the healthcare industry to make information
delivery and related business processes more patient-centric.
One important initiative currently benefiting from the IBM-HIPAAT
collaboration is the Nationwide Health Information Network
(NHIN) Trial Implementation now under development by the
North Carolina Healthcare Information and Communications
Alliance, Inc. (NCHICA). This initiative gives patients and
providers transparent access to Privacy eSuite’s privacy
controls across the broad spectrum of applications enabled
by the SOA Foundation.
“The IBM-HIPAAT technology will provide NCHICA members
and NHIN participants an opportunity to exercise more control
over their sensitive health information,” said Holt
Anderson, NCHICA Executive Director. “This is a capability
the public has demanded.” NCHICA was established as
a non-profit in 1994 by Executive Order of Governor James
B. Hunt, Jr. to “improve health and care by accelerating
the adoption of information technology and enabling policies.”
IBM’s SOA strategy incorporates aspects of several
industry-leading product portfolios including IBM WebSphere,
Lotus, Tivoli, Rational and Information Management and is
a critical component of IBM’s Information on Demand
initiative. These portfolios have been further strengthened
by a series of key acquisitions such as Cognos, ISS and Watchfire.
For example, Privacy eSuite’s capabilities extend
IBM’s Tivoli identity and access management security
offerings, thereby ensuring information protection in multiple
healthcare-delivery settings and situations.
“Patients understand that it is beneficial for caregivers
to share their health information electronically, but those
informed of their rights want to control the conditions of
access,” said Terry Callahan, HIPAAT Managing Director. “Some
patients will avoid participating in EHR programs or provider
portals if they aren't given the capability to restrict access
to their PHI, which could negatively affect their care and
put them in harm’s way. Our collaboration with IBM
provides the industry with a forward-thinking, patient-centric
consent management solution that benefits both patients and
providers.”
|