Presentation is loading. Please wait.

Presentation is loading. Please wait.

Health Information Security and Privacy Collaborative (HISPC) Overview

Published byKaren Cannon Modified over 5 years ago

Similar presentations

Presentation on theme: "Health Information Security and Privacy Collaborative (HISPC) Overview"— Presentation transcript:

1 Health Information Security and Privacy Collaborative (HISPC) Overview
John K. Evans Mike Berry VHITP Workgroup Call – April 4, 2007

2 Health Information Security and Privacy Collaboration Initiative
HISPC’s Goals for the Privacy and Security Assessment Project 1. Identify and develop best practices to: Resolve barriers to health information exchange Propose solutions to address identified challenges 2. Get stakeholders involved, participating and contributing Seek consensus-based solutions and implementation plans in communities to increase local expertise about health information privacy and security protection 3. Support collaboration within and among states to: Foster stakeholder participation Maximize knowledge exchange Identify common solutions

3 Stakeholder Groups Pharmacies Clinicians Long-term care facilities
Nursing homes Homecare and hospice Correctional facilities Professional associations and societies Medical and public health schools State government entities Clinicians Physician groups Federal health facilities Hospitals Payers (including employers that sponsor health plans) Public health agencies Community clinics Labs Individual consumers and consumer organizations

4 Consumer Focus Groups What is consumers' level of knowledge and assumptions about what is currently happening with PHI and health information exchange (HIE)? How do they feel about the benefits of HIE vs. the risk that the information could be misused? What are their thresholds for and views about authentication, audit, and access control? What needs to be in place (i.e., protections) in order for consumers to feel comfortable about their PHI being shared? If their PHI were available to them electronically, would they make use of it themselves, and how? What is the best way for them to learn/be educated about PHI and HIE? In short, what are their concerns and what are solutions?

5 HISPC Tasks 1. Assess variation in organization-level business policies and state laws Interim assessment of variation report 2. Formulate interim solutions and implementation plan Interim analysis of solutions report Interim implementation plan report

6 Major Themes: Variations
Infrastructure needed to support interoperability greatly lacking. Infrastructure needed to support intraoperability greatly lacking. Entity authentication procedures are highly variable and are not reliable. Redundancy and inconsistency of consent between entities to exchange health information to treat patient.

7 Major Themes: Variations
There is a wide variation in the ways in which payers interface with health care entities. IRB oversight includes a review of how information will be stored, but not necessarily exchanged. There is some disagreement among stakeholders that they would or would not obtain PHI under specific scenarios.

8 Major Themes: Variations
HR departments are dealing with issues of access control, security of physical plant and packaging of PHI as it relates to employee records, specifically related to ADA compliance, Family Leave and return to work related laws and policies. The granularity, complexity and thoroughness of privacy and security measures is related to the amount of PHI that is exchanged and/or the sensitive nature of the health conditions. Under urgent circumstances PHI is shared more readily without patient consent.

9 Solutions  Implementation Plan
State-proposed solutions Education Infrastructure Framework for Privacy & Security Technology Requirements Solutions for Role-based Access Control Patient Control “Break the Glass” National-level recommendations Correlating Patient Records Patient Consent

10 Implementation Deliverables
Identify barrier Provide solution overview Summary of effective practices Planning assumptions and decision Implementation scope: Ownership and responsibilities Identification of required tasks Timeline and milestones Projected costs and required resources Possible barriers Impact on affected stakeholders Means of tracking, measuring and reporting progress

11 HIE Commission Concept
Concept of an independent entity raised in 4 solutions Consistent with HIT Plan VHITP Principles: I: Vermonters will be confident that their health care information is secure and private and accessed appropriately. 32: Plan as a Living, Evolving Document

12 Next Steps Final Solutions Report Meet with VITL Executive Committee
Final Implementation Report Questions or Comments Welcome

Download ppt "Health Information Security and Privacy Collaborative (HISPC) Overview"

Similar presentations

National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.

Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.
HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.

HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.
Longitudinal Coordination of Care (LCC) Workgroup (WG)

Longitudinal Coordination of Care (LCC) Workgroup (WG)
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.

NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.

1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.

Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.
RTI International is a trade name of Research Triangle Institute 3040 Cornwallis Road ■ P.O. Box 12194 ■ Research Triangle Park, North Carolina, USA 27709.

RTI International is a trade name of Research Triangle Institute 3040 Cornwallis Road ■ P.O. Box ■ Research Triangle Park, North Carolina, USA
The Patient as Steward of Healthcare Data Managing Consent Preferences John D. Halamka MD Louis Sullivan Lecture.

The Patient as Steward of Healthcare Data Managing Consent Preferences John D. Halamka MD Louis Sullivan Lecture.
Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.
Principles of medical ethics Lecture (4) Dr. rawhia Dogham.

Principles of medical ethics Lecture (4) Dr. rawhia Dogham.
HIT Policy Committee Accountable Care Workgroup – Kickoff Meeting May 17, 2013 1:00 – 2:00 PM Eastern.

HIT Policy Committee Accountable Care Workgroup – Kickoff Meeting May 17, :00 – 2:00 PM Eastern.
HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.

HIE Implementation in Michigan for Improved Health As approved by the Michigan Health Information Technology Commission on March 4, 2009.
1 Health Information Security and Privacy Collaboration (HISPC) National Conference HISPC Contributions to Massachusetts HIE Privacy and Security Progress:

1 Health Information Security and Privacy Collaboration (HISPC) National Conference HISPC Contributions to Massachusetts HIE Privacy and Security Progress:
1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.

1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.
1 Creation of State Legislation to Protect and Facilitate Use and Exchange of Electronic Health Information Shelley Carter, RN, MCRP, MPH 1, Maggie Gunter,

1 Creation of State Legislation to Protect and Facilitate Use and Exchange of Electronic Health Information Shelley Carter, RN, MCRP, MPH 1, Maggie Gunter,
State Alliance for e-Health Conference Meeting January 26, 2007.

State Alliance for e-Health Conference Meeting January 26, 2007.
Steps for Success in EHR Planning Bill French, VP eHealth Strategies Wisconsin Office of Rural Health HIT Implementation Workshop Stevens Point, WI August.

Steps for Success in EHR Planning Bill French, VP eHealth Strategies Wisconsin Office of Rural Health HIT Implementation Workshop Stevens Point, WI August.

Similar presentations

Ads by Google