1 Privacy and Security Tiger Team Meeting Discussion Materials Topics Patient Authentication Hearing Questions for RFC on Meaningful Use Stage 3 October.

Slides:



Advertisements
Similar presentations
Quality Measures Vendor Tiger Team January 30, 2014.
Advertisements

ONC Policy and Program Update Health IT Standards Committee Meeting February 20, 2013 Jodi Daniel, Office of Policy and Planning, ONC.
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
Connecticut Ave NW, Washington, DC Understanding Patient Engagement in Stage 2 MU: Direct, HIPAA, VDT, and Patient Engagement.
Recommendations on Certification of EHR Modules HIT Standards Committee Privacy and Security Workgroup April 11, 2014.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
Privacy and Security Tiger Team Today’s Discussion: Virtual Hearing on Accounting of Disclosures August 8, 2013.
Interoperability Roadmap Comments Package Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair February 24, 2015.
Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.
Meaningful Use Jacqueline L. Candelaria ABQ Area Program Analyst April 25, 2012.
Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair April 27, 2015.
MU Stage 3 Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair May 7, 2015.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
ONC Policy and Program Update Health IT Standards Committee Meeting July 17, 2013 Jodi Daniel Director, Office of Policy and Planning, ONC 0.
August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)
Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 20,
HIT Standards Committee Hearing on Trusted Identity of Patients in Cyberspace November 29, 2012 Jointly sponsored by HITPC Privacy and Security Tiger Team.
Model Children’s EHR Format Erin Grace, MHA Senior Manager, Health IT AHRQ 2012 Annual Conference Session #97: Improving Quality of Care for Children Bethesda,
Privacy and Security Tiger Team Subgroup Discussion: MU3 RFC July 29, 2013.
ONC Policy and Program Update Health IT Policy Committee Meeting January 14, 2014 Jodi Daniel, Director Office of Policy and Planning.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Cross Vendor Exchange Testing and Certification Plans April 18, 2013 Meaningful Use Stage 2 Exchange Summit Avinash Shanbhag, ONC.
HITSC Workplan: April Update April 17, 2013 Doug Fridsma, MD, PhD, FACP, FACMI Chief Science Officer & Director, Office of Science & Technology.
Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.
Authentication, Access Control, and Authorization (1 of 2) 0 NPRM Request (for 2017) ONC is requesting comment on two-factor authentication in reference.
Privacy and Security Tiger Team Today’s Discussion: Query/Response Scenarios for Health Information Exchange and MU3 RFC Comments April 30, 2013.
Privacy and Security Tiger Team Today’s Discussion: MU3 RFC Comments May 8, 2013.
Series 1: “Meaningful Use” for Behavioral Health Providers 9/2013 From the CIHS Video Series “Ten Minutes at a Time” Module 3: Core Objectives/Measures.
Electronic Submission of Medical Documentation (esMD) Author of Record Workgroup Wednesday, July 18,
Patient Generated Data Hearing Summary of Presentations, Discussions, and Blog Responses.
HIT Standards Committee Privacy and Security Workgroup: Initial Reactions Dixie Baker, SAIC Steven Findlay, Consumers Union June 23, 2009.
SIM- Data Infrastructure Subcommittee November 14, 2013.
Data Gathering HITPC Workplan HITPC Request for Comments HITSC Committee Recommendations gathered by ONC HITSC Workgroup Chairs ONC Meaningful Use Stage.
Larry Wolf, chair Marc Probst, co-chair Certification / Adoption Workgroup March 19, 2014.
Utilizing the CMS Security Risk Assessment Tool Liz Hansen, PCMH CEC, ICD-10 PMC Special Consultant, GA-HITEC Member Manager, GaHIN
Meaningful Use Security Risk Analysis Passing Your Audit.
EHR-S Functional Requirements IG: Lab Results Interface Laboratory Initiative.
Privacy and Security Tiger Team Today’s Discussion: Query/Response Scenarios for Health Information Exchange February 21, 2013.
Project Life Cycle – Project Initiation © Ed Green Penn State University All Rights Reserved.
Privacy and Security Tiger Team Today’s Discussion: Query/Response Scenarios for Health Information Exchange March 12, 2013.
Notice of Proposed Rulemaking (NRPM) Comments Privacy and Security Workgroup Deven McGraw, Chair Stanley Crosley, Co-chair May 18, 2015.
Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topic Recommendations on Trusted Identities for Providers in Cyberspace August 6,
Privacy and Security Tiger Team Today’s Discussion: Virtual Hearing Planning on Non-Targeted Query and Response and MU3 RFC Subgroup June 17, 2013.
1 Privacy and Security Tiger Team Meeting Discussion Materials Today’s Topics Governance RFI Prioritized Questions June 4, 2012.
Privacy and Security Tiger Team Today’s Discussion: Query/Response Scenarios for Health Information Exchange and MU3 RFC Comments Summary April 15, 2013.
Larry Wolf, chair Marc Probst, co-chair Certification / Adoption Workgroup March 6, 2014.
Working with HIT Systems
Larry Wolf Certification / Adoption Workgroup May 13th, 2014.
Query Health Distributed Population Queries Implementation Group Meeting October 11, 2011.
Cris Ross, co-chair Anita Somplasky, co-chair December 1, 2015 Certified Technology Comparison (CTC) Task Force.
Privacy and Security Tiger Team Trusted Identity of Patients in Cyberspace Initial Impressions on November 29 Hearing December 5, 2012.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
HITPC - Information Exchange Work Group Meaningful Use Stage 3 Subgroup 2: Care Coordination and Patient and Family Engagement Co-Chairs: Jeff Donnell.
Creating an Interoperable Learning Health System for a Healthy Nation Jon White, M.D. Acting Deputy National Coordinator Office of the National Coordinator.
HIT Standards Committee Privacy and Security Workgroup Standards and Certification Requirements for Certified EHR Modules Dixie Baker, Chair Walter Suarez,
Privacy and Security Tiger Team Potential Questions for Request for Comment Meaningful Use Stage 3 October 3, 2012.
Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014.
S&I FRAMEWORK PROPOSED INITIATIVE SUMMARIES Dr. Douglas Fridsma Office of Interoperability and Standards December 10, 2010.
Final Rule Regarding EHR Certification Flexibility for 2014 Today’s presenters: Al Wroblewski, Client Services Relationship Manager Thomas Bennett, Client.
Data Gathering HITPC Workplan HITPC Request for Comments HITSC Committee Recommendations gathered by ONC HITSC Workgroup Chairs ONC Meaningful Use Stage.
Public Health Reporting Initiative July 25, 2012.
ACWG Charge Make recommendations to the Health IT Policy Committee on how HHS policies and programs can advance the evolution of a health IT infrastructure.
Automate Blue Button Initiative Pull Workgroup Meeting December 13, 2012.
Query Health Operations Workgroup Standards & Interoperability (S&I) Framework October 13, :00am – 12:00pm ET.
MAPIR 5.7 Walk-Through Vermont Medicaid Electronic Health Record (EHR) Incentive Program May 25, 2016.
Higher Education’s Role in the Identity Ecosystem
EHRs and HIPAA: Steps to Maintain Privacy and Security of Patient Data
Objectives Describe the purposes of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 Explore how the HITECH Act.
CyberSecure: Your Medical Practice
Presentation transcript:

1 Privacy and Security Tiger Team Meeting Discussion Materials Topics Patient Authentication Hearing Questions for RFC on Meaningful Use Stage 3 October 1, 2012

Overview Provide an update and obtain input on plans for the Oct. 29 hearing on Patient Authentication Obtain input from the Tiger Team on questions to include in the Request for Comment (RFC) on Meaningful Use (MU) Stage 3 –Strawman questions are on slides 7 through 9 –Tiger Team suggestions will be presented at the HITPC meeting on Wednesday Oct. 3 2

Patient Authentication Hearing Overview October 29, 2012; 12pm – 4pm Virtual hearing Identify and explore issues related to patient authentication, including –Misuse/Fraud –ID Proofing issues (attributes, in-person, delegated, etc.) –Authentication issues (two-factor, credentialing, third-party, etc.) –Usability (complexity for patients, etc.) Broad variety of panelists representing both health care sector and other industries Using the FACA blog to get patient stories and potentially locate a good patient witness 3

Hearing Panel Descriptions Introduction –Frame issues, including implications for MU Stage 3 Panel One – “About patient authentication” –Address why authentication is important –Explore patient/consumer perspectives as well as lay out the key issues Panel Two – “Patient authentication now” –Learn what holders of patient health information are doing now w/r/t authentication Panel Three – “Authentication solutions on the horizon” –Explore what solutions being developed, for patients (Blue Button) as well as in other industries 4

Proposed Hearing Panelists Panel One – “About patient authentication” –LiveStrong - confirmed –Patient –Immunization Registry –NIST migrant project –Kantara - confirmed –Direct Trust - confirmed Panel Two – “Patient authentication now” –HealthVault - confirmed –ProHealth MD –VA, MyHealtheVet –Intuit Health - confirmed –Small provider –Quest diagnostics - confirmed Panel Three – “Authentication solutions on the horizon” –Automate Blue Button / Rhex - confirmed –Enroll UX 2014 / CMS –PayPal –Wells Fargo –DAON –USPS - confirmed 5

Proposed Hearing Agenda 12:00 p.m. Welcome and Roll Call - Mackenzie Robertson, ONC 12:02 p.m. Opening Remarks/Framing Hearing - Farzad Mostashari 12:15 p.m. Panel One – “About Patient Authentication “ 5 Panelists (5 - 7 minutes each, 30 minute Q&A – 60 minutes total) 1:15 p.m.Panel Two – “Patient Authentication Now” 5 panelists (5 - 7 minutes each, 30 minute Q&A – 60 minutes total) 2:15 p.m.Break 2:30 p.m. Panel Three – “Authentication Solutions on the Horizon” 5 panelists (5 – 7 minutes each, 30 minute Q&A – 60 minutes total) 3:30 p.m. Discussion 25 minutes for discussion of issues raised during panels 3:55 p.m. Public Comment 4:00 p.m. Adjourn 6

Straw Questions: RFC on MU Stage 3 (1 of 3) 1.Should the next phase of certification criteria include capabilities to authenticate provider users at LoA 3 for remote access? –If so, how would the criterion/criteria be described, given the optionality permitted under NIST for authenticating at LoA 3? –What impact (if any) would certification of EHRs for this functionality have on national efforts (through NSTIC) to establish portable, high level credentials that clinicians and other EHR users can use in multiple settings? 7

Straw Questions: RFC on MU Stage 3 (2 of 3) 2.The requirement in Stage 1 that EPs/EHs/CAHs attest to completing a HIPAA security risk assessment has been successful in getting health care providers covered by HIPAA (and participating in the MU program) to make this a priority. –The expectation is that the additional requirement in Stage 2 to attest to addressing encryption of data at rest in CEHRT will have a similar positive impact. –The Tiger Team is considering whether to make other HIPAA security rule provisions subject to specific attestation as part of Meaningful Use. –Which provisions are candidates for prioritizing as part of Meaningful use? 8

Straw Questions: RFC on MU Stage 3 (3 of 3) –For example, the requirement to make staff aware of the HIPAA Security Rule and to train staff on Security Rule provisions is one of the top 5 areas of noncompliance identified by the Office of Civil Rights over the past 5 years. The Tiger Team initially proposes to require providers to attest to having conducted the required education and training of staff as part of Meaningful Use Stage 3. We request your comments on this proposal. 9

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.