A CPR (computerized patient record) is a record about an individual patient stored in a healthcare provider's computer, in a database that is legitimately the property of the provider. It will usually contain the patient's demographic data and medical information collected only when the patient visits that provider.

An EMR (electronic medical record) is the organized collection of all records about an individual patient stored in the computer systems and databases of all the providers who have provided care to that patient. The EMR is not stored on any individual computer, but is assembled dynamically, in real time, from CPRs when needed, and it "dissolves" after use -- until needed next time.

A. MEMRI is committed to the principle that people have the right to determine who may and who may not view their personal information. MEMRI recognizes that this same degree of control may or may not apply to provider CPRs, but control of the CPR is not MEMRI's concern except to the extent that any individual or his/her authorized representative has the legal right to at least some basic, personal elements of the information contained in a CPR.

MEMRI will not control the EMR. It will merely facilitate access to it by its owner, the patient.

A. The full technical scope and description is too detailed to enter here. Suffice it to say that through a generous benefaction from Sun Microsystems, MEMRI will use SunONE technologies in creating the following key components:

• A portal, to provide the single sign-on, single point of access needed to point to the diverse types of information (HTML and XML content) originating from multiple different legacy application sources such as mainframe, ERP, and database systems, and allow the information to be displayed within a set of pages that the user can view in a browser. The portal will maintain multi-level profiles of the organizations, roles, and users, enabling authentication, authorization, and access control as well as comprehensive personalization and device-independent customization for both end users and applications. The portal does not itself "run" the EMR service, it simply serves as the gateway.
• An UDDI (universal description, discovery, and integration) registry, to identify and integrate with provider CPR systems
• Liberty Alliance protocol-compliant tools for managing identity and policy, based on UDDI, ebXML and other developed standards.
  

A. The key data in need of privacy protection is the identity of the individual. The Liberty Alliance, a consortium of leading companies and institutions committed to protecting individuals' identity on the Internet while enabling them to conduct business and transactions, has defined technical protocols to do just that, through service providers known as "identity providers."

MEMRI will be a Liberty Alliance-compliant identity provider that establishes a "circle of trust" relationship with healthcare providers. A circle of trust will exist where MEMRI has established relationships with healthcare providers allowing the user to wield his/her MEMRI-based network identity with them.

A. The Department of Health and Human Services' "Guidance Explaining Significant Aspects of the Privacy Rule" in Standards for Privacy of Indicvidually Identifiable Health Information (45 CFR Parts 160 and 164) December 3, 2002 states that the HIPAA Privacy Rule ...

• "gives patients more control over their health information"
• "generally gives patients the right to examine and obtain a copy of their own health records and request corrections" and
• "empowers individuals to control certain uses and disclosures of their health information."

These outcomes align with MEMRI goals and objectives, as do HIPAA's electronic transactional standardization requirements, which will stimulate, facilitate, and accelerate care providers' ability to share patient data with the patient through MEMRI.

A. We used a $30,000 per physician saving cited by Capitol Region Healthcare, a New Hampshire IDN. These savings relate to a provider CPR, not a statewide EMR, where additional efficiencies and economies and improved health outcomes are expected to increase the per-patient saving.