Digital Certificate Initiatives LaunchedONC Working on Provider Directories, Interoperability
ONC, a unit of the Department of Health and Human Services, on May 25 announced an effort to create guidelines for provider directories, which can be used to, for example, discover the digital certificates associated with a healthcare provider. In addition, ONC is working toward improving the interoperability of digital certificates.
The Standards and Interoperability Framework will result in harmonized specifications that support, among other things, the meaningful use of electronic health records as well as health information exchange, according to ONC.
Some of the provider directory guidelines will be developed within the next few weeks so they can be included in proposed criteria for stage two of the HITECH Act electronic health record incentive program.
The certificate interoperability initiative will develop an analysis of the issues related to complying with digital certificate requirements for exchanging data with federal agencies. "This assessment will consider the cost, complexity and feasibility of providers acquiring, managing and using digital certificates that are cross-certified with the Federal Bridge," according to an ONC announcement. The Federal Bridge provides certificates to federal agencies.
Digital Certificate RecommendationsEarlier this week, the Privacy and Security Tiger Team, which advises ONC, recommended that organizations participating in the Nationwide Health Information Network initiative should use digital certificates that meet the Federal Bridge standards (see: Authentication for NwHIN Participants).
The team made this recommendation because "virtually every healthcare organization will at some point need to exchange health information with a federal health agency," says Dixie Baker of SAIC, a team member who headed a subgroup that investigated the issue. Federal agencies are highly unlikely to accept a certificate unless it meets the Federal Bridge standards that they already use to ensure security, she notes.
ONC is working on an NwNIN governance rule) spelling out guidelines for participants. NwHIN (formerly NHIN) is not an actual network, but "a set of policies, standards and services that enable the Internet to be used for secure and meaningful exchange of health information," according to the official government definition. The idea behind NwHIN is to pave the way for the exchange of electronic health records and other information by linking various health information exchanges and other networks that all adhere to the same standards.
Those interested in participating in the newly announced provider directory and certificate interoperability initiatives can obtain more information at the Standards and Interoperability Framework Wiki.