Demonstration of Health - IT Benefits: Access to PHI in India


Presentation Description

Explains about PHI, what PHI includes, how PHI can be used or discolsed for treatment, payment and healthcare operations and how to receive medications via e-mail. For more information visit:


Presentation Transcript


Demonstration of Health - IT Benefits: Access to PHI in India  Presented by Mr. Amitava Chakraborty IPR, Space Law & Health-IT Consultant (India, US, EU) , +1-408-663-7962 & Advocate Bagmisikha Puhan IPR Consultant, India


When a patient gives personal health information to a healthcare provider, that becomes Protected Health Information (PHI) PHI Includes: Verbal information Information on paper Recorded information Electronic information (faxes, e-mails) PHI can be used or disclosed for Treatment, payment, and healthcare operations With authorization/agreement from patient For disclosure to patient PHI can be used/disclosed without authorization for the following reasons: To inform appropriate agencies Public health activities related to disease prevention/control , To report victims of abuse, neglect or domestic violence To funeral homes, tissue/organ banks To avert a serious threat to health/safety


1 Diagnosed with Depression 2 3 Received free samples of anti-depressant medications via e-mail Breach of Confidentiality and Patient Privacy


Intended Purpose PHI is sensitive personal information, the flow of which is to be made for an intended purpose, only after valid consent of the individual. The purpose and the usage of the PHI must be clear to the understanding of the individual, and the consent must then be obtained. The covered entities must ensure that the individual is aware of the intended recipients of the PHI. The above are the most the basic security and privacy rules of adherence.


Security and Privacy Standards Privacy refers to the authorization of the patient for obtaining, retaining, managing, and transmitting of the data. Security refers to the encryption of the data, while retaining, managing, and transmitting of the same to the intended recipients. The minimum standards of confidentiality requires that the PHI is reduced to de-identified data. the identity of the owner of the data should not be tied to the information which flows from one stakeholder to the other.


Reasonable Measures Sharing and transmitting of the PHI is inevitable in this Health-IT environment. Reasonable efforts to safeguard the identifiable information available with the stakeholders is a mandate and a necessity. Extends over to the handling of the data, and the transmitting of the data, over a period of time.


Solution Includes: e-PHI implementation on a secure channel computer-implemented cloud based EMR management on a heterogeneous health environment Authentication based PHI sharing b/w covered entities Designing of a Risk Adjusted Payment model/system in the healthcare network Implementation of State defined privacy and confidentiality clauses. US2014297320 US2014150077A1




THANK YOU Mr. Amitava Chakraborty IPR, Space Law & Health-IT Consultant (India, US, EU) , + 1-408-663-7962 (CA, USA) & Advocate Bagmisikha Puhan IPR Consultant, India

authorStream Live Help