Privacy & Security for RHIOs/HIEs
Information and data exchange is a critical to the delivery of quality patient care services and effectiveness of healthcare organizations. The benefits of appropriate sharing of health information among patients, physicians, and other authorized participants in the healthcare delivery value chain, are nearly universally understood and desired. A RHIO, or regional health information organization, is a group of organizations with a business stake in improving the quality, safety and efficiency of healthcare delivery that comes together to exchange information for these purposes. The terms RHIO and Health Information Exchange, or “HIE, are often used interchangeably.
RHIOs must maintain the privacy and security of protected health information (PHI) and must do so in a manner that complies with the Health Insurance Portability and Accountability Act (HIPAA) privacy and security standards. This is true despite the fact that these standards will not apply directly to most RHIOs, because most RHIOs will not be covered entities. However, covered entities that participate in a RHIO by either providing data to the RHIO or obtaining data from the RHIO must comply with the privacy and security rules and will want to ensure compliance by the RHIO. Accordingly, RHIOs must build information privacy and security into both their technology and business processes.
HIMSS and AHIMA recently have formed a joint work group responsible for development of a white paper focused around privacy and security within the HIE environment. This white paper will be provided free to the general public and published in the HIMSS Privacy and Security Toolkit and will made available in the HIE resources and tools section of the HIMSS and AHIMA websites . Look for more information to come, or contact:
Pam Matthews, Sr. Director, Healthcare Information Systems
Phone: (706) 838-0583
Lisa A. Gallagher, BSEE, CISM, CPHIMS
Senior Director, Privacy and Security
Reports, White Papers
Meeting Your Patient-Facing Meaningful Use Goals Apr 15, 2014
Dive into how Meaningful Use Stage 2 has specific patient engagement ...
HIMSS Response to AHRQ Health IT-enabled Quality Measurement RFI Apr 15, 2014
View HIMSS Response to AHRQ Health IT-enabled Quality Measurement ...
HIMSS Response to Administrative Simplification: Adoption of Operating Rules for Health Care Electronic Funds Transfers (EFT) and Remittance Advice (RA) Transactions Interim Final Rule Apr 15, 2014
View HIMSS Response to Administrative Simplification: Adoption of ...
- Meeting Your Patient-Facing Meaningful Use Goals Apr 15, 2014
04/14/14 - Health IT Public Policy
Lives can be saved, outcomes of care improved, and costs reduced ...
02/21/14 - Meaningful Use OneSource
Meaningful Use OneSource assists eligible healthcare providers and ...
04/08/14 - Health Business Solutions
Healthcare providers! Learn how to better manage your business operations ...
02/10/14 - Health IT Body of Knowledge
An introductory guide to essential definitions, descriptions and ...
02/10/14 - Electronic Health Records
Electronic Health Records (EHR) are a longitudinal electronic record ...
- 04/14/14 - Health IT Public Policy
Healthcare Business Intelligence Forum
San Antonio HIMSS Chapter | Hand Hygiene Compliance Monitoring: How Improvements in Technology are Transforming HealthcareSan Antonio, TX
Spring 2014 HIE Community Roundtable