Privacy & Security for RHIOs/HIEs
Information and data exchange is a critical to the delivery of quality patient care services and effectiveness of healthcare organizations. The benefits of appropriate sharing of health information among patients, physicians, and other authorized participants in the healthcare delivery value chain, are nearly universally understood and desired. A RHIO, or regional health information organization, is a group of organizations with a business stake in improving the quality, safety and efficiency of healthcare delivery that comes together to exchange information for these purposes. The terms RHIO and Health Information Exchange, or “HIE, are often used interchangeably.
RHIOs must maintain the privacy and security of protected health information (PHI) and must do so in a manner that complies with the Health Insurance Portability and Accountability Act (HIPAA) privacy and security standards. This is true despite the fact that these standards will not apply directly to most RHIOs, because most RHIOs will not be covered entities. However, covered entities that participate in a RHIO by either providing data to the RHIO or obtaining data from the RHIO must comply with the privacy and security rules and will want to ensure compliance by the RHIO. Accordingly, RHIOs must build information privacy and security into both their technology and business processes.
HIMSS and AHIMA recently have formed a joint work group responsible for development of a white paper focused around privacy and security within the HIE environment. This white paper will be provided free to the general public and published in the HIMSS Privacy and Security Toolkit and will made available in the HIE resources and tools section of the HIMSS and AHIMA websites . Look for more information to come, or contact:
Pam Matthews, Sr. Director, Healthcare Information Systems
Phone: (706) 838-0583
Lisa A. Gallagher, BSEE, CISM, CPHIMS
Senior Director, Privacy and Security
Reports, White Papers
The Privacy and Security Gaps in Health Information Exchange
Produced in collaboration between HIMSS and AHIMA, this white paper explores the various gaps in existing privacy and security policies and practices, and provides recommendations on solving privacy-related challenges facing the industry.
- National e-Authentication Project Aug 2007
- Managing Information Privacy & Security in Healthcare: RHIOs and HIPAA; This chapter also published with permission in the HIMSS Privacy and Security Toolkit Jul 2007
- California Healthcare Foundation Report: Privacy, Security and RHIOs Jul 2007
08/06/14 - Center for Patient and Family-Centered Care
HIMSS and the National eHealth Collaborative (NeHC) have merged to ...
08/25/14 - mHealth
Mobile Health is the globally-focused initiative of HIMSS advancing ...
09/10/14 - Meaningful Use OneSource
Meaningful Use OneSource assists eligible healthcare providers and ...
09/05/14 - Health IT Public Policy
HIMSS seeks to educate and inform Congress, federal agencies, state ...
07/14/14 - Clinical Informatics
Clinical Informatics (aka. Health Informatics) promotes the understanding, ...
- 08/06/14 - Center for Patient and Family-Centered Care
2014 Summit of the SoutheastMusic City Center | Nashville, TN
AAMI-FDA Summit on Ventilator TechnologyHerndon, VA
Inspired EHRs: Designing for CliniciansVirtual Event