HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.

Slides:

Advertisements

Similar presentations

Manatt manatt | phelps | phillips New York State Health Information Technology Summit Initiative Overview and Update Rachel Block, Project Director United.

Advertisements

Health Information Technology and Privacy: Is There a Path to Consensus? February 29, 2008 Jodi. G. Daniel, J.D., M.P.H. Director, Office of Policy and.

HIT Policy Committee Federal Health IT Strategic Plan April 13, 2011 Jodi Daniel, ONC Seth Pazinski, ONC.

© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 1 The Goal of HIPAA: Administrative Simplification HIPAA for Allied Health.

Davis Wright Tremaine LLP Non-HIPAA Governmental Regulation of Healthcare Privacy and Security Sixteenth HIPAA Summit/The Privacy Symposium August 21,

Series 1: “Meaningful Use” for Behavioral Health Providers 9/2013 From the CIHS Video Series “Ten Minutes at a Time” Module 10: HIPAA Privacy & Security.

NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

HIT Policy Committee Meaningful Use Workgroup Update Paul Tang Palo Alto Medical Foundation George Hripcsak Columbia University December 15, 2009.

S&I Framework Provider Directories Initiative esMD Work Group October 19, 2011.

NHIN Direct Project Communications Work Group Message for State HIE/RECs August 30, 2010.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair August 19,

Privacy and Security in the Direct Context Session 6 April 12, 2010.

Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap – DRAFT Version 1.0 Joint FACA Meeting Chartese February 10, 2015.

Privacy and Security Workgroup: Big Data Public Hearing December 8, 2014 Deven McGraw, chair Stan Crosley, co-chair.

HIT Policy Committee Meaningful Use Workgroup Presentation Paul Tang, Chair Palo Alto Medical Foundation George Hripcsak. Co-Chair Columbia University.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

First Annual Summary of Privacy and Security Tiger Team Activities July 1, 2010 through September 30, 2013 Joy Pritts, Chief Privacy Officer.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Provider Authentication Recommendations November 19, 2010.

Navigating Privacy and Security Issues for HIE: A Consumer Perspective Deven McGraw Chief Operating Officer National Partnership for Women & Families

HIT Policy Committee Strategic Plan Workgroup Paul Tang, Chair Palo Alto Medical Foundation Jodi Daniel, Co-Chair ONC December 15, 2009.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair August 3,

Privacy and Security Tiger Team Subgroup Discussion: MU3 RFC July 29, 2013.

Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.

Exchange: The Central Feature of Meaningful Use Stage Meaningful Use and Health Care Innovation Conference Craig Brammer Office of the National.

Can We Have EHRs and Privacy Too? Dr. Alan F. Westin Professor of Public Law and Government Emeritus, Columbia University; Principal, Privacy Consulting.

Update on Federal HIT Legislation Kirsten Beronio Mental Health America.

Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.

1 Manatt Health Solutions NYS Office of Health Information Technology Transformation Academy Health State Health Research and Policy Interest Group 2008.

HIT Policy Committee NHIN Workgroup Introductory Remarks David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of Commerce,

HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.

HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 15,

State HIE Program Chris Muir Program Manager for Western/Mid-western States.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

HIT Policy Committee Privacy & Security Tiger Team Update Deven McGraw, Co-Chair Center for Democracy & Technology Paul Egerman, Co-Chair June 25, 2010.

HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.

Direct Project Update Arien Malec. First Production Usage Immunization data from Hennepin County Medical Center to Minnesota Department of Health via.

1.Summary of Needs Analysis 2.Summary of Action Plan 3.Systems Analysis between Microsoft SharePoint® and OpenText Content Server 4.System Recommendation.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair Patient Matching Recommendations February 2,

The Paradox in HIPAA Deven McGraw, JD, MPH, LLM Partner Manatt, Phelps & Phillips, LLP December 8, 2014.

HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 18,

HIT Standards Committee NHIN Workgroup Introductory Remarks Farzad Mostashari Office of the National Coordinator for Health IT Douglas Fridsma Office of.

HIT Policy Committee Report from HIT Standards Committee Privacy and Security Workgroup Dixie Baker, SAIC December 15, 2009.

ONC’s Proposed Strategy on Governance for the Nationwide Health Information Network Following Public Comments on RFI HIT Standards Committee Meeting September.

HIT Standards Committee Meaningful Use Workgroup Presentation to HIT Policy Committee on July 16, 2009 As Presented by:Paul Tang, Chair Palo Alto Medical.

HIT Policy Committee Privacy & Security Policy Workgroup Deven McGraw, Chair Center for Democracy & Technology Rachel Block, Co-Chair NYS Department of.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair October 20,

Mariann Yeager, NHIN Policy and Governance Lead (Contractor) Office of the National Coordinator for Health IT David Riley, CONNECT Lead (Contractor) Federal.

HIT Policy Committee Privacy and Security Tiger Team Deven McGraw, Chair Paul Egerman, Co-Chair July 21, 2010.

HIT Standards Committee Consumer/Patient Engagement Power Team Leslie Kelly Hall, Chair Health IT Standards Committee Meeting March 27, 2012.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

1 Overview of HIT Policy Committee’s Privacy Hearing Jodi Daniel, JD, MPH Director, Office of Policy and Research Office of the National Coordinator for.

Bringing Health Information to Life DAVID BLUMENTHAL, MD, MPP National Coordinator of Health Information Technology US Department of Health & Human Services.

Moving the National Health Information Technology Agenda Forward The Fourth Health Information Technology Summit March 28, 2007 Robert M. Kolodner, MD.

Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.

Creating an Interoperable Learning Health System for a Healthy Nation Jon White, M.D. Acting Deputy National Coordinator Office of the National Coordinator.

Overview of ONC Report to Congress on Health Information Blocking Presented to the Health IT Policy Committee, Task Force on Clinical, Technical, Organizational,

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

S&I FRAMEWORK PROPOSED INITIATIVE SUMMARIES Dr. Douglas Fridsma Office of Interoperability and Standards December 10, 2010.

First Annual Summary of Privacy and Security Tiger Team Activities July 1, 2010 through September 30, 2013 Joy Pritts, Chief Privacy Officer.

Data Gathering HITPC Workplan HITPC Request for Comments HITSC Committee Recommendations gathered by ONC HITSC Workgroup Chairs ONC Meaningful Use Stage.

An Unprecedented Opportunity: Using Federal Stimulus Funds to Advance Health IT in California Testimony of Sam Karp, Vice President of Programs California.

Sachin H. Jain, MD, MBA Office of the National Coordinator for Health IT United States Department of Health and Human Services The Nation’s Health IT Agenda:

Standards and the National HIT Agenda John W. Loonsk, MD

Health IT Policy Committee Workgroup Evolution

American Health Information Management Association

Concerns of a Privacy Advocate – and How to Respond

Healthcare Privacy: The Perspective of a Privacy Advocate

Data and Interoperability:

Non-HIPAA Governmental Regulation of Healthcare Privacy and Security

Presentation transcript:

HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology Transformation NYS Department of Health April 21, 2010

Current Focus Privacy protections for electronic health information exchange, including but not limited to the role of consumer choice No specific recommendations will be presented today. Today’s presentation: update on recent discussions and opportunity to receive Policy Committee feedback Goal is to present specific recommendations at May Policy Committee meeting 2

Privacy and security for electronic health information exchange Privacy and security are foundational to achieving meaningful use of health IT. A comprehensive set of privacy and security protections that build on current law and more specifically implement the principles in the Nationwide Privacy and Security Framework is critical to building the foundation of trust that will support and enable meaningful use by providers, hospitals and consumers and patients. Electronic health information exchange to meet “meaningful use” may take place in a number of ways, and what is needed to build and maintain public trust may vary based on how exchange occurs. One key question to consider: what are the reasonable expectations of the consumer/patient? 3

One-to-One Exchange When an EP or Hospital is engaging in one-to-one exchange to meet the Stage 1 criteria for meaningful use (per the NPRM), no additional individual consent/authorization requirements should be imposed beyond those that would otherwise apply under state or federal law. –Assumes that an “intermediary” is merely facilitating the transfer of the data to the intended recipient and does not have access to data beyond what is reasonably needed to transport from point A to point B. –Exploring the types of data that may be accessed in a transport Consistent with patient/consumer expectations Still need policies (secure transport, access to data, etc.) 4

Exchange using HIOs & similar structures More robust set of policies likely needed covering issues such as: –Who can access data (message &/or payload) and for what purposes (particularly beyond treatment of an individual) –Data retention and secondary use –Security policies/standards –Accountability/oversight –Consumer choice Build on HIPAA “business associate” provisions Determining what functions/features “trigger” more robust set of requirements (such as extent of data access & use, purposes for data access & use, features beyond reasonable consumer expectations) 5