Tuesday, August 10, 2010

Data Classification, Redaction and Clinical Documentation

I like to keep my posts topical, and I also usually leave issues like consent and security to John Moehrke, one of my colleagues who is much more well versed in security.  His post today covers an interesting area, which is data classification.  The intersection of Data Classification and Clinical Documentation isn't a huge issue for me. 

A clinical document should be classified at the very least at the level of the most secure data element inside it.  It may use an even higher classification if combinations of information inside it warrant it.  A simple example why this is the case use date of birth, gender and zip code.  Each item alone is not enough to uniquely identify a person, but the combination of data elements is.

However, where things get dicey is with "redaction", especially of clinical content used for provision of care (rather than research or population health uses).  The problem is that the clinical document itself is often a signed document, where the signing provider takes on legal responsibility for content.  However, a "redacted document" could omit content. 

My own opinion*, though one that I am sure would be supported by the HL7 Structutured Documents workgroup is that the redacted document is NO LONGER the same as the original document.  Furthermore, the redacted document should no longer carry the legal signature of the person signing the original document.  The only reason a document should list a legal authenticator is if that person has had an opportunity to legally attest to the collection of clinical information it contains, and positively did so.  I would exepect that the act of legally signing a document carries the same set of requirements as signing a contract or a check.  It would not be "done by default" by an information system.

Some would argue then, a case for representing the legal authenticator participation on the original clinical document that was then transformed into a redacted CDA document.  This is a feature that could be supported in CDA Release 3.  The question I have for those who would argue for it is: Why do you need it?  The purpose of indicating legal authenticator is to report who has been assigned legal responsibility for the original document.  If you aren't working with the original document, what use do you have for knowing who legally authenticated it?  I cannot think of a single reason that an automated system has for that information. 


*IANAL. I am not a lawyer. The opinions represented here are not legal advice.


Post a Comment