Specify Level of Data Confidentiality
In requesting data through the DISCOVERY process, you must also specify if the data requested may contain any sensitive information.
Tip: Refer to the HIPAAwebsite for more detailed information on what constitutes protected health information.
Personally Identifiable Information: This includes any information that may be linked back to an individual patient
Examples: Social Security Numbers, Driver’s License Numbers, credit card number
Protected Health Information: This includes any information that may be linked back to an individual patient record, chart or encounter.
Examples: Clinical content stored in patient record, name, address, date of birth, medical record number, diagnosis, date of admission, date of discharge, date of procedure, or anyone age over 89.
For an example of a filled out DISCOVERY form, please refer to the Appendix Section A2.
Tip: A well-written, clear DISCOVERY request form may tremendously shorten the amount of time the programmer takes to process your request. Investing more time in filling out the form upfront will save you time down the line!
- Phrase your request in a way that even a non-clinician would understand. Most programmers who will be working on your request do not have a clinical background.
- Be as explicit and concise as possible with all requests.
- Always number each data item being requested to facilitate communication with the programmer.
- Specific recommendations:
- Labs: When requesting labs, it may be helpful to first request all admissions of interest to obtain admission and discharge dates. You can then use these dates to bound the search for lab values of interest. You may also want to request that the accession #, lab name, and timestamps be preserved (this will provide the order of entry, name of lab test, and time of entry).
- DRG (Diagnosis-related Group): Consider requesting hospitalization DRGs, which are simple to obtain.
- Transfusions: Be sure to request a timestamp and the product transfused.