Security: An HIE Success Factor

Making Sure Privacy, Security Are 'Not an Afterthought'
Security: An HIE Success Factor
A key to the success of emerging healthcare information exchanges is to build trust among physicians and consumers alike by paying close attention to privacy and security issues, says Irene Koch, executive director of the Brooklyn Health Information Exchange.

Privacy and security are "absolutely essential to everything that a health information exchange does," she stresses. The issues should be tackled as HIEs develop and deploy new functions and technical features, she contends.

Treating privacy and security as an afterthought, she stresses, "is a real mistake."

Up and Running

This spring, BHIX, initiated in 2007, relaunched using new technologies from Initiate Systems, now a unit of IBM Corp.; InterSystems Corp.; and Dell Inc.

Participants include seven hospitals, four home health agencies, eight nursing homes and four payer organizations, among others.

In the first phase of the relaunch, users gain access to patient information through a centralized portal. For example, physicians can gain read-only access to key information on patients they're treating in a hospital emergency department.

In the months to come, the exchange will enable physicians to "push a button" within their electronic health records system to retrieve data from others via BHIX.

Security Measures

The exchange encrypts all messages and verifies the identities of all senders and recipients.

Eventually, BHIX will link to other emerging HIEs in New York. So the leaders of all the exchanges are discussing how to ensure those links are secure, Koch says.

"And as we think of the national health information network that's developing, we really need to make sure that the privacy and security issues that get resolved in each region and each state then get harmonized with one another so that we can actually effectuate the kind of exchange we need to do," Koch says.

Under the HITECH Act, part of the federal economic stimulus package, states have received grants to help support HIE efforts. This support of exchanges is in tandem with federal incentive payments to physicians and hospitals for the use of electronic health records.

A new federal task force is creating recommendations for privacy and security policies for HIEs.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.