Electronic Healthcare Records , Governance & Risk Management , Healthcare Information Exchange (HIE)

A Handy Guide to Standards for Secure Health Data Exchange

'Interoperability Standards Advisory' a Resource for Developers, Healthcare Entities
A Handy Guide to Standards for Secure Health Data Exchange

In an effort to help advance secure nationwide health data exchange, federal regulators have released an updated online tool to help healthcare entities and technology developers sort through critical standards and implementation specifications.

See Also: OnDemand | Driving Security, Privacy, & Compliance Goals by Accelerating HITRUST Certification

The Interoperability Standards Advisory provides an online catalog of information about key standards and implementation specifications to help enhance the sharing of clinical data, including medication lists, immunization records and test results, according to the Department of Health and Human Services' Office of the National Coordinator for Health IT.

The new resource can help "provide direction to developers creating novel products for the healthcare sector, as well as to [healthcare organizations] issuing technology requests for proposals, says John Halamka, CIO of Beth Israel Deaconess Health System in Boston.

The standards and specifications contained in the tool "are not government regulations, but rather a guide, a trajectory to solving problems," he says. "The advisory process is agile and likely to be more transparent than the regulation-making done behind closed doors."

Phil Curran, CISO and chief privacy officer at Cooper University Health Care in Camden, N.J., says the Interoperability Standards Advisory is a helpful resource for narrowing down standards and specifications to improve an organization's privacy and security efforts.

"I knew about the standards, but had a hard time finding them. Having them in one location will allow us to better incorporate the standards into our security and privacy assessments," he says.

Achieving Interoperability Goals

Vindell Washington, M.D., who heads ONC, notes: "The [advisory] is a key step toward achieving the goals we have outlined with our public and private sector partners in the Shared Nationwide Interoperability Roadmap, as well as the Interoperability Pledge announced earlier this year,".

Washington was referring to ONC's 10-year roadmap for interoperability that was issued in 2015 and an "interoperability pledge" that was taken in February by dozens of technology vendors and healthcare organizations promising to help facilitate secure health data sharing, in part, through implementing standards-based application programming interfaces, as well as supporting security and privacy best practices.

"We incorporated detailed stakeholder feedback to provide a consolidated, public list of standards and specifications that can be put to use to address clinical, public health and research needs for sharing electronic health information," Washington says.

Engaging the Healthcare Community

Although ONC released last December a 2016 version of the Interoperability Standards Advisory that was a "static" document, the updated version offers an online platform "so stakeholders can more fully engage with and shape the [advisory] on an ongoing basis," ONC says. "This platform allows for more efficient, close to real-time updates and comments as well as links to projects included in the Interoperability Proving Ground that might be using a particular ... standard."

The Interoperability Proving Ground is an online healthcare community resource describing interoperable health IT projects. A sample project listed in the community site is an effort by the New Hampshire Health Information Organization to use secure messaging to improve care coordination for patients treated at behavioral health and long-term post-acute care facilities.

Also featured in the new tool is an appendix listing links to information about privacy and security standards that help support interoperable health data exchange. That appendix, for example, includes a link to the HHS Office for Civil Rights' HIPAA Security Rule Crosswalk to the National Institute of Standards and Technology's Cybersecurity Framework.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.