Presentation is loading. Please wait.

Presentation is loading. Please wait.

HITSP Security and Privacy Work Group

Published byElmer Hodge Modified over 6 years ago

Similar presentations

Presentation on theme: "HITSP Security and Privacy Work Group"— Presentation transcript:

1 HITSP Security and Privacy Work Group
Requirements, Design and Standards Selection (RDSS) Town Hall Meeting Joyce Sensmeier MS, RN-BC, CPHIMS, FHIMSS Vice President, Informatics, HIMSS Johnathan Coleman, CISM, CISSP Principal, Security Risk Solutions, Inc. HITSP Security and Privacy Technical Committee Facilitator April 19, 2007

2 Agenda Relationship between HITSP, HISPC and CCHIT
HITSP Charter and Goals Harmonization Process Current Status of HITSP Security and Privacy Activities HITSP Security and Privacy Constructs under Consideration Security and Privacy RDSS Document Review Contact Information

3 A public-private “Community” was then established to serve as the focal point for America’s health information concerns and drive opportunities for increasing interoperability Healthcare Information Technology Standards Panel (HITSP) Nationwide Health Information Network Architecture Projects (NHIN) The Health Information Security and Privacy Collaboration (HISPC) The Certification Commission for Healthcare Information Technology (CCHIT) American Health Information Community HITSP includes 348 different member organizations and is administered by a Board of Directors 24 SDOs (7%) 247 Non-SDOs (71%) 30 Govt. bodies (9%) 12 Consumer groups (3%) 36 Project Team and Undeclared (10%) The Community is a federally-chartered commission and will provide input and recommendations to HHS on how to make health records digital and interoperable, and assure that the privacy and security of those records are protected, in a smooth, market-led way.

4 The HITSP team is charged with completing eleven different tasks, with current efforts focused on the harmonization process Eleven Tasks are included in this contract: Comprehensive Work Plan Conduct a Project Start Up Meeting Deliver Recommended Use-Cases Participate in related meetings and activities, including the AHIC Meetings Develop a Gap Analysis Standards Selection, Evaluations and Testing Define a Harmonization Approach Develop Interoperability Specifications Develop and Evaluate a Business Plan for the self-sustaining processes Submit Monthly Reports – ongoing efforts Assist with communications – ongoing efforts The Community HHS Secretary Mike Leavitt, Chair HHS ONCHIT1 PO, Dr. John Loonsk HITSP Dr. John Halamka, Chair Member populated Technical Committees Project Management Team Executive in Charge, F. Schrotter, ANSI Program Manager, L. Jones GSI Deputy PM, J Corley, ATI Project Manager, Julie Pooley, Booz Allen Harmonization Process Definition Technical Manager Michelle Deane, ANSI Harmonization Process Delivery Technical Manager Joyce Sensmeier, HIMSS

5 HITSP formed Technical Committees to focus on AHIC breakthrough areas - Initial focus is on 3 use cases Biosurveillance -- Transmit essential ambulatory care and emergency department visit, utilization, and lab result data from electronically enabled health care delivery and public health systems in standardized and anonymized format to authorized public health agencies with less than one day lag time. Consumer Empowerment -- Deploy to targeted populations a pre-populated, consumer-directed and secure electronic registration summary. Deploy a widely available pre-populated medication history linked to the registration summary. Electronic Health Records -- Deploy standardized, widely available, secure solutions for accessing laboratory results and interpretations in a patient-centric manner for clinical care by authorized parties. Security and Privacy – Initially a formed as a Work Group to address Security and Privacy (S & P) requirements of the first three Use Cases. Now a Technical Committee charged with addressing S & P requirements for all Use Cases provided to HITSP.

6 HITSP Coordinating Committees and Leadership
HITSP Technical Committees and Leadership HITSP Technical Committee - Care Delivery James Ferguson, Kaiser Permanente Steve Hufnagel, DoD Steve Wagner, Department of Veterans Affairs HITSP Technical Committee - Consumer Empowerment Elaine Blechman, PhD, University of Colorado, Boulder Charles Parisot, GE Healthcare Scott Robertson, Kaiser Permanente HITSP Technical Committee- Population Health Floyd Eisenberg, MD, MPH, Siemens Medical Solutions Peter Elkin, MD, Mayo Clinic College of Medicine Shaun Grannis, Department of Family Medicine, Indiana University School of Medicine HITSP Technical Committee- Security and Privacy Cochair nominations in progress Foundations Committee Steve Wagner Bob Dolin HITSP Process Review Committee Lynne Gilbertson Erik Pupo HITSP-CCHIT Joint Work Group Jamie Ferguson, Kaiser Permanente Harmonization Readiness Committee Business Plan Committee Steve Lieber International Landscape Committee Bill Braithwaite Governance Committee Michael Aisenberg

7 Harmonization Process Steps
The actual harmonization process is a series of steps taken by industry stakeholders within the context of HITSP Harmonization Process Steps Receive Request I Harmonization Request II Requirements Analysis III Identification of Candidate Standards IV Gaps, Duplications and Overlaps Resolution V Standards Selection VI Construction of Interoperability Specification VII Inspection Test VIII Interoperability Specification Release and Dissemination IX Program Management Begin Support

8 Current Status of HITSP Security and Privacy Activities
Review Use Cases and identify Security and Privacy Requirements. This will serve to populate the Requirements sections of the Requirements, Design and Standards Selection (RDSS) document. Completed Identify candidate standards (from our Inventory of Standards and other sources), and sort them into buckets which correspond to the security and privacy requirements (potential HITSP constructs). Completed Develop Requirements, Design, Standards Selection (RDSS) document Completed Technical Actors, Business Actors & mappings from use cases UML diagrams (initially a high level relationship roadmap) Identify Security and Privacy Requirements and map to use cases Public Comment Period: 05/16 – 06/14 Apply Tier 2 criteria to select from the existing standards for each of our potential constructs. Current Activity Develop HITSP Security and Privacy Constructs which will frame implementation of the selected standards to achieve the requirements as identified in the Use Cases.  Current Activity Inspection Test and Public Comment: 07/20 – 08/16 Comment Resolution and Panel Approval: 08/17 – 10/15

9 HITSP Security and Privacy Constructs under Consideration (Requirements and Key Capabilities from the Three Initial Use Cases) Secured Communication Channel (includes mutual node authentication, integrity and confidentiality of transmission contents) Collect and Communicate Security Audit Trail Privacy Consents Verify Privacy Consents Manage Entity Identity Credentials Document Integrity Authenticate User Manage and Control Data Access Non Repudiation Fail-Safe/Emergency access (now rolled into #4 and #8) Consistent Time

10 HITSP Security and Privacy Constructs under Consideration

11 Security and Privacy RDSS Document Review

12 Security and Privacy RDSS Document
The RDSS document is located on the web site via the following link: HITSP members and public stakeholders are also encouraged to work with the Security and Privacy Work Group as they continue the process of standards selection and construct development. If your organization is a HITSP member and you are not currently signed up as a Security and Privacy Work Group member, but would like to participate in this process, please contact

13 For General Technical Committee related questions please contact:
Joyce Sensmeier MS, RN-BC, CPHIMS, FHIMSS Vice President, Informatics HIMSS 230 East Ohio, Suite 500 Chicago, IL Phone: Or Jessica Kant Coordinator, Standards Harmonization Healthcare Information & Management Systems Society 230 E. Ohio St., Suite 500 Chicago, IL Phone: Fax: For HITSP Security and Privacy related questions please contact: Johnathan Coleman Principal, Security Risk Solutions, Inc. 690 Libbys Pt. Mt. Pleasant, SC Tel:

Download ppt "HITSP Security and Privacy Work Group"

Similar presentations

National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
August 2006 Health Information Technology Standards Panel HITSP Technical Committee and Approval of its Interoperability Specifications Charles Parisot,

August 2006 Health Information Technology Standards Panel HITSP Technical Committee and Approval of its Interoperability Specifications Charles Parisot,
HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.

HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.
Joyce Sensmeier MS, RN, BC, CPHIMS, FHIMSS HIMSS Vice President Informatics August 25, 2006 Healthcare Information Technology Standards Panel (HITSP) Overview.

Joyce Sensmeier MS, RN, BC, CPHIMS, FHIMSS HIMSS Vice President Informatics August 25, 2006 Healthcare Information Technology Standards Panel (HITSP) Overview.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
0 Chicago, IL March 6 th, 2007 Use Case Requirements, Design and Standards Selection HITSP Use Case Requirements, Design and Standards Selection Date:

0 Chicago, IL March 6 th, 2007 Use Case Requirements, Design and Standards Selection HITSP Use Case Requirements, Design and Standards Selection Date:
HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.

HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.
Health Information Technology Standards Panel Ed Mikoski 19MAR09 TIA Healthcare ICT Section Teleconference.

Health Information Technology Standards Panel Ed Mikoski 19MAR09 TIA Healthcare ICT Section Teleconference.
Healthcare Information Technology Standards Panel 2006, 2007 and Beyond John D. Halamka MD Chair, HITSP.

Healthcare Information Technology Standards Panel 2006, 2007 and Beyond John D. Halamka MD Chair, HITSP.
HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.

HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.
American Health Information Community HITSP Accomplishments 2006-2008 John D. Halamka MD Chair, HITSP November 12, 2008.

American Health Information Community HITSP Accomplishments John D. Halamka MD Chair, HITSP November 12, 2008.
1 Joyce Sensmeier MS, RN, FHIMSS, HIMSS Glen Marshall, Siemens Healthcare Charles Parisot, GE Healthcare IHE's contribution to standards harmonization.

1 Joyce Sensmeier MS, RN, FHIMSS, HIMSS Glen Marshall, Siemens Healthcare Charles Parisot, GE Healthcare IHE's contribution to standards harmonization.
TM Overview of National HIT Standards a presentation to the Seminar Series on Integrated Surveillance Presented by Steven J Steindel, Ph.D. National Center.

TM Overview of National HIT Standards a presentation to the Seminar Series on Integrated Surveillance Presented by Steven J Steindel, Ph.D. National Center.
Arlington, VA January 5, 2006 Evaluation of Standards Harmonization Process for HIT Project Overview HITSP 05 N 42 December 29, 2005.

Arlington, VA January 5, 2006 Evaluation of Standards Harmonization Process for HIT Project Overview HITSP 05 N 42 December 29, 2005.
Achieving Breakthroughs Towards Health Information Exchange 17 th Annual Summer Institute in Nursing Informatics July 20, 2007 Joyce Sensmeier MS, RN-BC,

Achieving Breakthroughs Towards Health Information Exchange 17 th Annual Summer Institute in Nursing Informatics July 20, 2007 Joyce Sensmeier MS, RN-BC,
Overview of the National Agenda for Health Information Technology Kelly Cronin Director, Office of Programs and Coordination Visit our website at:

Overview of the National Agenda for Health Information Technology Kelly Cronin Director, Office of Programs and Coordination Visit our website at:
© 2009 The MITRE Corporation. All rights Reserved. Healthcare Interoperability: Simplified Health Data Standard Andrew Gregorowicz Beth Halley Joy Keeler.

© 2009 The MITRE Corporation. All rights Reserved. Healthcare Interoperability: Simplified Health Data Standard Andrew Gregorowicz Beth Halley Joy Keeler.
0 enabling healthcare interoperability Webinar Series Sponsored by the HITSP Education, Communications and Outreach Committee Standardizing How We Share.

0 enabling healthcare interoperability Webinar Series Sponsored by the HITSP Education, Communications and Outreach Committee Standardizing How We Share.
0 Harmonization Process, Work Plan, and Schedule Chicago IL. March 5, 2007 HITSP Project 2007 Work Plan and Schedule Contract HHSP23320054103EC.

0 Harmonization Process, Work Plan, and Schedule Chicago IL. March 5, 2007 HITSP Project 2007 Work Plan and Schedule Contract HHSP EC.
HITSP’s Scope  The Panel’s mission is to assist in the development of a Nationwide Health Information Network (NHIN) by addressing the standards-related.

HITSP’s Scope  The Panel’s mission is to assist in the development of a Nationwide Health Information Network (NHIN) by addressing the standards-related.

Similar presentations

Ads by Google