Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy, Security and Data Exchange Committee Annual Report 2009 PHDSC Home Page  PHDSC Annual Meeting November 12, 2009.

Published byLawrence Lyons Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy, Security and Data Exchange Committee Annual Report 2009 PHDSC Home Page  PHDSC Annual Meeting November 12, 2009."— Presentation transcript:

1 Privacy, Security and Data Exchange Committee Annual Report 2009 PHDSC Home Page  http://www.phdsc.org/ PHDSC Annual Meeting November 12, 2009

2 Background and Mission  Mission Represent and educate broad public sector health and health services research interests on privacy and security issues Focus on priorities related to privacy, security, and data standardization, including implementation of federal privacy and security rules Address balancing the need for individual privacy, confidentiality, and security with the need for use of data for public health and research activities

3 2009 Accomplishments Participated in national privacy and security efforts (HISPC and HITSP) Completed Privacy projects Final Report on Variations in and Solutions to State Privacy and Security Policies Affecting Public Health Final Report on Best Practices in Public Health Information Privacy Established a web page to track ARRA privacy and security regulations and provide comment as released Planning periodic webinars on privacy, security and exchange topics

4 Participation in National Privacy and Security Efforts CCHIT Continued leadership role in the Privacy Workgroup HISPC Phase III completed in July 2009 Seven Multi-state Collaboratives developed common, replicable multi-state solutions to privacy and security issues HISPC reports: Google healthit.hhs.gov:HISPC or http://healthit.hhs.gov/portal/server.pt?open= 512&mode=2&cached=true&objID=1240 http://healthit.hhs.gov/portal/server.pt?open= 512&mode=2&cached=true&objID=1240

5 Participation in National Privacy and Security Efforts HISPC Multi-state Collaboratives

6 Participation in National Privacy and Security Efforts HITSP Continued leadership roles in the Population Perspective and the Security, Privacy and Infrastructure (SPI) TCs In 2009 Population TC worked in 3 major areas: refinement of the Quality Measures constructs; development of a Maternal and Child Health Interoperability Specification (IS) and a Newborn Screening IS SPI TC developed the new HITSP Privacy and Security Capabilities and Service Collaborations – a simplified approach to implement interoperable standards leveraging existing HITSP specifications to support ARRA’s Meaningful Use and beyond. Areas include: communicate structured and unstructured documents, establish secure web access, assign pseudo-identity, consumer preferences and consent management, access control, security audit, patient identification mgmt, and healthcare document mgmt

7 2008 Committee Privacy Projects Completed final documents in early 2009 Project 2 – Report on Variations Solutions to State Privacy/Security Policies Affecting Public Health Summary of top public health information exchange issues identified by HISPC states that result from variations in privacy/security business practices, policies and state laws Project 3 - Report on Best Practices in Public Health Information Privacy Identified state best practices on privacy and security related to public health and health information exchange from direct state interviews Presented Project 3 Report findings at the 2009 PHIN conference

8 Privacy ‘expert’ and advisor Agency data practices coordinator Central office/point of contact for privacy coordination, implementation, compliance resolution, policies, awareness and education Identify, detect, prevent, address agency breaches Assist with or responsible for drafting/reviewing agency privacy legislation Coordinate with privacy officers of other state agencies and in county and local health departments Project 3 Findings: Role of the Privacy Official

9 Initial implementation of/confusion over HIPAA Determination, documentation and dissemination of covered entity status Establishing/designating a privacy office/privacy officer and assigning responsibilities Conducting a HIPAA preemption analysis and an analysis of public health laws vis-à-vis HIPAA Creating an internal education plan and external communications strategy Findings: Issues Faced in the Past 5 Years

10 Conducting in-depth program-by-program analyses Developing internal privacy and security policies and procedures to address specific HIPAA requirements Securing and disseminating legal opinions to address data collection issues Business associate clarifications Providing guidance to local public health departments Findings: Issues Faced in the Past 5 Years

11 Data linkages and de-identification: Balancing public health benefits with de-identification procedures Privacy of genetic information: States investigating the need to further strengthen new federal regulations Enforcement: States now able to bring legal action Ongoing workforce education and training State HIE privacy considerations Privacy considerations related to the exchange of health information across state boundaries Findings: Current Health Information Privacy Issues

12 Data breaches and identity theft Highest priority for most privacy officials Addressing increased data mobility and portability of data devices New/emerging state legislation on privacy breaches and consumer protection Need to create a ‘breach preventing’ and enforcement culture and workforce Federal law issues: FERPA (schools), 42 CFR (substance abuse), reporting HIV/AIDS data Findings: Current Health Information Privacy Issues

13 Health IT and HIE issues EHRs, PHRs, HIEs and the role of public health, both as a participant and as a recipient of information Impact of expanded EHR adoption on privacy of health information and public health exchanges Opt-in/Opt-out; Granular privacy controls by consumers Impact of personal health records on public health Findings: New and Emerging Health Information Privacy Issues

14 Public health agencies at the forefront of the development and deployment of local/regional/state HIEs Key issues identified: Lack of integration of the state’s public health information infrastructure with the state’s HIE efforts Lack of roadmap for public health participation in HIEs Lack of regulatory framework for HIEs in states Lack of public health privacy framework for HIE participation Findings: New and Emerging Health Information Privacy Issues

15 To help address privacy issues: Develop a state public health privacy framework Standardize definition of sensitive health information Standardize consent requirements Align privacy policies with the needs of Clinical/Public Health Research Findings: Recommendations

16 Create and convene a Public Health Privacy Officers Community of Practice (CoP) Explore conducting a more comprehensive survey to provide additional information on current priorities and solutions Conduct a similar survey of Public Health Security Officers and explore creation of a Public Health Security Officers CoP Establish a web-based Public Health Privacy and Security Resource Center Findings: Identified Next Steps for the Consortium

17 ARRA Privacy and Security Regulations Web Page Tracks ARRA privacy and security regulations mandated to facilitate health information exchange activity ( http://www.phdsc.org/privacy_security/timeline.asp) http://www.phdsc.org/privacy_security/timeline.asp Notify PHDSC listserv participants as regulations are released Goal to hold teleconferences to gather input for and submit comments from the PH community Comment timelines will be short; quick action and participation are critical

18 Hold Webinars on Privacy, Security and Exchange Topics Focus initial topics on the ARRA privacy and security regulations Integrate webinars as able around the ARRA regulation events Building a list of topics and potential speakers; looking for additional input Over time, plan to hold a set number of webinars per year Look into outreach to PH privacy and security officers for participation

19 Future Committee Activity Follow progress and implications of new federal privacy and security regulations Facilitate member comments on draft regulations Develop and hold regular webinars on privacy, security, and exchange related topics Continue to seek national involvement in privacy/security efforts

20 Committee Chairs Vicki Hohner, MBA Senior Consultant Fox Systems, Inc. vicki.hohner@foxsys.com vicki.hohner@foxsys.com David P. Lawton RN, PhD Health Surveillance Section Administrator Nebraska Health and Human Services System david.lawton@dhhs.ne.gov

Download ppt "Privacy, Security and Data Exchange Committee Annual Report 2009 PHDSC Home Page  PHDSC Annual Meeting November 12, 2009."

Similar presentations

Manatt manatt | phelps | phillips New York State Health Information Technology Summit Initiative Overview and Update Rachel Block, Project Director United.

Manatt manatt | phelps | phillips New York State Health Information Technology Summit Initiative Overview and Update Rachel Block, Project Director United.
Www.mchc.org | Implications for Health Information Exchange – MetroChicago January 2011.

| Implications for Health Information Exchange – MetroChicago January 2011.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.

Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.
HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.

HISPC-Illinois II The Public-Private Partnership Moves Forward on Privacy and Security.
Background This linked collaborative is intended to identify opportunities to exchange best practices, administrative and regulatory support models and.

Background This linked collaborative is intended to identify opportunities to exchange best practices, administrative and regulatory support models and.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
Davis Wright Tremaine LLP Non-HIPAA Governmental Regulation of Healthcare Privacy and Security Sixteenth HIPAA Summit/The Privacy Symposium August 21,

Davis Wright Tremaine LLP Non-HIPAA Governmental Regulation of Healthcare Privacy and Security Sixteenth HIPAA Summit/The Privacy Symposium August 21,
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
11 Opportunities to Improve Care for Persons with Disabilities: The Community Living Initiative IMPLEMENTING NATIONAL HEALTH REFORM IN A DIFFICULT ECONOMIC.

11 Opportunities to Improve Care for Persons with Disabilities: The Community Living Initiative IMPLEMENTING NATIONAL HEALTH REFORM IN A DIFFICULT ECONOMIC.
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.

1 HIT Standards Committee Privacy and Security Workgroup: Recommendations Dixie Baker, SAIC Steven Findlay, Consumers Union August 20, 2009.
Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.

Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.
Presented at Annual Conference of the American Evaluation Association Anaheim, CA, November 2011 Lessons Learned about How to Support Outcomes Measurement.

Presented at Annual Conference of the American Evaluation Association Anaheim, CA, November 2011 Lessons Learned about How to Support Outcomes Measurement.
HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.

HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.
Coordinating Center Overview November 18, 2010 SPECIAL DIABETES PROGRAM FOR INDIANS Healthy Heart Project Initiative: Year 1 Meeting 1.

Coordinating Center Overview November 18, 2010 SPECIAL DIABETES PROGRAM FOR INDIANS Healthy Heart Project Initiative: Year 1 Meeting 1.
A Healthy Place to Live, Learn, Work and Play:

A Healthy Place to Live, Learn, Work and Play:
Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Similar presentations

Ads by Google