Abstract
Many Americans with substance use problems will have opportunities to receive coordinated health care through the integration of primary care and specialty care for substance use disorders under the Patient Protection and Affordable Care Act of 2010. Sharing of patient health records among care providers is essential to realize the benefits of electronic health records. Health information exchange through meaningful use of electronic health records can improve health care safety, quality, and efficiency. Implementation of electronic health records and health information exchange presents great opportunities for health care integration, but also makes patient privacy potentially vulnerable. Privacy issues are paramount for patients with substance use problems. This paper discusses major differences between two federal privacy laws associated with health care for substance use disorders, identifies health care problems created by privacy policies, and describes potential solutions to these problems through technology innovation and policy improvement.
Introduction
Health information technology (HIT), briefly defined as electronic information systems used to support health care operations, is increasingly recognized as essential for the improvement of quality, safety, and efficiency in individual health careCitation1,Citation2 and public health.Citation3 Wide implementation of HIT in US health care is long overdue. The most profound action with respect to HIT taken by the Obama administration and the US Congress was enactment of the Health Information Technology for Economic and Clinical Health Act.Citation4,Citation5 This legislation will provide a total of $19 billion in cash incentives to health care providers who implement and “meaningfully use” electronic health records (EHR) systems in the next few years.Citation2
The required “meaningful use” of EHRs is expected to increase evidence-based medical practice, facilitate management of complicated chronic diseases, and reduce medical errors and control health care costs.Citation6 Vista, the US Department of Veteran Affairs EHR system, for example, is one of the nation’s most comprehensive EHR systems. Diabetic patients in Vista have better control of timing of eye examinations, blood low-density lipoprotein cholesterol measurement, and hemoglobin A1c testing compared with patients in the private sector, where HIT is much less comprehensive.Citation7 The cumulative net return of the investment in Vista was over $3 billion as of 2007.Citation7
A key component of the “meaningful use” of EHRs is health information exchange (HIE) across traditional business boundaries in health care.Citation3 Sharing information, such as sending a discharge summary to a patient’s subsequent care providers and transmitting and sharing laboratory results between a patient’s providersCitation8 may improve health care quality and lead to cost reductions. HIE can save lives in an emergency when prompt diagnosis and treatment are crucial. HIE can also benefit public health through increased monitoring and analysis of aggregated health data.Citation9
However, widespread implementation of EHRs and HIE raises concerns about potential breaches of the privacy, security, and confidentiality of individually identifiable health information (IIHI, ie, protected health information). The electronic transmission and sharing of IIHI among various entities over the InternetCitation10 increases the numbers of people, chiefly providers and researchers, who see information considered to be private. Privacy issues are paramount for patients with substance use problems due to stigma, discrimination, potential prosecution, and loss of employment. The longstanding privacy concerns related to substance abuse health records are heightened by the widespread use of HIT, hindering the integration of primary health care and specialty care for substance abuse.Citation11,Citation12 These concerns, if not addressed and resolved properly, can deter patients from seeking treatment or providing accurate information to their care providers, and thus downgrade the value of EHRs for the care of patients with substance use problems. In response to these issues, this paper reviews and contrasts the two major federal laws impacting privacy protection for substance abusers seeking health care. Emphasis is placed on issues associated with the laws that must be addressed to provide adequate privacy protection and promote the integration of specialty substance abuse treatment with primary care.
Federal laws and regulations protecting patient privacy
The Health Insurance Portability and Accountability Act (HIPAA) of 1996Citation13 was the first federal law to address privacy and security standards broadly and provide federal protection for IIHI. HIPAA has been amended over the years to accommodate the advancement of HIT. Generally, it establishes national standards to protect individuals’ medical records and other personal health information from unwanted disclosure or use. A complete explanation of the HIPAA can be found under the Code of Federal Regulations (CFR) title 45, Parts 160, 162, and 164 (http://www.gpoaccess.gov/cfr/index.html). The HIPAA Privacy Rule provides federal protections for IIHI held by covered entities and gives patients the right to examine their health care records and to request corrections if they believe the records are inaccurate or misleading. The rules are balanced so that they provide protection of IIHI while permitting minimal necessary disclosure of health information without a patient’s authorization such as for treatment, payment, health care operations [§164.502 (a) (b)] or exceptional requirements allowed by law (§164.512, http://www.access.gpo.gov/nara/cfr/waisidx_07/45cfr164_07.html). Of note, the standards in the HIPAA Privacy Rule are minimum requirements for all health care providers, but may be insufficient to protect privacy and confidentiality of IIHI related to substance use conditions. Patients with substance use problems are generally cautious about substance use-related information in their health records due to the potential illegality of their behaviors. A breach of privacy can have a significantly negative impact on their health, employment, health insurance, social relationships, and even legal rights. The US Congress has long recognized that health information gathered from patients with substance use problems is especially sensitive. The Confidentiality of Alcohol and Drug Abuse Patient Records (42 CFR Part 2) regulations were issued in 1975Citation14 and revised in 1987.Citation15 This has been a cornerstone in protecting the IIHI confidentiality of a drug abuse patient. 42 CFR Part 2 specifies that substance abuse treatment programs are not permitted to disclose any patient information that would directly or indirectly identify a patient having previous or current alcohol or drug abuse problems, unless the patient’s written consent is obtained. There are very limited exceptions to the requirement of written consent specified in 42 CFR Part 2. These include medical emergencies (Subpart D §2.51), qualified scientific research, audit or program evaluation (Subpart D §2.52–2.53), court ordered criminal investigation against patients or personnel of the program (Subpart E §2.61–2.67), and suspected child abuse or neglect [§2.12 (c) (6)].
Consent may not be required between administrative contact of two 42 CFR Part 2 programs, within the same program, or for organizations that have direct administrative control of the program [§2.12 (c) (3) (4)].Citation16 However, the 42 CFR Part 2 regulations are not widely known by mainstream medical doctors because the regulations only apply to substance abuse treatment programs.
Violation of either regulation carries civil penalties. Enforcement of HIPAA was strengthened in 2009 to accommodate widespread implementation of HIT, HIE, and EHR pursuant to the Health Information Technology for Economic and Clinical Health Act, and fines can be up to $50,000 for each violation.Citation17
The HIPAA has more flexible disclosure standards, but imposes stiffer penalties for violators, whereas 42 CFR Part 2 has more stringent disclosure standards, but imposes less severe penalties. Major differences in these two laws and regulations discussed above are summarized in . 42 CFR Part 2 along with the HIPAA has provided a double layer of privacy protection for patients who seek care in substance abuse treatment programs. In addition, many states have their own privacy laws related to IIHI which cannot be overridden by federal laws.Citation18,Citation19 Therefore, the end result is that the most stringent law must be followed regarding disclosure of IIHI associated with substance use.
Table 1 Major differences between HIPAA and 42 CFR Part 2
Problems associated with separated health care for substance abuse
The limited application of 42 CFR Part 2 to specialty substance abuse treatment facilities and the discrepancies between HIPAA and Part 2 are becoming serious issues affecting the integration and coordination of health care for patients with substance use conditions. The implementation of 42 CFR Part 2 has increased trust between patients with substance use problems and their care providers in substance abuse treatment programs. However, it has also contributed to a separation of substance abuse specialty care from mainstream medical care. Separation of health care delivery systems creates two problems, ie, a lack of preventive and treatment measures in the primary care setting for substance use problems and a lack of effective communication and coordination among different types of health care delivery systems.
Patients who have substance use problems are not routinely screened or treated in the general medical care setting although the literature continues to show the cost-effectiveness of screening, early diagnosis, and intervention for substance use problems.Citation20 For example, there is abundant evidence supporting screening and brief intervention for alcohol use problems among adults in primary care settings.Citation21–Citation32 Evidence is also emerging for the efficacy of screening and brief intervention for illicit drug use in primary care settings.Citation33–Citation37 Yet, screening and brief intervention are not routinely employed in primary care, let alone other general medical settings.Citation23,Citation24,Citation38 The potential benefits of screening and brief intervention have pushed forward federal efforts to disseminate screening and brief intervention through federal demonstration pilot projects across the country.Citation39 As we move closer to the integration of substance abuse specialty care and primary care, health care practitioners struggle to understand which regulations are applicable. The discrepancies and differences between the HIPAA and 42 CFR Part 2 cause considerable confusion for practitioners on how to provide services for patients with substance use problems appropriately without risking violation of privacy laws.
There would be very limited effective communication between these two types of providers if we were to integrate care without modifying either law. Failure in communication between primary care and substance abuse specialty care providers can cause critical medical errors and put patient safety at risk. For instance, if a substance abuse specialty care provider withholds a patient’s substance use records from the general medical doctor, the patient could die from overdose of opioids prescribed for pain management,Citation40 or fatal drug-drug interactions.Citation41,Citation42 These issues have increasingly become a major public health threat in the US and in the world.Citation42–Citation44 The success of US health care reform with respect to treatment for substance abuse will largely depend on balancing the need for efficient and effective health care and the need for protection of patient privacy. Whether and how the HIPAA and 42 CFR Part 2 can be integrated and synchronized is one of the keys to the integration of primary and substance abuse specialty care. The innovation of health information technology can help accelerate the integration, but must be governed by meaningful and practical policies. Next, we will discuss challenges and opportunities of both technologies and policies in confronting privacy issues.
Challenges and opportunities of data segmentation
Health data segmentation is a practice rooted in various federal and state laws addressing the stigma against alcohol and drug abusers. It is “the process of sequestering from capturing, accessing or viewing certain data elements that are perceived by a legal entity, institution, organization, or individual as being undesirable to share”.Citation45 IIHI, such as genetic information, psychotherapy notes, and substance abuse treatment records, can be sequestered and prevented from disclosure through data segmentation technology. Data segmentation in the context of national EHR and HIE systems must be more complicated than that in the “paper” health care systems or within a closed local computerized system, systems on which the concept was formulated. To allow workable segmentation, substance use-related information must be entered using specific structures and codes. Free text is not accepted for programming segmentation.Citation45 This requirement can be challenging for practitioners accustomed to writing text notes to record behavioral health medical histories. Data segmentation must be ruled by the degree of consent granted by the patient. A patient’s Consent Directive is their own privacy policy about what IIHI is to be disclosed, to whom, under what circumstances, and in which period of time. A Consent Directive could become considerably sophisticated with the ability to protect patient autonomy and privacy through masking information undesired for disclosure. A Consent Directive can include instructions for overriding the “masking”, in which individuals (eg, patient’s preauthorized physicians) who have permission to access the “shared secrets” can override the masking of IIHI under a specific condition. For patients with substance use problems, a Consent Directive may be especially effective against undue disclosure of medical information, enhancing consumer satisfaction with and trust in modern EHR systems. However, an unintended consequence of granular or inconsistent consent policies is that access to a patient’s critical health record could become so complicated and costly that health care providers might be deterred from retrieving and using the health records for appropriate health care.
A recent Consent Directive data standardization milestone in May 2010 was the release of the HL7 Implementation Guide for Clinical Data Architecture Release 2.0 based on the mapping of HL7 Version 3 Domain Analysis Model: Medical Records and Composite Privacy Consent Directive Domain Analysis Model Data Standard for Trial Use Release 2.Citation46 The domain analysis model will enable the automation of data segmentation in serving Consent Directive and privacy protection. The domain analysis model includes the following core electronic consent options:Citation47 no consent; opt out (default option is included for HIE, but patients can opt out completely); opt out with exceptions (default option is included for HIE, but patients can completely or partially opt out); opt in (default option is not included for HIE, with option for all opt out); and opt in with restrictions (default option is not included for HIE, but with options for partial selected data for HIE).Citation46 At this point, data segmentation automation technology is still at its infancy. In August 2010, the Policy and Security Tiger Team workgroup recommended to the Office of National Coordinator for Health Information Technology, an organization within the Department of Health and Human Services to oversee the HIT development and implementation, that “it is critical to educate patients to understand to which level their preferences can be practically honored before a technical solution for data segmentation is applied”.Citation48 Although data segmentation and automation are technically complex, policy challenges involving human factors are even more arduous.
Challenges and opportunities of privacy policies in health care
Privacy policy-makers need to first define what is “ sensitive” information in the EHR. In general, information that potentially harms a patient either physically, socially, psychologically, or economically in the event of disclosure is considered “sensitive” health information. The National Committee on Vital and Health Statistics has recently refined their recommended categories of sensitive information to include genetic information, psychotherapy notes, substance abuse treatment records, sexually transmitted diseases, mental health, children/adolescent sexuality, and reproductive health information.Citation49 However, the definition of “sensitive information” can be subjective because different people have different perspectives in this regard. Hence, an agreement upon “sensitive information” among various stakeholders, especially among patients, health care providers, and payers will be essential to policy-making. On the other hand, one must recognize that data segmentation is not the purpose, but rather a procedure to protect patient privacy. Segmented data should be made accessible for relevant health care purposes. Only better communication would lead to better health care.
It is essential to determine who has the authority to control information disclosure and what limits can be placed on that authority. Patients with sensitive substance use information are likely to desire to have full or partial control of their IIHI. In an Agency for Healthcare Research and Quality 2009 consumer engagement focus group study, almost all consumers reported that they should be given some control over how their health data should be shared.Citation50 The report implies the importance of engaging health care consumers in the data segmentation process. In contrast with patients, health care providers may feel they must have sufficient accessibility to patients’ critical health data to ensure the quality of care and the accuracy of the health records.
While the EHR system provides an excellent platform for data sharing, the benefits of EHRs cannot be fully realized without sharing critical health information, such as a patient’s prescription records of controlled substance use, and history of alcohol and illicit drug use. American public health has been seriously challenged by a five-fold increase in opioid overdose-caused deaths coinciding with a ten-fold increase in prescribed opioids over the last two decades.Citation40,Citation51 To confront both this public health crisis and increased privacy concerns in the HIT era, policy-makers must determine whether, when, and how to modify and reconcile federal and state regulations and policies. Americans may then harvest the most returns from the massive federal investment in the EHR system.
Further, inhibiting the disclosure of critical IIHI can be as harmful as undesired disclosure of IIHI, and raises ethical questions. Of note, neither the HIPAA nor 42 CFR (Part 2) has explicitly stated a health care provider’s responsibility or obligation to disclose any IIHI, including potentially harmful health information. For instance, should a health care provider disclose a school bus driver patient’s alcoholism to a third party even if the patient does not authorize it? In such a case, abiding by privacy laws may contradict a physician’s “do no harm” Hippocratic Oath. When privacy laws, which are created for ethical reasons, force a physician to choose against ethical principles, should we consider revision of the policy? If sacrificing one person’s privacy can protect the lives of hundreds of others, is it fair to choose to protect more and innocent lives? The amendment of 42 CFR Part 2 to permit disclosure of substance abuse patients’ IIHI without authorization against suspected child abuse or neglect is a good example of federal action to protect child welfare [42 CFR Part 2 §2.63 (a) (1), §2.12 (c) (6)].
Indeed, the tension between promoting safe, effective health care and protecting patient privacy has increased recently. An amendment to 42 CFR Part 2 was proposed by a committee of attorneys with the aim of easing health care providers’ access to patients’ IIHI for necessary health care needs.Citation52 One of the main proposed modifications for 42 CFR Part 2 was to remove the requirement of written consent for any disclosure associated with IIHI, and instead permit “minimum necessary disclosure” without written consent, which is a privacy standard covered under HIPAA. The proposal triggered strong opposition from patient privacy rights groups that have been strongly recommending the consent requirement in 42 CFR Part 2 be extended to all medical practice and incorporated into the “meaningful use” of EHR stage 2 criteria.Citation53,Citation54 Indeed, it would not make sense to modify 42 CFR Part 2 against patients’ wishes because privacy protection is a priority for many patients with substance use problems. Lessons learned from the Massachusetts eHealth Collaborative are that a successful HIE model “can only be as good as patients’ willingness to share their medical data”.Citation55 The Department of Health and Human Services and Substance Abuse and Mental Health Services Administration have been exploring technical solutions within the legal framework of HIPAA and 42 CFR Part 2 laws and regulations.Citation16,Citation56
There remains tension between patient privacy concerns and public health good until adequate technical and regulatory solutions are in place. It may take years to solve these problems given the complexity of US health care systems. Perhaps important lessons can be learned from other health care systems, such as those implemented by the Europeans and Canadians, who have experience in optimizing their national EHR and HIE projects.Citation57 As the US is moving forward to develop the most appropriate HIE models and privacy policies, “building trust” and establishing solid accountability mechanisms are essential to promote the implementation of EHRs and HIE.Citation12,Citation58,Citation59 Trust built upon separation of health care must be replaced by trust within a competent, trustful, and integrated health care system.
Conclusion
The promise of new health care reform in reducing disparities for underserved patients with substance use problems will not be realized if critical health records cannot be shared as needed between health care providers. However, inconsistencies in the existing privacy laws and their implementing regulations must be resolved through advanced information technologies and improvement of health information regulations to ensure meaningful health care integration. Appropriate models for HIE and EHRs are under development to accommodate the established federal and states laws governing the sharing of health information of patients with substance use problems. Federal and state governments must support innovations in health information technology and take action to amend privacy policies. A meaningful and practical privacy policy should provide good balance between the need for protecting patient privacy and the need for health care providers to access critical patient health information. The integration of primary care and substance abuse specialty care will not be feasible, meaningful, or sustainable until this balance is reached.
Disclosures
BT and SS are employees of the Center for the Clinical Trials Network of the National Institute on Drug Abuse, the National Institutes of Health, the funding agency for the National Drug Abuse Treatment Clinical Trials Network. The opinions expressed in this manuscript are those of the authors and do not represent the official position of the US government. LLH has no disclosures to report.
References
- ChaudhryBWangJWuSSystematic review: impact of health information technology on quality, efficiency, and costs of medical careAnn Intern Med51620061441074275216702590
- BlumenthalDStimulating the adoption of health information technologyN Engl J Med492009360151477147919321856
- HershWA stimulus to define informatics and health information technologyBMC Med Inform Decis Mak200992419445665
- United States. Congress (111th Congress Public Law 5)Stimulus: American Recovery and Reinvestment Act of 2009 Public Law 111–5 Official TextLanham, MDGovernment Institutes/Bernan Press2009
- Centers for Medicare and Medicaid ServicesMedicare and Medicaid programs; electronic health record incentive programFinal rule Fed Regist7282010751444431344588
- O’ConnorPJSperl-HillenJMRushWAImpact of electronic health record clinical decision support on diabetes care: a randomized trialAnn Fam MedJan-Feb201191122121242556
- ByrneCMMercincavageLMPanECVincentAGJohnstonDSMiddletonBThe value from investments in health information technology at the US Department of Veterans AffairsHealth Aff (Mill-wood)42010294629638
- KupermanGJHealth-information exchange: why are we doing it, and what are we doing?J Am Med Inform Assoc6142011
- ShapiroJSMostashariFHripcsakGSoulakisNKupermanGUsing health information exchange to improve public healthAm J Public Health42011101461662321330598
- SimonSREvansJSBenjaminADelanoDBatesDWPatients’ attitudes toward electronic health information exchange: qualitative studyJ Med Internet Res2009113e3019674960
- SalomonRMBlackfordJURosenbloomSTOpenness of patients’ reporting with use of electronic records: psychiatric clinicians’ viewsJ Am Med Inform AssocJan-Feb2010171546020064802
- McGrawDDempseyJXHarrisLGoldmanJPrivacy as an enabler, not an impediment: building trust into health information exchangeHealth Aff (Millwood)Mar-Apr200928241642719275998
- United States. Congress (104th 2nd session: 1996)Health Insurance Portability and Accountability Act of 1996: Conference report (to accompany HR 3103)Washington, DCUS GPO1996
- US Department of Health Education and WelfareConfidentiality of alcohol and drug abuse patient recordsFed Regist5919754091205222054211664573
- US Department of Health and Human ServicesConfidentiality of alcohol and drug abuse patient records–PHSFinal rule Fed Regist691987521102179621814
- Substance Abuse and Mental Health Services Administration (SAMHSA)The Confidentiality of Alcohol and Drug Abuse Patient Records Regulation and The HIPAA Privacy Rule: Implications for Alcohol and Substance Abuse Programs2004http://www.samhsa.gov/HealthPrivacy/docs/SAMHSAPart2-HIPAAComparison2004.pdfAccessed July 10, 2011
- US Department of Health and Human ServicesHIPAA administrative simplification: enforcement. Interim final rule; request for commentsFed Regist1030200974209561235613120166275
- National Institutes of Health (NIH)How Do Other Privacy Protections Interact With the Privacy Rule?HIPAA Privacy Rule Information for Researchers [Government Educational Material]2007http://privacyruleandresearch.nih.gov/pr_05.aspAccessed July 14, 2011
- New York State Office of Mental HealthNew York State Office of Mental Health HIPAAPreemption Analysis HIPAA Home2011http://www.omh.state.ny.us/omhweb/hipaa/preemption_html/mhlarticlefederallaw.htmAccessed July 10, 2011
- PhillipsRLJrBazemoreAWPrimary care and why it matters for US health system reformHealth Aff (Millwood)5201029580681020439865
- SaitzRPalfaiTPChengDMBrief intervention for medical inpatients with unhealthy alcohol use: a randomized, controlled trialAnn Intern Med262007146316717617283347
- MaciosekMVCoffieldABEdwardsNMFlottemeschTJGoodmanMJSolbergLIPriorities among effective clinical preventive services: results of a systematic review and analysisAm J Prev Med72006311526116777543
- FlemingMFMundtMPFrenchMTManwellLBStauffacherEABarryKLBenefit-cost analysis of brief physician advice with problem drinkers in primary care settingsMed Care1200038171810630716
- BradleyKAWilliamsECAchtmeyerCEVolppBCollinsBJKivlahanDRImplementation of evidence-based alcohol screening in the Veterans Health AdministrationAm J Manag Care102006121059760617026414
- BallesterosJDuffyJCQuerejetaIArinoJGonzalez-PintoAEffi-cacy of brief interventions for hazardous drinkers in primary care: systematic review and meta-analysesAlcohol Clin Exp Res4200428460861815100612
- MadrasBKComptonWMAvulaDStegbauerTSteinJBClarkHWScreening, brief interventions, referral to treatment (SBIRT) for illicit drug and alcohol use at multiple healthcare sites: comparison at intake and 6 months laterDrug Alcohol Depend112009991–328029518929451
- SmithPCSchmidtSMAllensworth-DaviesDSaitzRPrimary care validation of a single-question alcohol screening testJ Gen Intern Med7200924778378819247718
- FlemingMFGrahamAWScreening and brief interventions for alcohol use disorders in managed care settingsRecent Dev Alcohol20011539341611449755
- SaitzRHortonNJChengDMSametJHAlcohol counseling reflects higher quality of primary careJ Gen Intern Med920082391482148618618204
- US Preventive Services Task ForceScreening and behavioral counseling interventions in primary care to reduce alcohol misuse: recommendation statementAnn Intern Med462004140755455615068984
- BertholetNDaeppenJBWietlisbachVFlemingMBurnandBReduction of alcohol consumption by brief alcohol intervention in primary care: systematic review and meta-analysisArch Intern Med592005165998699515883236
- FlemingMFScreening and brief intervention in primary care settingsAlcohol Res Health2004282576219006992
- SmithPCSchmidtSMAllensworth-DaviesDSaitzRA single-question screening test for drug use in primary careArch Intern Med7122010170131155116020625025
- Office of National Drug Control Policy (ONDPC)Screening and Brief InterventionWashington DCThe White House2008
- SaitzRAlfordDPBernsteinJChengDMSametJPalfaiTScreening and brief intervention for unhealthy drug use in primary care settings: randomized clinical trials are neededJ Addict Med920104312313020936079
- GordonAJFiellinDAFriedmannPDUpdate in addiction medicine for the primary care clinicianJ Gen Intern Med12200823122112211618830761
- SaitzRHortonNJLarsonMJWinterMSametJHPrimary medical care and reductions in addiction severity: a prospective cohort studyAddiction120051001707815598194
- MuliaNSchmidtLAYeYGreenfieldTKPreventing disparities in alcohol screening and brief intervention: The need to move beyond primary careAlcohol Clin Exp Res5202011
- Office of National Drug Control Policy (ONDCP)Screening, Brief Intervention, Referral and Treatment2008http://www.whitehouse-drugpolicy.gov/publications/pdf/screen_brief_intv.pdfAccessed July 25, 2011
- PaulozziLJWeislerRHPatkarAAA national epidemic of unintentional prescription opioid overdose deaths: how physicians can help control itJ Clin Psychiatry5201172558959221536000
- BurrowsDLHagardornANHarlanGCWallenEDFerslewKEA fatal drug interaction between oxycodone and clonazepamJ Forensic Sci5200348368368612762549
- PhillipsDPBarkerGEEguchiMMA steep increase in domestic fatal medication errors with use of alcohol and/or street drugsArch Intern Med7282008168141561156618663169
- JonesAWKugelbergFCHolmgrenAAhlnerJDrug poisoning deaths in Sweden show a predominance of ethanol in mono-intoxications, adverse drug-alcohol interactions and poly-drug useForensic Sci Int32020112061–3435120630671
- RehmJMathersCPopovaSThavorncharoensapMTeerawattananonYPatraJGlobal burden of disease and injury and economic cost attributable to alcohol use and alcohol-use disordersLancet627200937396822223223319560604
- GoldsteinMMReinALHeestersMMData Segmentation In Electronic Health Information ExchangePrivacy and Security Whitepa-per Series2010http://healthit.hhs.gov/portal/server.pt?open=512&objID=1147&parentname=CommunityPage&parentid=10&mode=2&in_hi_userid=11113&cached=true&in_hi_userid=11673Accessed April 27, 2011
- Health Level SevenImplementation Guide for CDA Release 2.0 Privacy Consent Directive Draft Standard for Trial Use Levels 1, 2 and 3 Universal RealmConsentDirective_CDA_IG_DSTUAnn Arbor, MIHealth Level Seven, Inc2010
- GoldsteinMMReinALConsumer Consent Options for Electronic Health Information Exchange: Policy Considerations and AnalysisPrivacy and Security Whitepaper Series2010http://healthit.hhs.gov/portal/server.pt?open=512&objID=1147&parentname=CommunityPage&parentid=10&mode=2&in_hi_userid=11113&cached=true&in_hi_userid=11673Accessed July 10, 2011
- Privacy and Security Tiger TeamDraft Letter to David Blumenthal, Chair, HIT Policy CommitteePrivacy and Security Tiger Team: Past Meetings (Aug 16 2010)2010http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&objID=2833&PageID=19477Accessed July 18, 2011
- National Committee on Vital and Health Statistics (NCVHS)Recommendations Regarding Sensitive Health Information2010http://www.ncvhs.hhs.gov/101110lt.pdfAccessed July 18, 2011
- SchneiderSJKerwinJRobinsCDeanDConsumer Engagement in Developing Electronic Health Information Systems Final ReportRockville, MarylandAgency for Healthcare Research and Quality, US Department of Health and Human Services2009 AHRQ Publication No. 09-0081-EF July 2009
- Centers for Disease Controls and PreventionPrescription Drug Overdoses: An American EpidemicPublic Health Grand Rounds2011http://www.cdc.gov/about/grand-rounds/archives/2011/01-February.htmAccessed July 25, 2011
- The Patient Protection CoalitionA Proposal to Promote Coordination of Care and to Strengthening Patient Protections under the Federal Alcohol and Drug Abuse Confidentiality LawFebuary2010www.law.virginia.edu/pdf/faculty/bonnie_patientprotection.pdfAccessed April 27, 2011
- DeborahCPRe: HIT policy committee meaningful use workgroup request for comments regarding meaningful use stage 22252011http://patientprivacyrights.org/wp-content/uploads/2011/03/PPR-MU-Stage-2-Comments.pdfAccessed April 27, 2011
- Legal Action CenterConfidentiality of alcohol and drug records in the 21st century Executive SummaryPolicy Papers12010http://www.lac.org/doc_library/lac/publications/Confidentiality_of_Alcohol_and_Drug_Records_in_the_21st_Century-1-20-10.pdfAccessed July 10, 2011
- TripathiMDelanoDLundBRudolphLEngaging patients for health information exchangeHealth Aff (Millwood)Mar-Apr200928243544319276000
- Substance Abuse and Mental Health Services Administration (SAMHSA)Frequently Asked Questions: Applying the Substance Abuse Confidentiality Regulations to Health Information Exchange (HIE)2010http://www.samhsa.gov/HealthPrivacy/docs/EHR-FAQs.pdfAccessed July 14, 2011
- PrittsJConnorKThe Implementation of E-consent Mechanisms in Three Countries: Canada, England, and the Netherlands (The ability to mask or limit access to health data)2007http://www.samhsa.gov/HealthPrivacy/docs/Privacy-eConsent-ThreeCountries.pdfAccessed July 16, 2011
- GravelySDWhaleyESThe next step in health data exchanges: trust and privacy in exchange networksJ Healthc Inf Manag Spring20092323337
- BlumenthalDVerdugoGStatement on Privacy and Securityhttp://healthit.hhs.gov/portal/server.pt?CommunityID=2994&spaceID=11&parentname=CommunityEditor&control=SetCommunity&parentid=9&in_hi_userid=11673&PageID=0&space=CommunityPageAccessed September 12, 2011