Health information security and privacy collaboration regional meeting
1 / 14

Health Information Security and Privacy Collaboration Regional Meeting - PowerPoint PPT Presentation

  • Uploaded on

Health Information Security and Privacy Collaboration Regional Meeting. North Carolina Report November 13, 2006. Introduction. Steering Committee. Phil Telfer, Co-chair NC Governor’s Office Holt Anderson, Co-chair NCHICA, Executive Director

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Health Information Security and Privacy Collaboration Regional Meeting' - ulysses-mcdaniel

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Health information security and privacy collaboration regional meeting

Health Information Security and Privacy Collaboration Regional Meeting

North Carolina Report

November 13, 2006

Steering committee
Steering Committee

  • Phil Telfer, Co-chair NC Governor’s Office

  • Holt Anderson, Co-chair NCHICA, Executive Director

  • Linda Attarian NC DHHS Div. of Medical Assistance

  • Wesley G. Byerly Wake Forest Univ. Baptist Med. Ctr.

  • Fred Eckel NC Assoc. of Pharmacists

  • Jean Foster NC Health Information Mgmt. Assoc.

  • Don E. Horton, Jr. LabCorp

  • Mark Holmes NC Institute of Medicine

  • Eileen Kohlenberg NC Nurses Association

  • Linwood Jones NC Hospital Association

  • Patricia MacTaggart Health Management Associates

  • Doc Muhlbaier Duke University Health System

  • David Potenziani UNC School of Public Health

  • Melanie Phelps NC Medical Society

  • N. King Prather BCBSNC

  • Morgan Tackett BCBSNC

  • Work Group Co-Chairs Various Organizations

State health information exchange efforts
State Health Information Exchange Efforts

  • Our healthcare stakeholders continue to participate in various health information exchange efforts in NC. Examples are:

    • ONC-funded NHIN Architecture Prototype

    • Medicaid Community Care of NC

    • WNC Health Network (Western NC RHIO)

    • Sandhills Network

    • NC Public Health Information Network (NCPHIN)


    • Bridges To Excellence

    • NC Immunization Registry

    • Employer sponsored patient health records

    • e-Prescribing projects: payers, providers, e-Rx pharmacies

    • Payer sponsored consumer sites: claims, benefits

    • QualityNet (DOQ-IT)

State hispc project
State HISPC Project

  • Past and current collaborative projects have been designed to share information for a specific healthcare or business need.

  • The NC HISPC project allows the exploration of privacy and security sharing models at a comprehensive level.

Stakeholder representation and outreach
Stakeholder Representation and Outreach

  • The NC HISPC workgroups, project team, and stakeholder groups are comprised of over 60 participants representing the diverse healthcare community.

Data collection process
Data Collection Process

  • Followed RTI methodology

  • Interviews:

    • Groups divided by types of scenario

    • Groups co-facilitated by project leaders

    • On site by Project Manager

  • E-mail surveys

  • Customized data collection spreadsheet

Major themes
Major Themes

  • Information sharing practices varied significantly

    • Emergent vs. non-emergent situations

  • Stakeholders frequently were unaware of their business practice / policy

  • Lack of awareness on how to apply law within the organization

  • Privacy and security policy and regulatory compliance may be dependent upon perception of enforcement.

  • Current information sharing business practices have evolved without a business model

Major barriers to hie
Major “Barriers” to HIE

  • Range of awareness and interpretation

    • Pre-emption NCGS 8 - 53

    • Application within organization

    • Fear of litigation / Lack of “safe harbor”

  • Lack of policy standardization

  • Lack of interoperability of information exchange - paper and electronic records

  • Major barriers to hie1
    Major “Barriers” to HIE

    • Lack of incentive to share information

      • Inter/intrastate legal implications

      • Lack of business model

      • RHIO, Community Health

  • Lack of RHIO / IHE definition, standards or recognition as legal entity

    • CLIA does not recognize “RHIOs” or any entity other than the ordering physician as “authorized persons” for receiving lab results from labs

    • Entity to entity exchanges are highly controlled by business practice and law as compared to patient-mediated exchanges.

  • Issues and challenges lessons learned
    Issues and Challenges“Lessons Learned”

    • High dependence on volunteers

    • Confidentiality structure limited opportunity to approach and engage additional stakeholders

    • Breadth of stakeholder representation limited data collection of business practices

    • Methodology based on study or research protocols

    • No formal deliverables requirements until Sept.

    • Emerging assessment / collaboration tools / participants’ skill set

    • Nine privacy / security domains do not correspond with recognized privacy and security practice standards

    Issues and challenges lessons learned1
    Issues and Challenges “Lessons Learned”

    • Stakeholders reluctant to share proprietary information

    • Differing legal and practice philosophies

    • Workgroups unfamiliar with RHIO models and business practices

    • Healthcare marketing staff are not knowledgeable of privacy and security aspects of data protection.

    Goals for the regional meeting
    Goals for the Regional Meeting

    • Engage other states in HISPC

      • Insights from those who have executed this process

    • Glean ideas from other approaches

    • Develop consistent approach to final deliverables

    • Pre-emption including NCGS 8–53

    • Highlight lack of “RHIO / HIE” definition and standards

    • Present CLIA issue and possible solution / amendment

    • Present the potential for patient-controlled health information exchange standards, policies and procedures

    Questions for other states
    Questions for Other States

    • Would you be interested in sharing material for our growing health information exchange reference library?

    • Would you contribute your time to help us identify your state statutes or policy requirements that apply when sharing health information across state lines?

    • What is your current process for sharing health information across state lines?

    • Who are the thought leaders in your state?

    • Do you feel your legislative and or executive levels of government are supportive of training and funding to improve privacy and security practices?

    • Is there something “special” about your state that would aid or hinder carrying out this process?

    • Your turn