The HIT Policy Committee’s new Privacy and Security Tiger Team workgroup is striving to establish the requirements that intermediaries in personal health information (PHI) message transactions will be subject to. Under HIPAA, parties which have access to PHI are deemed covered entities (CEs), required to establish business associate agreements (BAAs) which obligate them to handle the data in certain ways. With the rise of health information exchange under the HITECH Act, the Office of the National Coordinator created the Tiger Team to provide it with guidance in governing health information organizations (HIOs) — or third-party intermediaries which have varying degrees of involvement with the messages.
Data Security – Pay Now or Pay (More) Later
As we enter the era of Meaningful Use, we are truly seeing an increased realization of the central role that IT plays in provider strategic planning. Happily, we are also starting see recognition from many corners of healthcare organizations of the wisdom of making targeted, shrewd, IT investments as down payments on organizations’ futures. And […]
HIMSS Survey Shows Security a Dark Cloud
Other than a major focus on Meaningful Use and clinical systems, security concerns are a top priority, with one third of respondents (34 percent) saying an internal breach was their top worry in that area, and nearly one-quarter (23 percent) said their organization had a security breach in the past year, according to 21st Annual […]
One-on-One w/KLAS Clinical GM Jason Hess (III)
Before the term HIE appeared in the pages of HITECH, many CIOs didn’t pay it much attention, preferring instead to focus on getting their houses in order. While that’s still a great strategy, healthcare informatics leaders now have no choice but to dip their toes into the murky waters of inter-organizational information exchange. While many […]