You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ctakes.apache.org by "Casimir, Patrick" <Pa...@moffitt.org> on 2016/11/02 19:21:45 UTC
Using cTakes for Identified Patient Information
I am inquiring about the safety and security of using cTakes for text mining of clinical texts that contain PHI. As an open source, is it safe to use cTakes within a hospital system that must comply to HIPPA regulations?
Thanks
[MOFFITT_2c_RGB for signature]
Patrick Casimir, PhD
Applied Health Informaticist/Data Scientist
Moffitt Cancer Center
12902 Magnolia Drive, Tampa, FL 33612 | tel: 813-7454673 | fax: 813-7458332 | email: Patrick.casimir@moffitt.org
Please consider the environment before printing this email.
This transmission may be confidential or protected from disclosure and is only for review and use by the intended recipient. Access by anyone else is unauthorized. Any unauthorized reader is hereby notified that any review, use, dissemination, disclosure or copying of this information, or any act or omission taken in reliance on it, is prohibited and may be unlawful. If you received this transmission in error, please notify the sender immediately. Thank you.
Re: Using cTakes for Identified Patient Information
Posted by andy mcmurry <mc...@gmail.com>.
+1 Sean and Peter
FWIW: ctakes has been used as a system for HIPAA de-identification,
meaning, removing PHI from clinical text.
So in at least one sense, cTakes can improve an institutions readiness to
use clinical data under HIPAA.
On Wed, Nov 2, 2016 at 5:09 PM, Finan, Sean <
Sean.Finan@childrens.harvard.edu> wrote:
> Hi Peter, Patrick,
>
> Just in case I am the "Sean" in question, I will say that Peter provided
> an excellent answer. ctakes doesn't send patient information over the
> network. As Peter indicated, in order to protect information you should
> run ctakes in a HIPAA compliant environment - just as you would run any
> other software dealing with patient data. Also, ctakes is intended for
> research use, not clinical advice or application.
>
> Cheers,
> Sean
> ________________________________________
> From: Abramowitsch, Peter <pa...@hearst.com>
> Sent: Wednesday, November 2, 2016 3:43 PM
> To: dev@ctakes.apache.org
> Subject: Re: Using cTakes for Identified Patient Information
>
> If by security you mean, protection of data, this would depend entirely on
> the architecture in which CTakes is situated.
> CTakes itself does not send anything beyond its perimeter except the UMLS
> login credentials. So if it were running entirely within a HIPAA compliant
> environment then yes.
>
> But if you mean by safe & secure that the identified concepts such as
> meds, diagnoses, procedures are guaranteed to be so correct that clinical
> advice could be based solely on its output, the answer is no.
>
> I've been down this same road.
>
> Sean, would you agree?
>
> Peter Abramowitsch
> Sr. Innovations Technologist, Healthcare
> Hearst Health Innovation Lab
>
>
> From: <Casimir>, Patrick <Patrick.Casimir@moffitt.org<mailto:
> Patrick.Casimir@moffitt.org>>
> Reply-To: "dev@ctakes.apache.org<ma...@ctakes.apache.org>" <
> dev@ctakes.apache.org<ma...@ctakes.apache.org>>
> Date: Wednesday, November 2, 2016 at 8:21 PM
> To: "'dev@ctakes.apache.org<ma...@ctakes.apache.org>'" <
> dev@ctakes.apache.org<ma...@ctakes.apache.org>>
> Subject: Using cTakes for Identified Patient Information
>
> I am inquiring about the safety and security of using cTakes for text
> mining of clinical texts that contain PHI. As an open source, is it safe to
> use cTakes within a hospital system that must comply to HIPPA regulations?
>
> Thanks
>
> [MOFFITT_2c_RGB for signature]
>
> Patrick Casimir, PhD
> Applied Health Informaticist/Data Scientist
> Moffitt Cancer Center
>
> 12902 Magnolia Drive, Tampa, FL 33612 | tel: 813-7454673 | fax:
> 813-7458332 |email: Patrick.casimir@moffitt.org<mailto:Patrick.casimir@
> moffitt.org>
>
>
>
>
> Please consider the environment before printing this email.
>
> This transmission may be confidential or protected from disclosure and is
> only for review and use by the intended recipient. Access by anyone else is
> unauthorized. Any unauthorized reader is hereby notified that any review,
> use, dissemination, disclosure or copying of this information, or any act
> or omission taken in reliance on it, is prohibited and may be unlawful. If
> you received this transmission in error, please notify the sender
> immediately. Thank you.
>
Re: Using cTakes for Identified Patient Information
Posted by "Finan, Sean" <Se...@childrens.harvard.edu>.
Hi Peter, Patrick,
Just in case I am the "Sean" in question, I will say that Peter provided an excellent answer. ctakes doesn't send patient information over the network. As Peter indicated, in order to protect information you should run ctakes in a HIPAA compliant environment - just as you would run any other software dealing with patient data. Also, ctakes is intended for research use, not clinical advice or application.
Cheers,
Sean
________________________________________
From: Abramowitsch, Peter <pa...@hearst.com>
Sent: Wednesday, November 2, 2016 3:43 PM
To: dev@ctakes.apache.org
Subject: Re: Using cTakes for Identified Patient Information
If by security you mean, protection of data, this would depend entirely on the architecture in which CTakes is situated.
CTakes itself does not send anything beyond its perimeter except the UMLS login credentials. So if it were running entirely within a HIPAA compliant environment then yes.
But if you mean by safe & secure that the identified concepts such as meds, diagnoses, procedures are guaranteed to be so correct that clinical advice could be based solely on its output, the answer is no.
I've been down this same road.
Sean, would you agree?
Peter Abramowitsch
Sr. Innovations Technologist, Healthcare
Hearst Health Innovation Lab
From: <Casimir>, Patrick <Pa...@moffitt.org>>
Reply-To: "dev@ctakes.apache.org<ma...@ctakes.apache.org>" <de...@ctakes.apache.org>>
Date: Wednesday, November 2, 2016 at 8:21 PM
To: "'dev@ctakes.apache.org<ma...@ctakes.apache.org>'" <de...@ctakes.apache.org>>
Subject: Using cTakes for Identified Patient Information
I am inquiring about the safety and security of using cTakes for text mining of clinical texts that contain PHI. As an open source, is it safe to use cTakes within a hospital system that must comply to HIPPA regulations?
Thanks
[MOFFITT_2c_RGB for signature]
Patrick Casimir, PhD
Applied Health Informaticist/Data Scientist
Moffitt Cancer Center
12902 Magnolia Drive, Tampa, FL 33612 | tel: 813-7454673 | fax: 813-7458332 |email: Patrick.casimir@moffitt.org<ma...@moffitt.org>
Please consider the environment before printing this email.
This transmission may be confidential or protected from disclosure and is only for review and use by the intended recipient. Access by anyone else is unauthorized. Any unauthorized reader is hereby notified that any review, use, dissemination, disclosure or copying of this information, or any act or omission taken in reliance on it, is prohibited and may be unlawful. If you received this transmission in error, please notify the sender immediately. Thank you.
Re: Using cTakes for Identified Patient Information
Posted by "Abramowitsch, Peter" <pa...@hearst.com>.
If by security you mean, protection of data, this would depend entirely on the architecture in which CTakes is situated.
CTakes itself does not send anything beyond its perimeter except the UMLS login credentials. So if it were running entirely within a HIPAA compliant environment then yes.
But if you mean by safe & secure that the identified concepts such as meds, diagnoses, procedures are guaranteed to be so correct that clinical advice could be based solely on its output, the answer is no.
I've been down this same road.
Sean, would you agree?
Peter Abramowitsch
Sr. Innovations Technologist, Healthcare
Hearst Health Innovation Lab
From: <Casimir>, Patrick <Pa...@moffitt.org>>
Reply-To: "dev@ctakes.apache.org<ma...@ctakes.apache.org>" <de...@ctakes.apache.org>>
Date: Wednesday, November 2, 2016 at 8:21 PM
To: "'dev@ctakes.apache.org<ma...@ctakes.apache.org>'" <de...@ctakes.apache.org>>
Subject: Using cTakes for Identified Patient Information
I am inquiring about the safety and security of using cTakes for text mining of clinical texts that contain PHI. As an open source, is it safe to use cTakes within a hospital system that must comply to HIPPA regulations?
Thanks
[MOFFITT_2c_RGB for signature]
Patrick Casimir, PhD
Applied Health Informaticist/Data Scientist
Moffitt Cancer Center
12902 Magnolia Drive, Tampa, FL 33612 | tel: 813-7454673 | fax: 813-7458332 |email: Patrick.casimir@moffitt.org<ma...@moffitt.org>
Please consider the environment before printing this email.
This transmission may be confidential or protected from disclosure and is only for review and use by the intended recipient. Access by anyone else is unauthorized. Any unauthorized reader is hereby notified that any review, use, dissemination, disclosure or copying of this information, or any act or omission taken in reliance on it, is prohibited and may be unlawful. If you received this transmission in error, please notify the sender immediately. Thank you.