The recommended policies and practices of the Markle Connecting for Health Common Framework for Networked Personal Health Information are designed to protect consumers, and to guide services, organizations, applications, or health information exchanges that collect, store, or share personal health information on the individual’s behalf. The Markle Common Framework for Networked Personal Health Information proposes a set of practices that, when taken together, encourage appropriate handling of personal health information as it flows to and from personal health records (PHRs) and similar applications or supporting services.
The Policy and Technology Checklists for Procurers and Implementers document, derived from this framework, provides recommended practices that may be used in requests for information (RFI), requests for proposals (RFP), procurement requirements or implementation checklists.
The policy practices include:
- Protecting Consumer Data Through Chain-of-Trust Agreements
- Protecting Consumers with Timely Notification of Misuse or Breach
- Providing a Dispute Resolution Process
- Preventing Discrimination and Compelled Disclosures
- Providing Access to and Control of Information
- Writing Consumer-friendly Policies
- Getting Consumer Consent
The technology practices include:
- Managing and Protecting the Individual’s Identity
- Protecting Consumers by Giving Them Audit Trails
- Limiting the Exposure of Identifying Information
- Ensuring the Portability of Consumer Health Information
- Providing Strong Security and System Requirements