The Justice and Health Connect Toolkit provides a framework for planning, implementing and sustaining interagency collaboration between justice and health systems. The toolkit is organized into four modules, describing the steps to setting up information sharing initiatives. While the toolkit is presented in a linear format, we encourage you to explore the different sections as your information sharing initiative evolves and progresses based on your interests and needs.
Wherever possible, the toolkit references real-world examples of jurisdictions that have adopted effective approaches to address information sharing challenges, accessible summaries of the research literature, and examples of best practices. In this way, the toolkit provides a different way of accessing information included in the resource library. If you still cannot find what you are looking for or have feedback on the toolkit, contact the Justice and Health Connect Team.
At the outset, you will need to set clear objectives that explain what you hope to accomplish by sharing information. While these objectives may change as you discuss your ideas with others and adapt your plans to accommodate legal and practical considerations, developing an initial vision for information sharing will allow you to communicate your ideas and determine who needs to be involved in initial planning discussions. Moreover, it will lay the foundation for mapping out the legal requirements governing information transfer, drafting data-sharing agreements, and determining your technology needs.
Examples of objectives for justice-health information sharing:
- Improving continuity in provision of health services between community and justice settings;
- Informing outreach efforts for people who will become newly eligible for Medicaid and health insurance subsidies under the Affordable Care Act;
- Reducing reliance on emergency room services by referring people leaving correctional facilities to community healthcare services such as health homes, and providing clinical information to inform their treatment;
- Providing information on health needs to the courts to identify potential candidates for treatment-based alternatives to incarceration;
- Ensuring timely access to essential medications for people entering jail or prison by linking correctional health providers to community healthcare networks.
The next step is to convene relevant stakeholders to start the process of building consensus and mapping out logistics. You should target a group that includes decision makers with the authority to approve and implement policy recommendations.
Click the Justice-Health Information Sharing Stakeholders Checklist to see which stakeholders you may consider including in initial meetings.
Six Guiding Principles:
1. Establish leadership and secure executive support early on.
Support from top-level leadership is critical for the success of information-sharing projects. Executive involvement is crucial when it comes to negotiating budgets, assigning agency staff to support a new initiative, setting priorities and seeking approval to expand the scope of an agency’s mission. Without the political will and buy-in from people in positions of power, interagency initiatives can fail to get off the ground or quickly become unsustainable. Once you have executive-level support from those at the top of organizations, they can delegate technical tasks to members of their staff.
2. Assign joint responsibility for chairing working groups and leading other planning activities.
Ideally, your initial meetings should be co-sponsored by the agencies that will be involved in the information exchange. Working groups that are co-chaired by the heads of both justice and health agencies are more likely to be viewed as collaborative and will be able to draw on resources within the range of partner agencies.
3. Identify legal experts with knowledge of your jurisdiction’s privacy laws.
Personal health information is protected by various federal and state privacy laws that restrict the ability to share information in particular situations and impose requirements for obtaining informed consent (see Module 3 for further details). There is considerable variation in state laws governing personal health information, and the regulations protecting the privacy of mental-health and substance-use information are especially stringent. Therefore, it is important to include people from your health department or treatment community who are versed in federal and state privacy laws.
4. Identify existing interagency groups, including those with prior experience in data sharing.
Your state or local jurisdiction may already have interagency justice and health collaborations, task forces, or steering committees underway, which can provide a foundation for new information-sharing initiatives. Also, many states and local governments have made substantial investments in advancing the use of electronic health records and data exchanges between hospitals and other community healthcare providers. Even if they do not have direct experience with criminal justice information exchanges, representatives from these groups may have already identified and addressed common hurdles to inter-agency collaboration and data sharing (e.g., compliance with state medical privacy laws, technology interoperability). You may also seek advice from local leaders with experience in multi-agency information sharing that are working in contexts outside of health and criminal justice. For example, many states’ child welfare, juvenile justice, and education agencies are collaborating and sharing data, which often includes sensitive information; in order to enhance services for mutually served children and families.
5. Identify boundary spanners.
Boundary spanners are people that work at the interface of health and justice systems, and who understand the common interests, shared goals, and duplicative services, as well as the distinct expectations, culture, and politics of each agency. Boundary spanners can act as liaisons between agencies, and provide important insights into the competing priorities and shared aspirations of health and justice officials. Boundary spanners are people such as community health practitioners working in correctional settings to educate people in prison about health and how to navigate the health system in the community, as they prepare to transition from prison into the community.
6. Involve the consumer community.
It may be important to include representatives from the behavioral health consumer community to help you foresee and plan for any privacy or ethical challenges that may arise. Securing the support of consumer advocates such as a local chapter of the National Alliance on Mental Illness (NAMI) can help ensure that your policies and services adequately reflect the needs of consumers, and will help ensure your initiative abides by ethical guidelines that protect consumer interests and well-being.
Bringing together a diverse group of stakeholders from organizations with different priorities, cultures, institutional responsibilities, and levels of resources can surface tensions that, if unchecked, may derail your initiative. There are a couple of methods that have shown to be successful in overcoming challenges to developing the necessary consensus for interagency collaboration.
Scoping sessions provide an opportunity for agency staff to discuss plans for information exchanges and provide feedback. They can be used to identify potential points of friction and shared priorities by providing a forum for the various stakeholders involved in an information-sharing initiative to discuss objectives, identify key concerns and barriers, and start to lay the framework for foundational documents that establish governance for an information sharing relationship.
Bringing together stakeholders in Hampden County: In Hampden County, Massachusetts, the Association of State Correctional Administrators, and the Bureau of Justice Assistance conducted a series of “scoping sessions” as part of their Jail Reentry Information Sharing Pilot program. The Hampden County Sherriff’s Department invited 26 agencies and community providers to attend a two-day meeting to discuss the value of information exchanges between the county jail and public health community. JH Connect interviewed Bob May, from the IJIS Institute about his experiences working with stakeholders in Hampden County to design and implement information sharing as part of this initiative. Read the interview here.
Drafting a project charter is a useful process for determining stakeholders’ priorities for sharing information, documenting consensus, specifying goals and objectives of data sharing, mapping out the scope of the project, formalizing partnerships between justice and health organizations, and assigning responsibilities. Project charters are important to draft at the outset and can be adapted and modified as your interagency collaboration evolves. Furthermore, charters can set the stage for developing legal documents in the future, including memorandums of understanding, information-sharing agreements, and agency policies that codify information sharing arrangements.
Click here for a practice guide on drafting project charters
The National GAINS Center’s Sequential Intercept Model (SIM) provides a conceptual map of the points along the criminal justice continuum where there may be opportunities to link people with treatment services and share information. A number of jurisdictions have used the SIM as a framework for structuring meetings with stakeholders to build consensus and identify opportunities to increase collaboration between criminal justice and public health systems. Click on the links below to learn how two jurisdictions used SIM to foster collaboration between local health and justice agencies.
At the end of the consensus-building process you should aim to have identified a group of potential partners who agree upon a clear, explicit mission statement that defines what your data-sharing arrangement will achieve. The mission statement is the starting point for working through the rest of the process, including assigning responsibilities, mapping out legal issues, and developing governance documents.
The communication of personal health information within and between justice and health systems is regulated by a combination of federal and state laws and ethical standards. These privacy laws and regulations are designed to protect patient autonomy, confidentiality, doctor-patient trust, and human dignity. Information that may indicate someone’s mental health, substance use, or HIV status is subject to more stringent protection, because people facing these health challenges may experience social marginalization or other forms of stigma if it is revealed.
Although privacy laws may seem cumbersome and complicated, they do not create insurmountable barriers to information sharing. In many instances, the inability of health and justice systems to communicate and coordinate services is far more damaging than the potential risks related to misuse or accidental exposure of confidential health information.
This module provides an overview of the laws, regulations, and ethical standards that protect the privacy of personal health information. It includes links to resources that provide more detail on the relevant laws and regulations and presents ways to structure information sharing initiatives to maximize access to treatment while complying with federal and state laws.
The two key federal privacy regulations that relate to health information are 42 CFR, Part 2 and the Health Insurance Portability and Accountability Act (HIPAA). These two sets of rules apply nationally and set the floor for privacy protection for health information. In addition to understanding federal laws, you will need to consult state and local laws governing the health, mental health, and substance use information in the jurisdiction where you are working, as these laws apply if they are more stringent than the federal regulations.
What is the purpose of 42 CFR Part 2?
42 CFR, Part 2 (commonly referred to as “Part 2”) is part of the implementing regulations of The Federal Confidentiality of Alcohol and Drug Abuse Patient Records Law. Part 2 protects the confidentiality of people who seek or obtain treatment for substance use, requiring individual consent to share health records related to drug or alcohol treatment in most cases. The purpose of Part 2 is to assure consumers that any information that could identify them as someone seeking or receiving treatment for substance use will be kept private. This confidentiality is necessary to promote a level of trust between treatment providers and their clients, to ensure that patients feel secure in seeking treatment, and to shield them from negative consequences that can occur if substance use status is disclosed.
You need to be sure that any disclosure of information about a person’s substance use treatment needs complies with the requirements of Part 2 and is consistent with the regulation’s core values.
THE BASICS OF 42 CFR, PART 2
- Requires specific consent: With certain conditions and exceptions, Part 2 prohibits the disclosure and use of substance use treatment records without a person’s specific consent. It is stricter than HIPAA in that it does not have an explicit treatment exception that allows care providers to share information without consent when the purpose is to coordinate treatment.
- Applies to most providers: Part 2 applies to substance use treatment programs that receive any form of federal assistance (for instance, grant funding, Medicaid).
- Applies to identifiable information: These regulations apply broadly to any information that can be used to identify an individual as someone seeking or receiving care for substance use.
- Has limited exceptions to consent requirement: Part 2 defines limited circumstances where disclosures can be made without consent, including medical emergencies, research, and audits or evaluations.
- Sets a floor: Similar to HIPAA, Part 2 sets a federal privacy floor, meaning it preempts state laws that are less protective of substance use information privacy but preserves provisions of state law that are more stringent. For a more detailed summary of the requirements of 42 CFR, Part 2 and how it applies to the criminal justice system click here.
What is the purpose of HIPAA?
HIPAA aims to improve the delivery of healthcare by setting standards for the transmission of personal health information. The regulations strike a balance between individual privacy and the need for medical professionals, treatment providers, and others to exchange information on the treatment needs of their patients and clients.
Misconceptions about HIPAA
HIPAA is not an insurmountable barrier to justice-health information sharing. However, a general lack of understanding of the requirements of HIPAA and fear of violating privacy regulations can act as obstacles to effective interagency collaboration. The following two resources debunk many of the misconceptions about HIPAA that prevent agencies from sharing information and working together.
The Basics of HIPAA
HIPAA has two main components. The Privacy Rule governs all health information regardless of how it is stored or transmitted. It is the most relevant to answering such questions as when consent is required before sharing information. The Security Rule only applies to electronic health information, describing a series of standards and policies designed to ensure information security.
Click here for a summary of the Privacy Rule relevant to criminal justice agencies.
The Privacy Rule
- Protects all individually identifiable, personal health information: The Privacy Rule sets national standards for the privacy and security of personal health information (PHI) that is created, maintained, or used by a covered entity or its business associates.
- Often requires authorization prior to release of health information: HIPAA’s Privacy Rule defines when covered entities or business associates must obtain informed consent (“authorization”) before they can release health information.
- Defines exceptions to authorization requirements: The Privacy Rule allows covered entities to share health information without an individual’s consent in a number of situations, including: to coordinate treatment or payment for treatment, to conduct public health activities, to comply with a judicial order, to assist a limited set of law enforcement investigations, and to prevent a serious threat to health or safety.
- Psychotherapy notes: To protect the patient-clinician relationship, HIPPA’s exception that allows sharing information to coordinate treatment does not apply to psychotherapy notes.
- Creates a privacy floor: This means that state law will apply where it is more stringent than HIPAA.For a more detailed explanation of the Privacy Rule, click here.
The Security Rule
- Applies to electronically shared information: Establishes a national set of security standards for protecting certain health information that is held or transferred in electronic form “electronic protected health information” (e-PHI). If your information exchange involves electronic transmission of health information then you will need to also consult the Security Rule.
- Safeguarding electronic health information: The Security Rule requires covered entities to put in place various administrative, physical, and technical safeguards when transmitting e-PHI. For example, it requires them to perform a risk analysis to assess risks of disclosure and document the process in place for securing this information. It also requires them to implement technical policies and procedures that ensure only authorized persons have access electronic protected health information (e-PHI).
- Creates a privacy floor: This means that state law will apply where it is more stringent than HIPAA. For a more detailed summary of the Security Rule, click here.
In addition to federal provisions, a significant body of state law governs the privacy of health information. Most states have specific laws governing mental health records, HIV status, and substance use information. These laws are typically more stringent than their federal counterparts, such as HIPAA. Given the amount of state-specific variation in privacy laws, it is important to consult local legal experts with knowledge of privacy laws in the jurisdiction where you are working to determine how these laws affect your ability to share information.
The Relationship between Federal and State Privacy Laws:
HIPAA and Part 2 set privacy floors. This means that federal law does not supersede state law when state health privacy law provisions impose more stringent requirements, standards, or implementation specifications. In many instances, state law governing mental health records will be more restrictive than HIPAA. State laws governing substance-use information frequently mirror or explicitly codify Part 2.
It is beyond the current scope of this toolkit to provide a comprehensive summary of state medical privacy laws. Click A Quick Guide to State Laws on Sensitive Health Information to read a short summary on state laws that apply to mental health, substance use, and HIV.
Click on these Additional Resources:
Privacy of Criminal Justice Information:
In addition to privacy of health information, it is also important to recognize that information about a person’s involvement in the criminal justice system is also sensitive and protected by law. Only certain information is considered public information. Disclosure of involvement with the criminal justice system can affect many facets of a person’s life, including employment, education, and housing. It can also influence a healthcare provider’s willingness to provide care. It is imperative to factor in the consequences of disclosing criminal justice information when designing an information sharing initiative.
- Compendium of State Privacy and Security Legislation (2002): The Bureau of Justice Statistics (BJS) provides an overview of State legislation governing the privacy, security, maintenance, and dissemination of criminal history records.
- Click here to read the Legal Action Center report on the challenges disclosure of criminal records can create for people reintegrating into the community from prison.
Healthcare professionals and criminal justice practitioners have ethical obligations to preserve the privacy, safety and well-being of the people they serve. Even in situations where they can legally share health information, practitioners must often decide whether sharing information is in their clients’ best interest: could disclosure of health- or justice-related information have negative, unintended consequences? Medical professionals have an ethical obligation to “do no harm” to their clients, also known as “non-malfeasance.” Even when authorized and carefully managed, release of sensitive health information about a person’s mental illness, substance use problem, or criminal justice involvement can negatively affect employment, housing, insurance coverage, custodial rights, and right to receive disability benefits, and lead to social stigmatization.
A common ethical dilemma for clinicians when considering whether to share information with justice agencies is the concern that releasing health information could negatively influence the outcome of an ongoing criminal or civil case, lead to more restrictive conditions being placed on their patient, or damage the clinician-patient relationship.
While privacy laws and regulations are designed to minimize these potential risks, agencies engaged in information sharing should adhere to professional standards and ethical principles in addition to complying with relevant privacy regulations. Below is a summary of ethical principles that can be applied to justice-health information sharing.
The Fair Information Principles are universally recognized standards that cover the collection, use, storage, and dissemination of personal information. They are embedded in laws that govern the privacy of health information and provide a good starting point when setting the parameters for information sharing initiative. They are helpful principles to guide information sharing initiatives that involve complicated ethical considerations.
Explicitly define the purpose for sharing information and make sure that all subsequent use of that information is consistent with that defined purpose.
Review how personal information is collected to make sure that you have legal authority, and to ensure that safeguards are in place to prevent unauthorized compilation of personal data.
Adopt a process that ensures any information shared is accurate and up to date.
Limit the use and disclosure of information to the purpose articulated in the purpose specification.
Conduct a risk assessment and develop a method to protect against of unauthorized access or misuse of information.
Inform the individual and public how information is collected, maintained, and shared.
Describe policies and legal rights for individuals to access and amend their personal information.
Instill a formal process to monitor compliance with all of the fair information principles.
There is a range of professional standards to protect sensitive health information. These include professional codes of conduct, clinician licensing statutes, and ethical guidelines for disciplines such as medicine and public health that apply to clinicians working in both criminal justice and community settings. Moreover, some standards specifically address the ethical dilemmas involved in providing health services in jails, prisons, and other criminal justice settings.
The National Commission on Correctional Health Care (NCCHC): NCCHC represents a number of major national organizations in the fields of health, law, and corrections with the joint mission of “improving the quality of health care in jails, prisons and juvenile confinement facilities.” NCCHC provides explicit standards relevant to information sharing, including the management and confidentiality of health records, access to custody information, and the use of informed consents. For further information on NCCHC standards, click here.
The American Bar Association, Standards on Treatment of Prisoners:
The American Bar Association has also established ethical principles for professionals providing and overseeing health services for incarcerated populations.
Part VI addresses Health Care. A few provisions relevant to the ethics of justice-health information sharing include:
Patient autonomy is the ethical principle underlying a person’s right to make informed choices about his or her care. It is important that information sharing initiatives aim to maximize the ability of patients to participate in decision making about their healthcare.
Maximizing Patient Autonomy in Justice-Involved Populations
Dr. Emily Wang and Dr. Shira Shavit, in collaboration with the San Francisco Department of Health and the Southeast Health Center, established The Transitions Clinic Network (TCN), an innovative clinical model that establishes community-based medical homes for people with chronic diseases returning home from prison.
Patient autonomy and an understanding of the ethical and cultural challenges associated with providing treatment in correctional settings are at the core of the TCN model’s proven success. To maximize engagement with services in the community following release, TCN staff ensure patient confidentiality, foster trust, and empower people to participate in their own healthcare.
By fostering trust and engaging people in their own care, TCN’s approach has significantly improved health outcomes and reduced costly emergency rooms visits for this population following release from prison. Click here for a study demonstrating improved outcomes for those using TCN.
This section describes a few strategies to comply with health privacy laws and ethical principles, maximizing the impact of justice-health information sharing initiatives and minimizing potential risks.
Information sharing is always legal with a person’s valid consent. Obtaining a person’s knowing, voluntary, and informed consent to share his or her clinical information is also a good practice that can help ensure compliance with ethical obligations. The consent process provides an opportunity for health and justice professionals to ensure that their clients and patients have personal control over health decisions by describing who has access to their health information and what they are going to use it for. Federal and state laws define substantive and procedural requirements of a valid consent to share personal health information (for example, see Subpart C of 42 CFR, Part 2).
Click here for a discussion of the use of informed consent in the age of advancing health information technology.
Uniform consent forms provide a way for networks of treatment providers and justice entities to legally share health information in order to deliver comprehensive care. Providing coordinated care for people as they move between justice settings and the community typically requires communication between multiple providers working in different locations, organizations, and disciplines. Agencies and stakeholders can work together to develop uniform consent forms to facilitate more efficient, cross-boundary information sharing. These forms typically list all of the participating agencies, the reasons for sharing information, and allow consumers to check off which entities listed on the form can access their personal health information.
Examples of uniform consent forms:
These jurisdictions’ consent forms are used to permit information sharing and care coordination among multiple agencies.
- Washington State Department of Corrections: Consent for the Release of Confidential Mental Health And Alcohol and Substance Use Treatment
- Connecticut Department of Correction: Authorization to Obtain and/or Disclose Protected Health Information
- Seattle Veteran Treatment Court Release of Information
- Idaho: Multi-Part Authorization for Release of Information
Data segmentation can help ensure compliance with privacy regulations. It is a technology that limits what type of information can be viewed in a person’s medical record based on a password or user identification. For example, segmentation can be used to allow entities directly involved in treatment to share diagnostic and clinical information, while restricting others with administrative roles to the minimum amount of information necessary. Segmentation can also allow the patient to play an active role in determining which portions of his or her record can be shared with different providers and agencies within an information-sharing network.
Click here to read more about the role of data segmentation in protecting privacy in electronic health information exchange.
State legislation can be used to authorize information sharing between criminal justice and health systems for pre-defined purposes. For example, several states have passed laws that enhance the ability of agencies to coordinate services for people who use multiple providers within the public mental health system.
Illinois: Illinois has twice modified its Mental Health and Developmental Disabilities Administrative Act in order to increase information sharing between the health and justice systems. Public Act 91-0536 and Public Act 094-0182 enable information sharing between the state prison and jail system and the Department of Mental Health (DMH) without informed consent in certain situations. For example, correctional facilities are able to send their rosters electronically to DMH to access information on treatment history, assess treatment options, and inform discharge planning.
Minnesota: Minnesota enacted a state law, Section 13.468, to permit county welfare, human services, corrections, public health, and veterans service units to exchange information on “whether an individual or family is currently being served… without the consent of the subject of the data.” The law limits such information to a person’s identity, contact information, and the names of county agencies that have provided services to the person.
Community health and criminal justice agencies vary widely in their adoption of electronic data systems and the resources that they have at their disposal to implement new technologies. Generally, correctional and behavioral health providers lag behind the rest of the health sector when it comes to health information technology implementation. While there are clear benefits to advancing information technology, it is not required to achieve effective data sharing and it is often helpful to adopt technology gradually, paving the way for a fully integrated system by taking incremental steps. Before making any decision about adopting new technology, you should first find out how other justice and health agencies in your jurisdiction are communicating and determine if they have developed information sharing networks that you can become part of by joining an existing Health Information Exchange, for example.
This module: (1) discusses the importance of clarifying your information sharing goals; (2) describes the main information sources that are typically included in justice and health data exchanges; (3) outlines a range of technology options for sharing information; and (4) provides links to resources that will help you develop and maintain information sharing technology.
Click here for an overview of health information technology and how it is improving connectivity between health and justice systems.
While technology provides a powerful tool for putting your information sharing plans into practice, a fully integrated health and justice information system will not help you answer questions about what information should be shared, when, about whom and for what purpose. Mapping out your technology needs involves first stepping back and determining:
Salt Lake City, Utah:
Click here to learn how public health and criminal justice officials in Salt Lake County, Utah reached consensus on data sharing needs, mapped data systems, and then developed technical solutions to connect the county jail system with the county’s Division of Behavioral Health Services and 35 behavioral health treatment entities.
Most justice/health information exchanges draw information from a combination of three basic data sources: correctional health systems, community health systems, and criminal justice systems. Once you have identified the data that exists in each of these systems and how the information is stored, you can explore solutions for transferring information from one system to another, and build connectivity. The following figure provides further information on these three core information sources.
Click here for a definition of the information sources in the graphic above.
This report by the IJIS Institute and Urban Institute presents more than 30 user-case scenarios for information sharing between justice and health systems. It includes detailed “Information Exchange Synopses” where enhancing information sharing can improve public health and foster inter-agency collaboration. Each synopsis explains: (1) what will be achieved through information sharing; (2) the type of information needed; (3) the data source, or where the data are captured; (4) the parties that need to be involved; (5) how information will flow between parties; and (6) associated legal and technical challenges.
This section describes a range of technical tools that jurisdictions are using to share information across agency boundaries, with case studies and examples of how these technologies are being used to increase access to essential healthcare services.
1. Paper-based sharing
Agencies should strive to move away from paper-based data systems to manage health records. However, when the goal of an information sharing is relatively simple and technology is not affordable or necessary, then sharing information via sheet of paper, telephone, and a fax machine can still be an effective way to deliver important information.
Connecticut’s Correctional Managed Healthcare Pharmacy Voucher Program
In 2011, the Connecticut Correctional Managed Health Care (CCMHC) implemented a pharmacy voucher program as a way of increasing access to essential medication for people leaving corrections custody. Prior to the program being created, some people leaving jail or prison were given two weeks of medication with no refills while those released directly from court typically received no medication. Even when released with a prescription, most people were unable to register with a doctor and arrange an appointment within two weeks of reentry, and, as result, they were running out of essential medication. This scenario is particularly perilous for people with serious mental health and other chronic conditions that require uninterrupted access to medication in order to stay healthy and stable.
The pharmacy voucher program uses faxes and paper vouchers to increase access to medication and reduce the cost of packaging and delivering prescription drugs to correctional facilities, where they are often not retrieved. People leaving correctional facilities receive a paper voucher that can be presented to any pharmacist in Connecticut. The voucher informs the pharmacist that the individual received medical care while incarcerated, and lists a phone number that they can call to verify details of the prescription. Upon calling the correctional health provider, the pharmacist is authorized to issue one month’s supply of medication.
2. Secure e-mail
Advanced information technology is not always necessary for agencies to effectively share data. For example, relatively inexpensive technology that allows clinicians to share patient data via e-mail can enhance continuity in care, protect patient privacy, and illustrate the value of improving communication without a significant investment of resources.
The Direct Project
The Direct Project is an open-government initiative developed by the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology. The direct framework can be used to transmit patient treatment information from correctional health settings to primary care providers in the community when a person leaves jail or prison.
The Direct Project:
- uses encryption technology to transmit health information directly to trusted recipients over the Internet;
- provides a straightforward, affordable, secure, scalable, standards-based method for transmitting information;
- can replace traditional methods of exchange (such as paper, fax, or phone calls), increasing efficiency and providing a future path to advanced interoperability; and
- offers a viable option for organizations without advanced technological capacity.
3. Web-Based Information Sharing
Web-based technologies allow multiple agencies to access the same online data system to coordinate services and inform decision making. Secure logins, passwords, and account settings are assigned to each user to limit the types of information they can access in accordance with their professional responsibilities. For example, a reentry service provider working in a jail may be able to access information on health service contacts in the community to help them make appropriate referrals for people leaving custody. A clinician working in the same setting may have greater access, allowing them to see clinical notes, diagnoses, and information on drug regimens.
Illinois: Jail-Data Link System
The Jail Data Link system in Illinois is an example of an internet-based technology that allows staff in county jails and community mental health settings to share data securely. Launched by the Corporation for Supportive Housing, this web-based system links the county jail, Department of Mental Health (DMH) in-patient facilities, and community mental health centers. Service providers working in these settings can access the Data Link system to identify and treat people with serious mental health conditions as they transition between the jail and community. The system is equipped with two user portals individually tailored to the needs of jail and community treatment staff. Each system user receives a unique user-identification and password which determines which agency portal they can access and what information is displayed.
Click here to read a detailed process evaluation of the Jail Data Link program that explains how the technology works, how it was set up, and how much it costs to sustain.
The Behavioral Health Integrated Provider System (BHIPS)
BHIPS is a web-based clinical information system for substance use and mental health service providers that supports information sharing and coordination of services. The system automatically creates an electronic health record (EHR) for each person and centralizes demographic and treatment service information in a single location. Five states and one large urban county currently use BHIPS, including the Texas Department of Criminal Justice-Community Justice Assistance Division, which uses the system to coordinate behavioral health services for clients in its diversion programs.
4. Health Information Exchanges (HIEs)
Health information exchanges act as information hubs that connect health providers across a range of settings. Members of the HIE are able to access information from other providers in the same network. HIEs and web-based approaches to data sharing are often used together. The exchange defines the purpose of information sharing, members of the networks, and information to be shared, while the web technologies provide the means to communicate data through a secure web portal. A core component of HIEs is the use of security protocols to restrict access to records based on patient consent.
New Jersey: HIEs and the Camden County Jail
Watch The Unseen Provider: This short documentary, produced by Community Oriented Correctional Health Services (COCHS), highlights the importance of linking jail systems to HIEs as a way of building connectivity between corrections and the community. Since the production of this video, the county jail has joined the local HIE, and, as a result, staff at the jail are now able to log in to an online system and access important clinical information for people in the jail.
5. Accountable Care Organizations
Accountable care organizations (ACOs) are an essential component of the Affordable Care Act. An ACO is a group of healthcare providers who offer coordinated care and chronic disease management to improve the quality of care patients receive, commonly referred to as medical homes or health homes. To receive federal incentive payments, ACOs are required to use health information technology (HIT) to facilitate care coordination between providers. Your jail may be able to join a local ACO, such as a patient-centered, behavioral health home, providing access to healthcare information from a network of healthcare providers working in the community. Click here to read more about the role of health information technology in an ACO, the Mental Health Home of Maimonides Medical Center, in which the local corrections system is a partner.
6. Cloud-Based Technologies
Cloud-based technology allows software to be located and information to be stored on remote servers. It offers an affordable option for service provider organizations working in jurisdictions that do not have access to the computer system or technical expertise required to design and operate a customized technological infrastructure. Because cloud-based technologies use remote servers, the maintenance and upkeep of these systems does not require technicians to be physically present, making them particularly suited to agencies based in more remote areas.
Cloud Technology in Health and Justice
- Addressing Health Disparities with Cloud-Computing: Click here to read how public health leaders in Illinois are using cloud-computing to foster information sharing and address health disparities.
- Promoting Public Safety with Cloud Computing: Click here to read the “Guiding Principles on Cloud Computing in Law Enforcement” from the International Association of Chiefs of Police, which gives guidance on issues such as confidentiality, proper use, and data security when using cloud-based computing.
7. Standards-Based Architecture
To promote communication within and between organizations working in different sectors that use different types of technology and record keeping systems, the federal government has developed Standards Based Architecture (SBA) for sharing information. SBA provides a method for disparate systems to exchange data in a secure way, using a standardized language and method of transmission. Some of the most commonly used SBAs include the National Information Exchange Model (NIEM) and HL7.
You can access further details of SBA and support to design and implement one of the national models, using the following links:
For an overview of justice systems information sharing, including technological solutions visit the Department of Justice Global Justice Information Sharing Initiative site.
For information on a set of data standards used across government departments and service sectors visit the National Information Exchange Model (NIEM) site.
To learn more about interoperability standards for health information sharing, see HL7.
The following organizations provide a range of resources describing best practices to consider when developing information sharing technology solutions:
Health Information Technology
Financial Resources for EHRs in Jails and Prisons: the Medicaid EHR Incentive Program: Under the HI-TECH Act, healthcare providers working in jails and prisons are now eligible for financial incentives to support adopting, implementing, and updating EHRs if: at least 30 percent of the patients they serve are enrolled in Medicaid and the EHR vendor selected is certified by the Office of the National Coordinator for Health Information Technology (ONC).
Justice Information Sharing