Tuesday, 29 October 2002 - 3:50 PM
75

This presentation is part of C6: Grow: Privacy and Confidentiality

Confidentiality: The Challenge of Time, Growth, and Change

Kim Salisbury-Keith1, Amy Zimmerman1, and Diane Brandley2. (1) Rhode Island Department of Health, 3 Capitol Hill, Providence, RI, USA, (2) Self employed, 23 Fairway Circle, Hope Valley, RI, USA


KEYWORDS:
Registry, Confidentiality, Standards

BACKGROUND:
KIDSNET, Rhode Island's integrated registry for children's preventive health services initiated pilot operations in 1997. Since 1997 the content and methods for data integration have been modified, requests for registry access have grown, confidentiality standards developed and new regulations and laws have been passed.

OBJECTIVE(S):
To describe how confidentiality policies have evolved over time. To describe processes needed to assure that confidentiality policies and procedures are current, are compliant with existing laws and meet current standards.

METHOD(S):
A systematic analysis of current confidentiality policies and procedures was undertaken including a review of the provider and data sharing agreements, the KIDSNET policy manual, and notification materials. Materials were reviewed to assure that they reflected practice, were in compliance with laws, and met the standards set forth in the Community Registries manual. A gap analysis was completed to identify areas where policy was incomplete, did not reflect current practice, or did not comply with regulations, laws, or standards. Work groups were established to review access issues and the Provider agreement.

RESULT(S):
KIDSNET documents containing information that was not current were identified as well as compliance gaps. Revisions were made to the Provider Agreement and Confidentiality Manual, a generic data sharing agreement developed,and a process to revise notification was begun. Areas of continued "non-compliance" were noted.

CONCLUSIONS(S):
Confidentiality standards and policies are not static. Continual review of policies and documents is needed with attention paid to events that should trigger a review. Triggers include changes to laws, regulations, standards, database changes and changes in community standards.

LEARNING OBJECTIVES:
To understand the triggers for reviewing confidentiality policies and procedures. To identify processes for keeping confidentiality policies and procedures current and compliant.

Back to Grow: Privacy and Confidentiality
Back to Contributed Papers
Back to The 2002 Immunization Registry Conference of CDC