Restricted Data

There are some types of data within the Designated Record Set that are restricted from being shared with other providers with a treatment relationship. Builders may tag individual pieces of data using restricted labels, or take advantage of Zus's intelligent approach to automatically tagging specially-regulated data. Patients that choose to opt out of sharing altogether may elect to do so by filling out this form.

Restricted Labels

Restricted resources in Zus are those that have a FHIR security label with a confidentiality code of “R” for “Restricted” or “V” for “Very Restricted.”

Restricted tag example:

"meta": {
    "security": [
        {
            "system": "http://terminology.hl7.org/CodeSystem/v3-Confidentiality",
            "code": "R",	
            "display": "Restricted"
        }
    ]
}

Any resources tagged as restricted in this way CANNOT be seen by other Builders, even if these Builders have a relationship with your patient. Users and app clients are permitted to view restricted resources if these resources are owned by their Builder or are owned by a Builder that has granted them cross-builder access.

Specially-regulated data

Zus uses the term "specially regulated data" to refer to that subset of PHI that may require specific patient consent in order to be shared among providers (e.g., HIV status, psychotherapy notes, substance use, mental health facility information). Data may be specially regulated at the US state level and/or at the federal level.

Data related to HIV status

Zus proactively labels all resources that may contain data relating to an HIV test, diagnosis, or medication, including data ingested from our data partners. We evaluate and label the following resource types:

  • Condition
  • MedicationRequest
  • MedicationStatement
  • MedicationDispense
  • MedicationAdministration
  • Observation
  • DiagnosticReport
  • Procedure

The Zus platform will apply the following HIV label to all resources that meet our evaluation criteria. In addition, HIV-labeled resources that are written by builders will automatically receive the Restricted label and be withheld from responses to CommonWell and Carequality.

"meta": {
    "security": [
        {
          system: "https://zusapi.com/speciallyregulated"
          code:   "HIV"
        }
    ]
}

Data related to gender affirming or abortion-related care

In accordance with California Assembly Bill No. 352, Zus proactively labels resources related to gender affirming or abortion-related care for all data written to Zus by customers about the care they provide. We evaluate and label the following resource types:

  • Condition
  • MedicationRequest
  • MedicationStatement
  • MedicationDispense
  • MedicationAdministration
  • Procedure

The Zus platform will apply the following labels (derived from the HL7 Information Sensitive Policy value set) to all customer-written data on the Zus platform so long as the resources meet our evaluation criteria, regardless of the patient's home address.

The GENDER label is applied to all resources related to gender affirming care:

"meta": {
    "security": [
      {
        system: "https://zusapi.com/speciallyregulated"
        code: "GENDER"
      }
    ]
}

The SEX label is applied to all resources related to abortion or abortion-related services:

"meta": {
    "security": [
      {
        system: "https://zusapi.com/speciallyregulated"
        code: "SEX"
      }
    ]
}

In addition, labeled resources that are written by builders will automatically receive the Restricted label and be withheld from responses to CommonWell and Carequality.

Other categories of specially regulated data

There are three other categories of specially regulated data that Zus does not automatically tag, but can support:

  1. Psychotherapy notes: This regulation refers to the personal notes of a therapist or counselor. These are separate from the core clinical record (EHR). Customers creating such notes and writing them to the ZAP should take care to tag them with the "R" tag appropriately.
  2. Mental health facility: Certain state laws prohibit sharing records created by a mental health facility. Zus will evaluate if a customer qualifies as a “mental health facility” as part of sales due diligence, and restrict from sharing accordingly.
  3. Substance use facility: Provider organizations that are part of Part 2 Covered Programs should not have any data shared without special consent. Zus will evaluate if a customer qualifies as a “Part 2 Covered Program” as part of sales due diligence, and restrict from sharing.