Introduction
The Ocean eReferral Network provides a convenient and secure mechanism for health service providers to send electronic referrals containing personal health information for patients to trusted health information custodians, in accordance with PHIPA / PIPEDA privacy laws.
In this context, OceanMD acts as a electronic service provider (ESP) that interacts with a designated health information network provider (HINP) to transfer the personal health information necessary for the referral.
It is important for the HINP to ensure that the referrers interacting with its network are legitimate health service providers (HSPs) with accurate, up-to-date contact information. Otherwise, the risk of unintentional disclosure of personal health information is increased during the natural back-and-forth communication regarding a referral.
Specific risk scenarios related to invalid referrers include:
- Malicious users masquerading as real-world HSPs who send eReferrals in Ocean with false patient or referrer contact information.
- Referrers with out-of-date contact information, including email addresses, phone, and fax numbers.
In the event that the referrer's contact information is faulty, there is a risk that the referral recipient may inadvertently disclose personal health information to an untrusted third party as part of the follow-up communication. For example, the recipient may call or fax back information to this third party indicating that the patient has "been seen here recently", presuming that the source is a valid HIC for the patient. This information disclosure would constitute a privacy breach of the patient's personal health information.
Responsibilities for the Receiving Health Information Custodian
It is important to keep in mind that the risks related to untrustworthy referrers are not unique to electronic referrals. In theory a malicious individual may masquerade as a referrer using a faxed referral to create the same risk scenario.
Consequently, referral recipients are responsible for taking the same reasonable precautions with electronic referrals as they do with faxed and phone referrals today. These precautions include adherence to simple procedures, such as the general avoidance of any personal health record disclosure without reasonable assurances that the referrer is trustworthy and is acting under the patient's consent. When these precautions are used, the risk of serious personal health information disclosures is relatively low.
HICs must formally commit to following these precautions prior to using Ocean by agreeing to Ocean's mandatory end-user license agreement (EULA).
Ocean Features that Facilitate the Validation and Accuracy of Referrer Contact Information
Although the responsibility for the referrer validation ultimately lies with the referral recipient, Ocean has several features available (now or in the near future) that can assist HINPs and HICs with the identification and validation of a referrer's contact information:
- Confirmation of referrer contact information with each referral
- Referrers are prompted to review for accuracy (and correct if necessary) their contact information prior to submitting each referral.
- Mandatory referrer information required with referrals
- Referrers must enter their professional ID and billing number when applicable. These fields are relatively private pieces of information often known only by the referrer.
- Ocean account linkage
- Referrers may sign in with an Ocean account prior to sending an eReferral. The Ocean account provides a mechanism for basic user identification including a valid email address.
- Live updates of referrer contact information
- Referrers may update their Ocean account's contact information (such as their email) at any time. Ocean will use the updated email for future referral notification and communication, even for previously-submitted referrals.
- Federated identity provider account linkage
- Where available, Ocean users can link their accounts to regional federated identity providers. Referral recipients may subsequently review the referrer's information and gauge its trustworthiness based on the presence of the federated identity.
- Referrer account enforcement by the HINP
- HINPs will be able to restrict the sending of referrals to only users with accounts provided by a federated identity provider or Ocean
- Referrer account enforcement by the referral recipient HIC
- HICs will be able to restrict the acceptance of referrals at their site to only users with accounts provided by a federated identity provider or Ocean
- HINP-specific agreement enforcement
- HINPs can specify a customized referral user agreement outlining its privacy policy and usage terms and force referrers to agree prior to sending referrals.
Access Restrictions for Referrers
Regardless of the individual HINP's policy, referrers are strongly encouraged (but not forced for the referrer's convenience) by OceanMD to sign in with a valid Ocean account prior to sending the referral. Subsequently, the referrer must sign in again with their Ocean account (or their designated federated identity provider when available) to access the referral's information.
Note: When an Ocean account is not used to send the referral, access to the referral is nonetheless still protected and restricted under PHIPA using a one-time anonymous referrer account represented by a secure hyperlink and encryption key. The referrer must authenticate using this secure link in the future to view the referral's information.