Digital Certificate Initiatives Launched

ONC Working on Provider Directories, Interoperability
Digital Certificate Initiatives Launched
In a continuing effort to build a Standards and Interoperability Framework to help ease health information exchange, the Office of the National Coordinator for Health IT has launched two projects involving authentication issues.

ONC, a unit of the Department of Health and Human Services, on May 25 announced an effort to create guidelines for provider directories, which can be used to, for example, discover the digital certificates associated with a healthcare provider. In addition, ONC is working toward improving the interoperability of digital certificates.

The Standards and Interoperability Framework will result in harmonized specifications that support, among other things, the meaningful use of electronic health records as well as health information exchange, according to ONC.

Some of the provider directory guidelines will be developed within the next few weeks so they can be included in proposed criteria for stage two of the HITECH Act electronic health record incentive program.

The certificate interoperability initiative will develop an analysis of the issues related to complying with digital certificate requirements for exchanging data with federal agencies. "This assessment will consider the cost, complexity and feasibility of providers acquiring, managing and using digital certificates that are cross-certified with the Federal Bridge," according to an ONC announcement. The Federal Bridge provides certificates to federal agencies.

Digital Certificate Recommendations

Earlier this week, the Privacy and Security Tiger Team, which advises ONC, recommended that organizations participating in the Nationwide Health Information Network initiative should use digital certificates that meet the Federal Bridge standards (see: Authentication for NwHIN Participants).

The team made this recommendation because "virtually every healthcare organization will at some point need to exchange health information with a federal health agency," says Dixie Baker of SAIC, a team member who headed a subgroup that investigated the issue. Federal agencies are highly unlikely to accept a certificate unless it meets the Federal Bridge standards that they already use to ensure security, she notes.

ONC is working on an NwNIN governance rule) spelling out guidelines for participants. NwHIN (formerly NHIN) is not an actual network, but "a set of policies, standards and services that enable the Internet to be used for secure and meaningful exchange of health information," according to the official government definition. The idea behind NwHIN is to pave the way for the exchange of electronic health records and other information by linking various health information exchanges and other networks that all adhere to the same standards.

Those interested in participating in the newly announced provider directory and certificate interoperability initiatives can obtain more information at the Standards and Interoperability Framework Wiki.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.