TRENDING:

HIE Governance Comments Sought

Workgroup Revamping Its NHIN Recommendations Howard Anderson (ismg_editor) • December 2, 2010    
HIE Governance Comments Sought
A workgroup that's going back to the drawing board to devise recommendations for a governance body to oversee health information exchanges is seeking advice as it weighs options.

The governance workgroup has spent weeks crafting complex, detailed guidelines for governing HIEs to verify that they meet federal standards, including those for privacy and security. But at a meeting of the Health IT Policy Committee on Nov. 19, the workgroup was asked to continue its efforts to clarify just how an organization validating HIE compliance would do its job.

As a result, the workgroup is seeking health information exchange governance comments on such topics as:

  • What governance responsibilities should be handled by the federal government and what should be delegated to others?
  • Should there be an overarching validation entity to accredit other certification or accreditation bodies?
  • Are there critical needs that require a coordinating/implementation support governance mechanism be established soon? If so, should this role be handled by a federal advisory committee or though some sort of public/private or non-government approach?

Comments are due by Dec. 8.

NHIN Standards

The HITECH Act, which provided states with funds to spur development of statewide HIEs, also called for development of the Nationwide Health Information Network. NHIN is not an actual network, but "a set of policies, standards and services that enable the Internet to be used for secure and meaningful exchange of health information," according to the official government definition.

The idea behind NHIN is to pave the way for the exchange of electronic health records and other information coast-to-coast by linking various HIEs and other networks that all adhere to the same standards.

To make NHIN work, someone needs to offer a "seal of approval" that an HIE meets the NHIN standards, including those for privacy and security. HITECH requires federal regulators to issue a rule on NHIN governance, but that's been delayed until next year.

HIE Governance Details Sought

At the Nov. 19 Health IT Policy Committee meeting, David Blumenthal, M.D., national coordinator for health IT for the Department of Health and Human Services, instructed the workgroup to add more details to its proposals and present them more clearly as a series of choices.

For example, the workgroup called for Blumenthal's office to designate a non-government organization to validate that HIEs meet "conditions of trust and interoperability." And that organization could, in turn, designate others to lend a hand with validation.

Several committee members wanted to know far more about how this validation process would work and suggested that perhaps a government agency should handle it.

"My real heartburn comes with having a central validating body that's a private organization," said Deven McGraw, a committee member who is director of the health privacy project at the Center for Democracy & Technology. "I can't move forward on the recommendation for a central, private validating authority without a lot more detail about what that would look like."

The governance workgroup will meet again Dec. 10, and the next HIT Policy Committee meeting is Dec. 13.

Previous
Case Study: A Health Record Bank Pilot
Next
Where the Jobs Are: 2011

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.