Tip 17 in the Interoperability Tip Series
HL7 Data for Testing
In last week’s tip on HL7 test reporting, we suggested that you use production data for your testing. That said, you obviously can’t use real production data. You need to find a way to remove protected health information (PHI).
That’s where a technique known as de-identification can help. You keep the clinical workflow in the messages, but you remove patient identifiers and replace them with fake values. You can also replace them with off-the-wall fake values for edge cases.
And remember – even employer information can contain PHI. For instance, if two of your patients work for say, a 5-person law firm, it would be pretty easy to search publicly available information sources and re-identify them. You must remove their employer names – or insert replacement names – if you want to use this data safely. (For more on de-identification, check out this blog post.
Here’s what to keep in mind when you de-identify your production data:
- Satisfy HIPAA. Remove the 18 identifiers designated by HIPAA as protected health information (PHI).
- Maintain message flow. If “John Doe” in your production data becomes “Michael Smith” in your test messages, ensure that Michael Smith in your A01 admission message is the same Michael Smith upon discharge.
- De-identify data in z-segments and unstructured notes. PHI can hide there.
- Message volume. Aim for at least a week’s worth of messages and ideally a few months’ worth.
- Traceability. Record which data was de-identified and which fields and data types were transformed.
Without the right message samples and test messages, you’ll run into the issues we discussed in previous tips, namely lack of updated vocabulary and potential for downtime if messages contain unexpected values.
Remember, these messages are how you test the data format and confirm that you’re not introducing errors. For example, you don’t want to find out after go-live that your interface doesn’t recognize a last name with an apostrophe.
De-Identification Software
Caristix provides de-identification software for HL7 messages. Check out Caristix Workgroup for a full interface lifecycle management suite (16-minute on-demand demo available), and Cloak, the standalone de-identification application. You can also download a Cloak trial to give it a spin.