Interim Final Rule on Data Standards and Certification Criteria DRAFT – WORK IN PROGRESS (11/4/09)

Slides:



Advertisements
Similar presentations
Meaningful Use and Health Information Exchange
Advertisements

1 HIT Standards Committee Privacy and Security Workgroup: Reformatted Standards Recommendations & Implementation Guidance Dixie Baker, SAIC Steven Findlay,
IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.
Dedicated to Hope, Healing and Recovery 0 Dec 2009 Interim/Proposed Rules Meaningful Use, Quality Reporting & Interoperability Standards January 10, 2010.
IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.
NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.
INTERNATIONAL HEALTHCARE STANDARDS LANDSCAPE
ARRA Meaningful Use Update Mount Auburn Hospital Information Systems Update March 2011.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,
1 Sep 15Fall 05 Standards in Medical Informatics Standards Nomenclature Terminologies Vocabularies.
2014 Certification Criteria associated with MU Menu Stage 2: 2014 Certification Criteria associated with MU Core Stage 2: 2014 Certification Criteria associated.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
Presented By LeRoy Jones – Chief Executive January,
Companion Guide to HL7 Consolidated CDA for Meaningful Use Stage 2
The Standards Rule and the NPRM for Meaningful Use John D. Halamka MD.
HITSP: Where we’ve been Where we are and Where we’re going John D. Halamka MD.
August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
2010 UBO/UBU Conference Health Budgets & Financial Policy Briefing: ARRA ARRAn't You Going to Make Some Changes Too? Date: 23 March 2010 Time: 1010–1100.
Meaningful Use Measures. Reporting Time Periods Reporting Period for 1 st year of MU (Stage 1) 90 consecutive days within the calendar year Reporting.
The Final Standards Rule John D. Halamka MD. Categories of Standards Content Vocabulary Privacy/Security.
Initial slides for Layered Service Architecture
IHE Patient Care Coordination (PCC) Technical Framework Supplement Patient Plan of Care (PPOC)
Steve Posnack, MHS, MS, CISSP Director, Federal Policy Division Proposed Rule Standards & Certification Criteria 2014 Edition.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.
7 February 2005IHE Europe Educational Event 1 Audit Trail and Node Authentication Integrating the Healthcare Enterprise G. Claeys Agfa Healthcare R&D Vendor.
NWH TRANSITION OF CARE DOCUMENT FOR MU STAGE 2 JUNE 6, 2014.
Our Joint Playing Field: A Few Constants Change Change Our missions (if defined properly) Our missions (if defined properly) Importance of Community Engagement.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.
September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.
Standards Categories February 24, 2006 HITSP Inventory of Standards Inventories Committee Edits.
What Did I Work on in Washington? John Glaser April 16, 2010.
PHDSC session Readiness of public health information systems to support Meaningful Use of EHRs through health information exchanges.
September, 2005What IHE Delivers 1 Radiology Option for Audit Trail and Node Authentication IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert.
Working with Health IT Systems Component 7/ Unit 31Health IT Workforce.
Chapter 2 Standards for Electronic Health Records McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved.
Component 11: Configuring EHRs Unit 2: Meaningful Use of the Electronic Health Record (EHR) Lecture 1 This material was developed by Oregon Health & Science.
HIT Standards Committee Clinical Operations Workgroup Report Jamie Ferguson, Chair Kaiser Permanente John Halamka, Co-chair Harvard Medical School 20 August,
Unit 1b: Health Care Quality and Meaningful Use Introduction to QI and HIT This material was developed by Johns Hopkins University, funded by the Department.
MED INF HIT Integration, Interoperability & Standards ASTM E-31 January 14, 2010 By Imran Khan.
Bi-monthly call with NDIIC Joining Prepared for:SAMHSA – OBHITA Team Prepared by:Tony Calice FEI Systems FEI Systems Inc. Copyright All Rights.
HIT Policy Committee Adoption/Certification Workgroup Comments on NPRM, IFR Paul Egerman, Co-Chair Retired Marc Probst, Co-Chair Intermountain Healthcare.
Achieving Meaningful Use Quality Measures John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Education Workshop 2007 IHE IT Infrastructure Education John Moehrke GE Healthcare.
HIT Policy Committee Report from HIT Standards Committee Privacy and Security Workgroup Dixie Baker, SAIC December 15, 2009.
Component 11/Unit 2a Meaningful Use of the Electronic Health Record (EHR)
Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.
HIT Standards Committee Overview and Progress Report March 17, 2010.
HIT Standards Committee Clinical Operations Workgroup Jamie Ferguson Kaiser Permanente John Halamka Harvard University February 24, 2010.
Ongoing/Planned Activities for Week of 4/22 Initial feedback on UCR Crosswalk due COB 4/23 Hold working session to continue filling out the UCR Crosswalk.
HIT Standards Committee Clinical Operations Workgroup Report on Gaps and Next Steps Jamie Ferguson Kaiser Permanente John Halamka Harvard Medical School.
Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.
Ongoing/Planned Activities for Week of 4/29 Final UCR Crosswalk due COB 4/30 Hold two working sessions to complete UCR Crosswalk on 4/30 Hold working session.
Working with Health IT Systems Unit 3: Understanding Information Exchange in HIT Systems This material was developed by Johns Hopkins University, funded.
Privacy and Security Tiger Team Potential Questions for Request for Comment Meaningful Use Stage 3 October 3, 2012.
Use Case 2 – CDS Guidance Service Transactions CDS Guidance Requestor 2. CDS Response (Clinical Data, Supporting Evidence, Supporting Reference, Actions,
Proposed S&I Public Health Reporting Initiative 1 Challenge -There is a lack of harmonized activities to enable electronic data exchange between clinical.
Cross-Enterprise User Authentication Year 2 March 16, 2006 Cross-Enterprise User Authentication Year 2 March 16, 2006 John F. Moehrke GE Healthcare IT.
Terminology in Healthcare and Public Health Settings Electronic Health Records Lecture a – Introduction to the EHR This material Comp3_Unit15 was developed.
Pharmacy Health Information Technology Collaborative Date: April 28, 2016 Presenter:Shelly Spiro, RPh, FASCP Pharmacy HIT Collaborative Executive Director.
HIT Policy Committee Health Information Exchange Workgroup Comments on Notice of Proposed Rule Making (NPRM) and Interim Final Rule (IFR) Deven McGraw,
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 2 Clinical Information Standards – Unit 3 seminar Electronic.
IT Infrastructure Plans
Radiology Option for Audit Trail and Node Authentication Robert Horn
Integrating the Healthcare Enterprise
Introduction to Health Care and Public Health in the U.S.
Health Information Exchange Interoperability
Electronic Health Record Access Control 7
Presentation transcript:

Interim Final Rule on Data Standards and Certification Criteria DRAFT – WORK IN PROGRESS (11/4/09)

Principles that Guide Certification Criteria and Standards Certification Criteria – Assure providers that EHR can support Meaningful Use – Key capabilities that can be tested objectively – Minimal set -- supports innovation Standards – Incrementally build the capacity (progressive) – Recognize common methods for secure transport – Push industry to adopt specific terminologies – Require strong security functionality, but allow future industry advances to satisfy requirements 2

Illustrative Crosswalk 3 Meaningful Use Objectives Meaningful Use Objectives Certification Criteria Standards E-Rx Capability to E-Rx must be included NCPDP SCRIPT 8.1/10.6 must be used NCPDP SCRIPT 8.1/10.6 must be used Provide Patient Summary Record Capability to electronically transmit a patient summary record must be included Continuity of Care Document (CCD) or Continuity of Care Record (CCR) must be used plus vocabulary standards Electronically Submit Data to Immunization Registries Capability to electronically transmit immunization data must be included HL or HL and CVX Code Set HL or HL and CVX Code Set

Organization of the IFR 4 Initial set of standards are organized into four categories as recommended by HIT Policy and Standards Committees: Content Exchange Standards (i.e., standards used to share clinical information such as clinical summaries, prescriptions, and structured electronic documents); Vocabulary Standards (i.e., standard nomenclature used to describe clinical problems and procedures, medications, and allergies); Transport Standards (i.e., standards used to establish the communication protocol between systems); and Privacy and Security Standards (e.g., authentication, access control, transmission security – encryption) which relate to and span across all of the other types of standards.

Interim Standards 5 AreaHIT Standards Cmte recommendations Stage 1/2011Current IFR Stage 2/2013 Content Exchange or Package Patient summary data packageCCD, CDA template, or HL CCD or CCRAlternatives expected to be narrowed based on HIT Stds Committee recommendations E-prescribing data packageNCPDP SCRIPT 8.1/10.6 NCPDP SCRIPT 10.6 Lab data reporting to public health agencies package HL Potentially newer versions, based on HIT Stds Cmte Recommendations Administrative data packageX A1 and NCPDP 5.1 and CAQH CORE X and NCPDP D.0 and CAQH CORE Public Health Surveillance and Reporting HL , HL Potentially newer versions, based on HIT Stds Cmte recommendations Immunization Reporting to registriesHL , HL Potentially newer versions, based on HIT Stds Cmte recommendations Quality ReportingCMS CDA and respective template lib. specifications CMS PQRICMS CDA and respective template library specifications

Interim Standards 6 AreaHIT Standards Cmte recommendations Stage 1/2011Current IFR Stage 2/2013 Vocabulary (codify content) Problem ListSNOMED CT or ICD-9 SNOMED CT or ICD-10 ProceduresCPT-4 or ICD-9 CPT-4 or ICD-10 Vital SignsLocal or proprietary codes or candidate Stage 2 standard No specific standard specifiedCDA template Units of MeasureLocal or proprietary codes or candidate Stage 2 standard No specific standard specifiedUCUM Medication AllergiesLocal or proprietary codes or candidate Stage 2 standard No specific standard specifiedUNII Medication ListsLocal or proprietary codes or candidate Stage 2 standard Any code set by an RxNorm drug data source provider that is identified by NLM as being a complete data set integrated within RxNorm RxNorm Lab Orders and ResultsLocal or proprietary codes or candidate Stage 2 standard Ability to accept LOINC codesLOINC Electronic PrescribingLocal or proprietary codes or candidate Stage 2 standard Any code set by an RxNorm drug data source provider that is identified by NLM as being a complete data set integrated within RxNorm RxNorm Public Health Surveillance or ReportingAccording to applicable public health agency requirements GISPE or according to applicable public health agency requirements ImmunizationsCVX

Interim Standards 7 Area HIT Standards Cmte recommendations Stage 1/2011 Current IFR Stage 2/2013 Transport, Security, and Privacy - 1 TransportREST or SOAP Future standards TBD by HIT Stds Committee Encryption and Decryption of Electronic Health Information at Rest FIPS 197 Advanced Encryption Standard, (AES), Nov 2001* A symmetric 128 bit fixed-block cipher algorithm capable of using a 128, 192, or 256 bit encryption key must be used (e.g., FIPS 197 Advanced Encryption Standard, (AES), Nov 2001). Future standards TBD by HIT Stds Committee Encryption and Decryption of Electronic Health Information for Exchange IETF Transport Layer Security (TLS) Protocol: RFC 2246, RFC 3546 An encrypted and integrity protected link must be implemented (e.g., TLS, IPv6, IPv4 with IPsec). Future standards TBD by HIT Stds Committee Record and Examine Activity in Information Systems that Contain or Use Electronic Health Information (audit log)  IHE ITI-TF Revision 4.0 or later, Audit Trail and Node Authentication (ATNA) Integration Profile; and  ASTM E2147, Section 7 The date, time, patient identification (name or number), and user identification (name or number) must be recorded when electronic health information is created, modified, deleted, or printed. An indication of which action(s) occurred must also be recorded (e.g., modification). * Already published in HHS guidance regarding breach notification as a safe harbor (i.e., if you encrypt using this standard, and you have a breach, you don’t need to report it)

Interim Standards 8 Area HIT Standards Cmte recommendations Stage 1/2011 Current IFR Stage 2/2013 Transport, Security, and Privacy (cont) Corroborate that Electronic Health Information Has Not Been Altered or Destroyed in Transit FIPS PUB with change notice to include SHA August, SHA-2 Family (SHA-1 excluded) A secure hashing algorithm must be used to verify that electronic health information has not been altered in transit. The secure hash algorithm used must be SHA-1 or higher (e.g., Federal Information Processing Standards (FIPS) Publication (PUB) Secure Hash Standard (SHS) FIPS PUB 180-3). Future standards TBD by HIT Stds Committee Authentication  IHE ITI-TF Revision 5.0 or later, Enterprise User Authentication (EUA) Profile; and  IHE ITI-TF Volume 2 Supplement Cross Enterprise User Assertion (XUA) Use of a cross-enterprise secure transaction that contains sufficient identity information such that the receiver can make access control decisions and produce detailed and accurate security audit trails (e.g., IHE Cross Enterprise User Assertion (XUA) with SAML identity assertions). Future standards TBD by HIT Stds Committee Record Treatment, Payment, and Health Care Operations Disclosures  IHE ITI-TF Revision 4.0 or later, Audit Trail and Node Authentication (ATNA) Integration Profile; and  ASTM E2147, Section 8 The date, time, patient identification (name or number), user identification (name or number), and a description of the disclosure must be recorded. Future standards TBD by HIT Stds Committee

Building the Foundation for Certified EHR Technology 9

Questions? 10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.