Privacy & Security for RHIOs/HIEs
Information and data exchange is a critical to the delivery of quality patient care services and effectiveness of healthcare organizations. The benefits of appropriate sharing of health information among patients, physicians, and other authorized participants in the healthcare delivery value chain, are nearly universally understood and desired. A RHIO, or regional health information organization, is a group of organizations with a business stake in improving the quality, safety and efficiency of healthcare delivery that comes together to exchange information for these purposes. The terms RHIO and Health Information Exchange, or “HIE, are often used interchangeably.
RHIOs must maintain the privacy and security of protected health information (PHI) and must do so in a manner that complies with the Health Insurance Portability and Accountability Act (HIPAA) privacy and security standards. This is true despite the fact that these standards will not apply directly to most RHIOs, because most RHIOs will not be covered entities. However, covered entities that participate in a RHIO by either providing data to the RHIO or obtaining data from the RHIO must comply with the privacy and security rules and will want to ensure compliance by the RHIO. Accordingly, RHIOs must build information privacy and security into both their technology and business processes.
HIMSS and AHIMA recently have formed a joint work group responsible for development of a white paper focused around privacy and security within the HIE environment. This white paper will be provided free to the general public and published in the HIMSS Privacy and Security Toolkit and will made available in the HIE resources and tools section of the HIMSS and AHIMA websites . Look for more information to come, or contact:
Pam Matthews, Sr. Director, Healthcare Information Systems
Phone: (706) 838-0583
Lisa A. Gallagher, BSEE, CISM, CPHIMS
Senior Director, Privacy and Security
Reports, White Papers
08/06/14 - Center for Patient and Family-Centered Care
HIMSS and the National eHealth Collaborative (NeHC) have merged to ...
08/25/14 - mHealth
Mobile Health is the globally-focused initiative of HIMSS advancing ...
07/10/14 - Meaningful Use OneSource
Meaningful Use OneSource assists eligible healthcare providers and ...
08/01/14 - Health IT Public Policy
HIMSS seeks to educate and inform Congress, federal agencies, state ...
06/16/14 - 2014 HIMSS Analytics Cloud Survey
View results from the 2014 HIMSS Analytics Cloud Survey.
- 08/06/14 - Center for Patient and Family-Centered Care
OSEHRA Open Source SummitBethesda North Marriott Hotel | Bethesda, MD
Modern EMR as a Service: Scalable and Cost-EffectiveVirtual Event
Big Data Conference | Northern Ohio & Western Pennsylvania | HIMSS ChaptersGlobal Center for Health Innovation | Cleveland, OH