Not every product can have cheeky, casual content — especially in healthcare, when patients and families may be overwhelmed with cancer diagnoses, recovering from abuse, or afraid of stigma and discrimination. At ACT.md, our design team encountered this in a dramatic way: Massachusetts law requires that a patient's authorization for sharing health data include specific call-outs for (really) sensitive conditions, and our application's authorization agreement—shown front-and-center during user enrollment—had to comply. This show-and-tell talk will share the best practices and assumptions behind our patient authorization design, plus our experiences testing it with patients and families.
8. “Teams make decisions by exchanging medical information. That
is normal and under the law can be done without your permission
or authorization except for certain highly sensitive information
as noted below. Your authorization is required because
without it team members cannot use your medical
information fully to coordinate your care using ACT.md, and
ACT.md cannot fulfill all its promises to you and them.”
9. “Your data will be used for the purpose of fulfilling our
promises. Our work does NOT involve mining your data to sell to
marketers, or any of the purposes people rightly fear as
compromising their identity. It does not involve taking
advantage of you.”
10. “With your authorization and once you have an account, we
provide a mechanism for clinicians to communicate, create
common and shared documentation, formulate, assess,
coordinate and prompt the various forms of care and follow
through that are required in their judgment. And that
communication is in front of you and decision-making each
step of the way is accessible to you. With freedom to
comment and ask questions.”
19. Invitation
e-mail
Demographics
Choose Password
Use the app
Authorization
agreement
• Get some buy-in before scary stuff
• Simplify enrollment even further
• Give authorization the focus it needs
INVITE ENROLL GOACTIVATE