First Annual Summary of Privacy and Security Tiger Team Activities July 1, 2010 through September 30, 2013 Joy Pritts, Chief Privacy Officer.

Slides:



Advertisements
Similar presentations
Quality Measures Vendor Tiger Team January 30, 2014.
Advertisements

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.
Connecticut Ave NW, Washington, DC Understanding Patient Engagement in Stage 2 MU: Direct, HIPAA, VDT, and Patient Engagement.
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
HIT Policy Committee Meaningful Use Workgroup Update Paul Tang Palo Alto Medical Foundation George Hripcsak Columbia University December 15, 2009.
HIT Policy Committee Information Exchange Workgroup Proposed Next Steps Micky Tripathi, Chair David Lansky, Co-Chair August 19, 2010.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Certificate Authority- Provider Authentication Recommendations.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair August 19,
Privacy and Security Workgroup October 14, 2014 Deven McGraw, chair Stan Crosley, co-chair.
Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair April 27, 2015.
MU Stage 3 Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair May 7, 2015.
HIT Policy Committee Meaningful Use Workgroup Presentation Paul Tang, Chair Palo Alto Medical Foundation George Hripcsak. Co-Chair Columbia University.
HIT Policy Committee Meaningful Use Workgroup Paul Tang, Palo Alto Medical Foundation, Chair George Hripcsak, Columbia University, Co- Chair December 13,
Privacy and Security Tiger Team Meeting Recommendations regarding a framework of security protections for EHRs December 7, 2011.
Privacy & Security Tiger Team: Accounting of Disclosures Recommendations December 4, 2013.
First Annual Summary of Privacy and Security Tiger Team Activities July 1, 2010 through September 30, 2013 Joy Pritts, Chief Privacy Officer.
Privacy and Security Tiger Team Comparison of Stage 2 Proposed Rules w/Health IT Policy Committee previous privacy & security recommendations Preliminary.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Provider Authentication Recommendations November 19, 2010.
Navigating Privacy and Security Issues for HIE: A Consumer Perspective Deven McGraw Chief Operating Officer National Partnership for Women & Families
HIT Policy Committee Strategic Plan Workgroup Paul Tang, Chair Palo Alto Medical Foundation Jodi Daniel, Co-Chair ONC December 15, 2009.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair August 3,
HIT Standards Committee Hearing on Trusted Identity of Patients in Cyberspace November 29, 2012 Jointly sponsored by HITPC Privacy and Security Tiger Team.
Privacy and Security Tiger Team Subgroup Discussion: MU3 RFC July 29, 2013.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Summary of 12/9 Hearing on Patient Matching December 13,
Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.
HIT Policy Committee Nationwide Health Information Network Governance Workgroup Recommendations Accepted by the HITPC on 12/13/10 Nationwide Health Information.
HIT Standards Committee Privacy and Security Workgroup: Standards for Consumer Engagement Dixie Baker, SAIC Steve Findlay, Consumers Union April 28, 2009.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair September 14,
Privacy and Security Tiger Team Today’s Discussion: MU3 RFC Comments May 8, 2013.
HIT Policy Committee Strategic Plan Workgroup Strategic Framework Paul Tang, Chair Palo Alto Medical Foundation Jodi Daniel, Co-Chair ONC March 17, 2010.
Privacy and Security Tiger Team Trusted Identity of Providers in Cyberspace Follow-Up Recommendations September 6, 2012.
Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.
HIT Policy Committee Governance Workgroup Update John Lumpkin, Robert Wood Johnson Foundation, Chair September 14, 2010.
HIT Policy Committee NHIN Workgroup Introductory Remarks David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of Commerce,
HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.
Clinical Documentation Hearing Recommendations Meaningful Use and Certification and Adoption Workgroups Paul Tang, MU Workgroup Chair Larry Wolf, C&A Workgroup.
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
HIT Policy Committee Privacy & Security Tiger Team Update Deven McGraw, Co-Chair Center for Democracy & Technology Paul Egerman, Co-Chair June 25, 2010.
HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Patient Matching Recommendations February 2,
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
HIT Policy Committee Meaningful Use Workgroup Paul Tang, Chair George Hripcsak, Co-Chair June 25, 2010.
Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.
HIT Standards Committee NHIN Workgroup Introductory Remarks Farzad Mostashari Office of the National Coordinator for Health IT Douglas Fridsma Office of.
Privacy & Security Tiger Team: Update on C/A workgroup recommendations for behavioral health & CEHRT May 6, 2014.
HIT Policy Committee Adoption Certification Workgroup Proposed Next Steps Paul Egerman, Chair Marc Probst, Co-Chair July 21, 2010.
HIT Policy Committee Information Exchange Workgroup Micky Tripathi, Massachusetts eHealth Collaborative, Chair David Lansky, Pacific Business Group on.
HIT Policy Committee Privacy & Security Policy Workgroup Deven McGraw, Chair Center for Democracy & Technology Rachel Block, Co-Chair NYS Department of.
Health Big Data Discussion Privacy and Security Workgroup Deven McGraw, Chair Stanley Crosley, Co-chair June 8, 2015.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair October 20,
Privacy and Security Tiger Team Trusted Identity of Patients in Cyberspace Initial Impressions on November 29 Hearing December 5, 2012.
HIT Policy Committee Meaningful Use Workgroup Update Paul Tang Palo Alto Medical Foundation George Hripcsak Columbia University January 13, 2010.
HIT Policy Committee Health Information Exchange Workgroup Deven McGraw, Center for Democracy & Technology Micky Tripathi, Massachusetts eHealth Collaborative.
HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair July 21, 2010.
1 Overview of HIT Policy Committee’s Privacy Hearing Jodi Daniel, JD, MPH Director, Office of Policy and Research Office of the National Coordinator for.
HIT Standards Committee Meaningful Use Workgroup Update Paul Tang, Palo Alto Medical Foundation, Chair George Hripcsak, Columbia University, Co- Chair.
Privacy and Security Tiger Team Potential Questions for Request for Comment Meaningful Use Stage 3 October 3, 2012.
HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.
Status Update Deven McGraw, Chair Center for Democracy & Technology Micky Tripathi, Co-Chair Massachusetts eHealth Collaborative May 19, HIT Policy.
Patient Engagement Today’s presenter:
HIT Standards Committee Implementation Workgroup Liz Johnson, Tenet Healthcare, Co-Chair Judy Murphy, Aurora Health Care, Co-Chair October 27, 2010.
HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.
© 2014 By Katherine Downing, MA, RHIA, CHPS, PMP.
HIT Policy Committee Health Information Exchange Workgroup Comments on Notice of Proposed Rule Making (NPRM) and Interim Final Rule (IFR) Deven McGraw,
Health IT Policy Committee Workgroup Evolution
American Health Information Management Association
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
CyberSecure: Your Medical Practice
Presentation transcript:

First Annual Summary of Privacy and Security Tiger Team Activities July 1, 2010 through September 30, 2013 Joy Pritts, Chief Privacy Officer

Privacy and Security Tiger Team 2 The Privacy and Security Tiger Team is a workgroup of the Health Information Technology Policy Committee (HITPC), a federal advisory committee. The Tiger Team is charged with making short-term and long- term recommendations to the HITPC on privacy and security policies and practices that will help build public trust in health IT and electronic health information exchange (HIE). Approved recommendations are sent to the Office of the National Coordinator for Health Information Technology (ONC) for possible action. – View additional information about the HITPC: researchers-implementers/health-it-policy-committeehttp:// researchers-implementers/health-it-policy-committee The Tiger Team was formed in 2010 to enable quick progress in advising ONC on critical privacy and security issues facing the nation as it moves toward the adoption of electronic health records (EHR) and HIE. – View additional information about the Tiger Team: committees-facas/privacy-security-tiger-team committees-facas/privacy-security-tiger-team

Tiger Team Members 3 As of September 30, 2013 Deven McGraw, Chair, Center for Democracy & Technology Paul Egerman, Co-Chair Dixie Baker, Martin, Blanck, and Associates Judy Faulkner, Epic Leslie Francis, University of Utah College of Law Gayle Harrell, Consumer Representative/Florida John Houston, University of Pittsburgh Medical Center David McCallie, Cerner Corporation Wes Rishel, Gartner Micky Tripathi, Massachusetts eHealth Collaborative Kitt Winter, Social Security Administration David Holtzman, OCR, Ex-Officio

Former Tiger Team Members 4 Christine Bechtel, National Partnership for Women & Families Rachel Block, NYS Department of Health Dan Callahan, Social Security Administration Neil Calman, Institute for Family Health Carol Diamond, Markle Foundation David Lansky, Pacific Business Group on Health Alice Leiter, National Partnership for Women & Families Latanya Sweeney, Carnegie Mellon University Adam Greene, OCR, Ex-Officio Verne Rinker, OCR, Ex-Officio

Foundation for Tiger Team Recommendations 5 *The Tiger Team used the formulation of the Fair Information Practice Principles (FIPPs) endorsed by the HIT Policy Committee and adopted by ONC in the Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information. Foundation for Tiger Team Recommendations*

Core Guiding Values 6 The relationship between the patient and his or her health care provider is the foundation for trust in health information exchange, particularly with respect to protecting the confidentially of personal health information. As key agents of trust for patients, providers are responsible for maintaining the privacy and security of their patients’ records. We must consider patient needs and expectations. Patients should not be surprised about or harmed by collections, uses, or disclosures of their information. Ultimately, to be successful in the use of health information exchange to improve health and health care, we need to earn the trust of both consumers and physicians. Core Guiding Values

Major Public Hearings 7 Accounting of Disclosures (September 30, 2013)* Non-Targeted Queries (June 24, 2013) Trusted Identity of Patients in Cyberspace** (November 29, 2012) Trusted Identity of Physicians In Cyberspace** (July 11, 2012) Patient Matching (December 9, 2010) Consumer Choice Technology (June 20, 2010) *Coordinated with National Committee on Vital and Health Statistics (NCVHS) and the HITSC Privacy and Security Workgroup **Joint hearing with HITSC Privacy and Security Workgroup Major Public Hearings

160 Total Tiger Team Recommendations recommendations were approved by the HITPC and transmitted to ONC 6 recommendations were withdrawn by the Tiger Team as no longer relevant due to ONC actions already taken 160 Total Tiger Team Recommendations

Recommendation by Health IT Topic 9 (154 Total) 154 Recommendations Transmitted to ONC

Recommendations by ONC 10 (154 Total) Recommendations Rooted in FIPPs

Recommendation Status by HHS Action 11 (154 Total) As of September 30, 2013 ONC Adopted over 50% of Recommendations

Recommendations Influenced Rulemaking Process 12 Meaningful Use Stage 1: ONC and CMS Meaningful Use Stage 2: ONC and CMS Meaningful Use Stage 3 Request for Comment The Common Rule Advanced Notice of Proposed Rulemaking (ANPRM) Recommendations also inform the Office of the Chief Privacy Officer (OCPO) comments on proposed federal rulemaking during the clearance process Recommendations Influenced Rulemaking Process

HITPC Recommendation 13 HITPC Recommendation: Sample Implementation in Policy and Technical Assistance HITPC recommendation: Include in MU Stage 1 requirement that eligible professionals and hospitals conduct a security risk assessment under HIPAA. ONC should provide appropriate guidance. ONC releases Security Risk Assessment Tool to Regional Extension Centers (RECs) providing technical assistance to professionals. July 2010 HHS releases final MU Stage 1 Rule requiring professionals and hospitals to attest to conducting or reviewing security risk assessment in order to receive payment.

Program Guidance Examples 14 Program Guidance examples include: – State Health Information Exchange (HIE) – Program Information Notice (PIN) – 002: Requirements and Recommendations – HIE – PIN – 003: Privacy and Security Framework Requirements Recommendations Influenced ONC Program Guidance

15 Data Segmentation for Privacy (DS4P)* Data Segmentation for Privacy (DS4P) eConsent Trial Project* eConsent Trial Project* Mobile Device Provider Education Mobile Device Provider Education Notice of Privacy Practices (NPP) Project* Provider and Staff Security Video Games* Provider and Staff Security Video Games mHealth Consumer/Patient Research Exemplar Health Information Exchange Governance Entities Program (Program) Funding Opportunity Exemplar Health Information Exchange Governance Entities Program (Program) Funding Opportunity The Query Health Initiative The Direct Project The Direct Project Blue Button FAQs* Blue Button FAQs Data Provenance Patient Matching Initiative *Indicates project was initiated in direct response to Tiger Team recommendations. ONC Projects Influenced by Recommendations ONC Projects

Nest Steps 16 Info Graphic – Visual overview Executive Summary – 2-page narrative Next Steps SAMPLE

Thank you 17 Thank You Privacy & Security Tiger Team MITRE Deven McGraw & Paul Egerman

Blank Slide

19 Back-Up Slides Back-up Slides

FIPPS 20 Individual Access – Individuals should be provided with a simple and timely means to access and obtain their health information in a readable form and format Correction – Individuals should be provided with a means to dispute the accuracy or integrity of their individually identifiable health information and to have erroneous information corrected or to have a dispute documented if their requests are denied Openness and Transparency – There should be openness and transparency about policies, procedures and technologies that directly affect individuals and/or their individually identifiable health information Individual Choice – Individuals should be provided a reasonable opportunity and capability to make informed decisions about the collection, use and disclosure of their individually identifiable Health Information Collection, Use and Disclosure Limitations – Individually identifiable health information should be collected, used and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately Data Quality and Integrity – Persons and entities should take reasonable steps to ensure that individually identifiable health information is complete, accurate and up-to-date to the extent necessary for the person’s or entity’s intended purposes and has not been altered or destroyed in an unauthorized manner Safeguards – Individually identifiable health information should be protected with reasonable administrative, technical and physical safeguards to ensure its confidentiality, integrity, and availability, and to prevent unauthorized or inappropriate access, use, or disclosure Accountability – These principles should be implemented, and adherence assured, through appropriate monitoring and other means and methods should be in place to report and mitigate non-adherence and breaches *The Tiger Team used the formulation of the Fair Information Practice Principles (FIPPs) endorsed by the HIT Policy Committee and adopted by ONC in the Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information. FIPPs

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.