Quick Summary

• Electronic informed consent is a challenge that touches every part of healthcare
• Electronic informed consent is more complex than agreeing to share a health record but patients need the ability to indicate which parts of their health record can be shared with which entities/individuals 
• There are several promising initiatives in the industry focused on addressing eConsent challenges
• The "Modernizing Consent to Advance Health and Equity" report published by Stewards of Change Institute is good resource to learn more

It’s a task that almost every patient must regularly complete – and which almost every patient finds frustrating, ridiculous, inexplicable or so routine that it’s done without a second thought.

At the same time, providing informed consent is one of the most significant steps one can take to facilitate the best possible health care for oneself. That’s the case today, when the processes involved are slow, onerous and hard to manage because they’re still largely siloed and paper based. Unfortunately, this will be increasingly true as obtaining patient permission becomes more extensive, computerized and granular in the years ahead.

To raise the bar even higher, it’s important to note that consent – especially relating to the growing practice of exchanging patient data inclusive of social determinants of health (SDOH) and well-being, such as education, child welfare, courts, and housing information – also has broader societal implications. That is, how and when it’s done can contribute to systemically improving care coordination and public health, remediating racial and socioeconomic disparities and furthering health equity.     

The bottom line is that Point-of-Care Partners (POCP) believes the complex issues connected with informed consent are more important than is often recognized. The topic deserves more attention than it normally gets. That’s the reason we’re partnering with Stewards of Change Institute (SOCI) on a unique, potentially game-changing national initiative to modernize consent processes. It’s also why we suggest that health care providers, information technology (IT) vendors, contractors and other stakeholders become more active participants in shaping a digital future that will almost certainly have a major impact on their patients and clients, their business operations and bottom lines, and, of course, their own lives.

Why Consent to Share Information Is Key

It’s now widely understood that in order to provide more holistic and person-centered care, medical professionals need to genuinely understand the many other contributors – beyond physical and behavioral health care – that influence every patient’s health, safety and well-being. That’s why, for more than a decade, greater attention has been paid to incorporating information drawn from SDOH-related factors, which are believed to account for 80% to 90% of health outcomes. At the same time, we know that thoughtful care coordination is essential to ensure every patient receives the array of medical, social and human services they need and for which they qualify.

The common denominator for advancing the use of SDOH data and improving care coordination is the ability to securely exchange vital, often private information back and forth across the myriad medical and social services programs, systems and sectors that impact a patient’s life. An essential step toward accessing that information is obtaining the patient’s consent to do so. If providing informed consent for data sharing was supported by a more standardized, computerized and streamlined process, it would greatly advance both SDOH integration and care coordination.

User-friendly automation of the consent process would accelerate progress toward more comprehensive care across the board, and not only for those people who already have sufficient resources to get the services they want or need. Automating consent with an easy-to-use interface would result in better data sharing, which would be especially valuable to populations that are currently underserved. Making the same point, a soon-to-be released report by SOCI, with input from POCP, explains:

“There are many reasons why this is the case, most notably the significant gaps between higher and lower socioeconomic strata relating to access to technology, education, employment, transportation and other SDOH factors. These hurdles are raised even higher by the fact that most forms used to obtain informed consent today are replete with legal, medical and/or other complex terms, rather than being written in plain language that’s readily understood by most people irrespective of their literacy level.”

The report, titled Modernizing Consent to Advance Health and Equity: A National Scan of Key Technologies, Legal Issues and Promising Practices, continues:

“In addition, people with more opportunities and resources are less dependent on others to ensure that they receive the care they need and that their care is coordinated; that is, they have the wherewithal to promote better communication and services for themselves regardless of whether the professionals/ programs involved are operating optimally. So, by broadly improving health care and care coordination through better consent processes, the most significant impact will be on populations that have benefited the least from the systems available to serve them.”

Addressing the Obstacles, Old and New

The very good news is that nearly everyone seems to be on board for making information sharing increasingly effective and efficient by making nearly all records more “computable,” meaning the processes relating to them would be more automated and, in many cases, require little or no human action to generate appropriate data and trigger next steps. We’re just not there yet.

Most patients are still routinely asked to read and sign multiple pages of paperwork, and sometimes sign them again and again for each different provider and for a variety of purposes: to receive treatment, participate in clinical studies, initiate advance directivesand, most to the point of this article,  share their personal information within and across systems. Then all that paperwork, for some well-intentioned reasons and many antiquated ones, is filed in places and in ways that make it difficult to access outside the office, practice or network for which it was initially signed.

Moreover, even as we strive to modernize siloed, paper-based processes, we’re constructing other potential obstacles. That’s because the methods and standards being developed by various stakeholders aren’t necessarily compatible, and the systems and processes they’re implementing can’t always communicate with each other. To complicate matters further, the federal and state laws and regulations governing information sharing often don’t align with each other, sometimes seem to (or do) conflict and are frequently misunderstood.

The best examples of the latter are three statutes that were enacted to protect people’s most private and sensitive information: the Health Insurance and Portability Act (HIPAA), the Family Educational Rights and Privacy Act (FERPA), and Part 2 of Title 42 of the Code of Federal Regulations (42 CFR Part 2), which applies to data relating to substance use disorders. Most legal experts agree those statutes are widely perceived as more restrictive than they really are. Consequently, medical and educational professionals – among many others who provide services – err on the side of caution by not allowing the sharing of information that could be of genuine benefit to patients, clients and customers. This presents a huge obstacle to data sharing. 

One recent positive step forward was taken by the 21^st Century Cures Act, which mandated implementation of the Office of the National Coordinator for Health Information Technology’s (ONC) Information Blocking Rule as of April 2021. The rule requires health care providers, health IT developers, health information networks and health information exchanges to share electronic health information with other systems that have a legal right to request it. In other words, health care and human services providers using different community referral services or electronic health records should be able to make referrals across software platforms if they support common standards like HL7’s Fast Healthcare Interoperability Resources or Direct Secure Messaging.

How the Information Blocking Rule plays out is yet to be seen, however, and in any case it’s unrealistic to think all these complexities will be resolved anytime soon, if ever. That’s another reason why focusing on improving their common denominator – consent to share – is so important. Improved technology will increasingly allow individuals receiving health and social services to provide more “granular” consent. This means rather than just checking the box to “opt in” or “opt out,” patients will be able to specify which pieces of personal information will be accessible, to whom and under what circumstances.   

Currently, individuals who don’t want to share some of their records must either agree to compromise their privacy by sharing everything or opt to share nothing and potentially receive lesser services because their providers won’t have all the clinical and social information they need.

In addition to a lack of granularity, the SOCI report identifies the following issues standing in the way of improved information sharing:

Lack of uniformity. There is no uniform definition of “consent” or “informed consent” across programs, systems and domains, nor is there broad acceptance of which data, organizations and users are impacted by a specific consent.

Lack of communication. The many domains that can/should share data (including health, social services, housing and other programs) have different systems and procedures in place that cannot “talk” to each other and don’t use the same vocabulary for the information being communicated.

Lack of discoverability. With personal information distributed so widely among online systems, including health and social services systems, it has become very difficult for an individual to know which systems might have sensitive information about them and how to then manage their privacy preferences and the consent to access that information across all these systems.

Lack of understanding. Perhaps most importantly, most people lack a fundamental understanding of their rights relating to privacy and to granting – or denying – consent. In addition, as discussed elsewhere in this report, even professionals whose responsibility is to monitor or enforce HIPAA and other statutes and regulations often don’t understand them. Fearing penalties and lawsuits, they err on the side of not releasing information that could be legally shared.

Initiatives to Drive Progress

Numerous efforts are being made throughout the country to improve consent-related processes, with many encouraged and financially supported by the ONCof the Department of Health and Human Services under the umbrella of its Leading Edge Acceleration Projects (LEAP) in health IT:

• San Diego Health Connect LEAP Computable Consent Project
• UT Austin Patient Engagement Platform
• Scalable Consent Framework for the Advancement of Interoperability with FHIR-based APIs

In addition, Stewards of Change Institute is engaged in several related initiatives as part of its National Interoperability Collaborative. Those include Project Unify, which seeks to broadly accelerate interoperability and information sharing to improve health and well-being; the national scan report referenced earlier in this article; and development of a Consent Service Utility (CSU) for the express purpose of making consent computable in ways that enable the secure sharing of relevant information across multiple SODH, health care and social services programs and systems to an unprecedented extent.

The CSU is being designed as a replicable, open application programming interface architecture for use primarily within and across the health care, behavioral health, social services, education and justice systems sectors. SOCI is conducting proof-of-concept demonstrations to develop the technical requirements and blueprints for CSU in collaboration with two implementation partners, the federally funded Integrated Care for Kids (InCK) sites in New York and New Jersey.

POCP urges readers of this article to learn more about the efforts described above and participate in them, if you can, because they really are about you and your future. That’s why POCP is participating in many of them. Here are a few links to get you started:

• Project Unify/CSU: https://hub.nic-us.org/groups/project-unify
• eConsent Collaborative: https://econsentcollaborative.org/
• HL7 workgroups, especially Community-Based Care and Privacy: http://www.hl7.org/Special/committees/homehealth/overview.cfm
• PACIO Project, which includes work on consent and advance directives as related to post-acute care: http://pacioproject.org/
• ONC FHIR at Scale Taskforce (FAST): https://oncprojectracking.healthit.gov/wiki/pages/viewpage.action?pageId=43614268

The "Modernizing Consent to Advance Health and Equity" report published by Stewards of Change Institute is also now available. POCP is a proud co-author of this report. 

While you learn more about electronic consent (eConsent) and consider getting involved, try to visualize a world where all individuals control the use of their personal data at a granular level. Visualize a world where all of these authorized data are shared seamlessly and instantaneously with clinical providers, social programs and those who are in a position to provide care and advice. In addition to all the other strategic work Point-of-Care Partners’ (POCP) does with our clients, we also have passion projects, one of them being our support of the eConsent Collaborative. We’d be happy to help you learn more about this collaborative and how standardized eConsent can transform how you do business. Reach out to Ed Daniels (ed.daniels@pocp.com) and Pooja Babbrah (pooja.babbrah@pocp.com).