Thursday, June 17, 2010

Privacy & Security Standards Workgroup

The Privacy and Security Standards Workgroup of the HIT Standards Committee met on June 17, 2010.

The following are members of this Workgroup:

  • Dixie Baker, Chair, SAIC
  • Steve Findlay, Co-Chair, Consumers Union
  • Anne Castro, BCBS/South Carolina
  • David McCallie, Cerner
  • Gina Perez, Delaware HIE
  • Wes Rishel, Gartner
  • Sharon Terry, Genetic Alliance
  • Aneesh Chopra, OSTP/Chief Technology Officer
  • John Halamka, Harvard Medical School
  • John Moehrke, HITSP
  • Ed Larsen, HITSP
  • Walter Suarez, Kaiser Permanente
  • Andrew McLaughlin, OSTP

The workgroup is tasked with making recommendations to the HIT Standards Committee on specific privacy and security safeguards that should be included in the definition of Meaningful Use, with a specific focus on the eight (8) areas listed in Section 3002(b)(2)(B):

(1) Technologies that protect the privacy of health information and promote security in a qualified electronic health record, including for the segmentation and protection from disclosure of specific and sensitive individually identifiable health information with the goal of minimizing the reluctance of patients to seek care (or disclose information about a condition) because of privacy concerns, in accordance with applicable law, and for the use and disclosure of limited data sets of such information;

(2) A nationwide health information technology infrastructure that allows for the electronic use and accurate exchange of health information;

(3) The utilization of a certified electronic health record for each person in the United States by 2014;

(4) Technologies that as a part of a qualified electronic health record allow for an accounting of disclosures made by a covered entity (as defined for purposes of regulations promulgated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996) for purposes of treatment, payment, and health care operations (as such terms are defined for purposes of such regulations);

(5) The use of certified electronic health records to improve the quality of health care, such as by promoting the coordination of health care and improving continuity of health care among health care providers, by reducing medical errors, by improving population health, by reducing health disparities, by reducing chronic disease, and by advancing research and education;

(6) Technologies that allow individually identifiable health information to be rendered unusable, unreadable, or indecipherable to unauthorized individuals when such information is transmitted in the nationwide health information network or physically transported outside of the secured, physical perimeter of a health care provider, health plan, or health care clearinghouse;

(7) The use of electronic systems to ensure the comprehensive collection of patient demographic data, including, at a minimum, race, ethnicity, primary language, and gender information; and

(8) Technologies that address the needs of children and other vulnerable populations.

Below are the slides from a presentation by Mike Davis and David Staggs of the Department of Veterans Affairs:



This is the video referenced in the presentation above:

 

Previous Privacy and Security Standards Workgroup meetings:

5.21.2010

5.14.2010

4.1.2010

2.18.2010

1.26.2010

11.19.2009

1 comment:

  1. comScore, the parent company of RelevantKnowledge, has invested substantial resources in making our data collection and privacy practices the best they can possibly be. Recently, comScore's ScorecardResearch service earned the highest possible rating of 50 out of 50 for its online privacy practices by PrivacyChoice, a leader in privacy technology innovation. ScorecardResearch is a service offered by comScore, which also operates the RelevantKnowledge market research panel. If you have further questions about RelevantKnowledge, please visit our website: http://www.relevantknowledge.com/faq.aspx
    Thank you,
    RelevantKnowledge Customer Support Team

    ReplyDelete