Privacy & Security for RHIOs/HIEs
Information and data exchange is a critical to the delivery of quality patient care services and effectiveness of healthcare organizations. The benefits of appropriate sharing of health information among patients, physicians, and other authorized participants in the healthcare delivery value chain, are nearly universally understood and desired. A RHIO, or regional health information organization, is a group of organizations with a business stake in improving the quality, safety and efficiency of healthcare delivery that comes together to exchange information for these purposes. The terms RHIO and Health Information Exchange, or “HIE, are often used interchangeably.
RHIOs must maintain the privacy and security of protected health information (PHI) and must do so in a manner that complies with the Health Insurance Portability and Accountability Act (HIPAA) privacy and security standards. This is true despite the fact that these standards will not apply directly to most RHIOs, because most RHIOs will not be covered entities. However, covered entities that participate in a RHIO by either providing data to the RHIO or obtaining data from the RHIO must comply with the privacy and security rules and will want to ensure compliance by the RHIO. Accordingly, RHIOs must build information privacy and security into both their technology and business processes.
HIMSS and AHIMA recently have formed a joint work group responsible for development of a white paper focused around privacy and security within the HIE environment. This white paper will be provided free to the general public and published in the HIMSS Privacy and Security Toolkit and will made available in the HIE resources and tools section of the HIMSS and AHIMA websites . Look for more information to come, or contact:
Pam Matthews, Sr. Director, Healthcare Information Systems
Phone: (706) 838-0583
Lisa A. Gallagher, BSEE, CISM, CPHIMS
Senior Director, Privacy and Security
Reports, White Papers
The Privacy and Security Gaps in Health Information Exchange
Produced in collaboration between HIMSS and AHIMA, this white paper explores the various gaps in existing privacy and security policies and practices, and provides recommendations on solving privacy-related challenges facing the industry.
- National e-Authentication Project Aug 2007
- Managing Information Privacy & Security in Healthcare: RHIOs and HIPAA; This chapter also published with permission in the HIMSS Privacy and Security Toolkit Jul 2007
- California Healthcare Foundation Report: Privacy, Security and RHIOs Jul 2007
10/23/14 - mHealth
mHealth is the generation, aggregation, and dissemination of health ...
09/26/14 - Center for Patient and Family-Centered Care
HIMSS and the National eHealth Collaborative (NeHC) have merged to ...
09/10/14 - Meaningful Use OneSource
Meaningful Use OneSource assists eligible healthcare providers and ...
10/21/14 - Health IT Public Policy
HIMSS seeks to educate and inform Congress, federal agencies, state ...
09/24/14 - Electronic Health Records
Electronic Health Records (EHR) are a longitudinal electronic record ...
- 10/23/14 - mHealth
Data! What is it good for? | Central & Southern Ohio Chapter of HIMSS Fall ConferenceDrake Center | Cincinnati, OH
2014 Medical Innovation SummitCleveland Convention Center | Cleveland, OH
CAHIMS On-Line Review Course Part 3Virtual Event