Established in June 2006 by RTI International through a contract with the U.S. Department of Health and Human Services (HHS), the Health Information Security and Privacy Collaboration (HISPC) originally comprised 34 states and territories. In phase 3, which began in April 2008, HISPC now comprises 42 states and territories, and aims to address the privacy and security challenges presented by electronic health information exchange through multistate collaboration. Each HISPC participant continues to have the support of its state or territorial governor and maintains a steering committee and contact with a range of local stakeholders to ensure that developed solutions accurately reflect local preferences.
For more information, click to download a copy of the Executive Summary.
To read more about each collaborative and the products they are producing, click the links below.
|
|
 |
The Privacy and Security project will play a key role in laying a policy groundwork to support widespread interoperable electronic health information exchange. The assessment of variations in organization-level privacy and security practices and policies, and any related laws and regulations, will identify the practices and policies that are currently in place across a broad array of stakeholders. Practices, policies and related laws will be reviewed to assess whether the particular practice, policy, or law would pose a challenge to the electronic exchange of health information. The HISPC effort will:
- Preserve privacy and security protections in a manner consistent with interoperable health information exchange;
- Promote stakeholder identification of practical solutions and implementation strategies through an open and transparent consensus-building process; and
- Create a knowledge base about privacy and security issues in electronic health information exchange in states and communities that endures to inform future HIE activities.
|
|
|
|
|
|
|
|
|
- Stakeholders, including state entities, will have a fuller understanding of variations in organization-level privacy and security related business practices and policies, as well as any related or underlying legal requirements in their state or territory and communities;
- States, through the use of stakeholder groups, will design practical solutions and implementation plans for preserving the privacy and security protections of health information while implementing electronic health information systems; and
- Long-lasting collaborative networks and knowledge bases will be established in and across states and communities that will support future work.
|
|
|
|
|
|
|
|
|
|
Just Announced:
Cost: Free
The Health Information Security and Privacy Collaboration (HISPC) June 2009 Seminar Series
Background: Between March 2008 and April 2009, a group of 42 states and territories participated in seven collaborative projects that sought to produce common, replicable solutions to various privacy and security challenges related to electronic health information exchange.
Schedule and Registration: The schedule and registration information for each seminar is available here. Each session will be held at 2:00 pm Eastern Time on Tuesday and Thursday afternoons, beginning June 4th. For a brief overview of each seminar click here.
|
|
|
|
|
|
|
|
 |
| HISPC Provider Education Toolkit released - Friday, February 27, 2009The HISPC Provider Education Collaborative has launched their national Provider Education Toolkit at www.secure4health.org. The web based toolkit provides health care providers with advice, resource links, and answers to frequently asked questions from national health care subject matter experts. The information is focused on electronic health information exchange and the related privacy and security implications as well as the tools and resources to help physicians and other health care providers get connected electronically. The message to health care providers is It’s Safe – It’s Secure – It’s Time. Get Connected!
|
|
| ONC Releases Nationwide Privacy and Security Framework for Electronic Exchange - Thursday, January 01, 2009The principles of the Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information establish a single, consistent approach to address the privacy and security challenges related to electronic health information exchange through a network for all persons, regardless of the legal framework that may apply to a particular organization. The goal of this effort is to establish a policy framework for electronic health information exchange that can help guide the Nation’s adoption of health information technologies and help improve the availability of health information and health care quality. The principles have been designed to establish the roles of individuals and the responsibilities of those who hold and exchange electronic individually identifiable health information through a network.
This link also provides access to the Health IT Privacy and Security Toolkit, which includes resources for the Individual Access, Correction, Openness and Transparency, Individual Choice, Collection, Use and Disclosure, Safeguards and Accountability Principles. read more ...
|
|
| GAO report on HHS work on privacy principles and challenges - Thursday, October 16, 2008The GAO released a report this week evaluating HHS progress on addressing privacy in HIT implementation. The full report can be found here. In short, GAO found that there has been progress made, but there is more that needs to be done, especially defining a process for assessing and prioritizing privacy-related initiatives to ensure that key privacy principles and challenges will be fully and adequately addressed.
|
|
| State Alliance for e-Health Report Now Available - Thursday, October 16, 2008In their inaugural report, Accelerating Progress: Using Health Information Technology and Electronic Health Information Exchange to Improve Care, the State Alliance for e-Health (State Alliance), a consensus based, executive-level body composed of governors, state legislators, attorney generals and state commissioners, examines the challenges states face in implementing HIT and HIE, including provider concerns about implementation costs, variations in technical standards for interoperability and consumer concerns about data privacy and security.
For more information on the State Alliance and to view the report, please visit www.nga.org/center/ehealth
|
|
| Office of the National Coordinator (ONC) for Health Information Technology Releases Report - Tuesday, June 03, 2008
The Office of the National Coordinator (ONC) for Health Information Technology released the following report:
The ONC-Coordinated Federal Health IT Strategic Plan: 2008-2012
Click here to read more…
http://www.hhs.gov/healthit/
|
|
| Evidence on the Costs and Benefits of Health Information Technology - Friday, May 23, 2008Many people believe that health information technology (health IT) has the potential to transform the practice of health care by reducing costs and improving quality. In this paper, prepared at the request of the Chairman of the Senate Budget Committee, the Congressional Budget Office (CBO) examines the evidence on the costs and benefits of health information technology, possible barriers to a broader distribution and use of it in hospitals and clinicians’ offices, and possible options for the federal government to promote use of health IT. In keeping with CBO’s mandate to provide objective, impartial analysis, the paper makes no policy recommendations. Click here to download the paper and view the Director’s blog.
|
|
| The National Alliance for Health Information Technology Releases HIT Definitions Report - Tuesday, May 20, 2008Chicago, IL -- The National Alliance for Health Information Technology (Alliance) today released its final report, "Defining Key Health Information Technology Terms". This report reflects consensus work completed over the last several months on definitions for six important health information technology (IT) terms. read more ...
|
|
| NCVHS Report on Enhanced Protections for Uses of Health Data - Friday, January 11, 2008Recommendations in this report, A Stewardship Framework for "Secondary Uses" of Electronically Collected and Transmitted Health Data, call for a transformation to enhanced protections for all uses of health data by all users, independent of HIPAA covered entity status. NCVHS proposes that all organizations and individuals with access to personal health data follow attributes of appropriate data stewardship. NCVHS recommendations describe the attributes of appropriate health data stewardship as including, but not limited to: accountability and chain of trust, transparency, individual participation, de-identification, security safeguards and controls, data quality and integrity, and oversight of data uses. read more ...
|
|
| Routine HIV Testing May Conflict With State Laws - Monday, November 19, 2007
|
|
|
|
|
|
|
|
|