Recommendations to Guide Secure Interoperability

Throughout the year, the HIMSS Standards Advisory Task Force has provided feedback to ONC’s Interoperability Standards Advisory (ISA) to refine guidance on standards and implementation specifications leveraged to address specific interoperability needs. To date for 2017, this group offered feedback on a number of items included in the ISA, including but not limited to, input on standardizing social determinants of health, defining patient identification management, and further addressing emerging standards such as FHIR®.

In their latest set of comments, the Task Force provided lengthy feedback on security considerations in relation to interoperability.

Interoperability and Security Go Hand in Hand

There’s no question that cyber threats and security breaches, to the healthcare industry and beyond, have run rampant this year. HIMSS provides several timely news pieces and blogs on the topic. In 2017, we have seen multiple threats have held hospital records for ransom and international ransomware attacks that sparked panic across multiple industries. With more stakeholders participating in the exchange of protected health information (PHI), the importance of achieving secure, interoperable health information exchange is even more critical in public and private sector efforts.

Clearer Security Guidance Needed

ONC can provide much needed guidance on security standards and resources. However, the current ISA Appendix for Security Standards and Patterns lacks organization to provide clear direction on what security considerations should be included during the implementation process. The ISA would benefit greatly from some categorization and defined purposes for each of the sources included.

HIMSS also offered additional and updated sources to add to the Security Appendix to ensure more complete and timely guidance on the implementation of secure interoperable systems.

You Can Help Inform Standards Guidelines

To review the entire HIMSS response, click here. All previous HIMSS responses to the ISA are located on our website.

The ISA includes standards and specifications that represent a variety of healthcare use cases and stakeholders. Interested in providing your perspective in future HIMSS reviews of the ISA? Email for more information.