Health Information Security and Privacy Collaboration Regional Meeting - PowerPoint PPT Presentation

Loading...

PPT – Health Information Security and Privacy Collaboration Regional Meeting PowerPoint presentation | free to download - id: 1005e2-ZmJmO



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Health Information Security and Privacy Collaboration Regional Meeting

Description:

Pre-emption NCGS 8 - 53. Application within organization ... Pre-emption including NCGS 8 53. Highlight lack of 'RHIO / HIE' definition and standards ... – PowerPoint PPT presentation

Number of Views:64
Avg rating:3.0/5.0
Slides: 15
Provided by: War25
Learn more at: http://www.nchica.org
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Health Information Security and Privacy Collaboration Regional Meeting


1
Health Information Security and Privacy
Collaboration Regional Meeting
  • North Carolina Report
  • November 13, 2006

2
Introduction
3
Steering Committee
  • Phil Telfer, Co-chair NC Governors Office
  • Holt Anderson, Co-chair NCHICA, Executive
    Director
  • Linda Attarian NC DHHS Div. of Medical
    Assistance
  • Wesley G. Byerly Wake Forest Univ. Baptist Med.
    Ctr.
  • Fred Eckel NC Assoc. of Pharmacists
  • Jean Foster NC Health Information Mgmt. Assoc.
  • Don E. Horton, Jr. LabCorp
  • Mark Holmes NC Institute of Medicine
  • Eileen Kohlenberg NC Nurses Association
  • Linwood Jones NC Hospital Association
  • Patricia MacTaggart Health Management Associates
  • Doc Muhlbaier Duke University Health System
  • David Potenziani UNC School of Public Health
  • Melanie Phelps NC Medical Society
  • N. King Prather BCBSNC
  • Morgan Tackett BCBSNC
  • Work Group Co-Chairs Various Organizations

4
State Health Information Exchange Efforts
  • Our healthcare stakeholders continue to
    participate in various health information
    exchange efforts in NC. Examples are
  • ONC-funded NHIN Architecture Prototype
  • Medicaid Community Care of NC
  • WNC Health Network (Western NC RHIO)
  • Sandhills Network
  • NC Public Health Information Network (NCPHIN)
  • NCHESS, NCDETECT
  • Bridges To Excellence
  • NC Immunization Registry
  • Employer sponsored patient health records
  • e-Prescribing projects payers, providers, e-Rx
    pharmacies
  • Payer sponsored consumer sites claims, benefits
  • QualityNet (DOQ-IT)

5
State HISPC Project
  • Past and current collaborative projects have been
    designed to share information for a specific
    healthcare or business need.
  • The NC HISPC project allows the exploration of
    privacy and security sharing models at a
    comprehensive level.

6
Stakeholder Representation and Outreach
  • The NC HISPC workgroups, project team, and
    stakeholder groups are comprised of over 60
    participants representing the diverse healthcare
    community.

7
Data Collection Process
  • Followed RTI methodology
  • Interviews
  • Groups divided by types of scenario
  • Groups co-facilitated by project leaders
  • On site by Project Manager
  • E-mail surveys
  • Customized data collection spreadsheet

8
Major Themes
  • Information sharing practices varied
    significantly
  • Emergent vs. non-emergent situations
  • Stakeholders frequently were unaware of their
    business practice / policy
  • Lack of awareness on how to apply law within the
    organization
  • Privacy and security policy and regulatory
    compliance may be dependent upon perception of
    enforcement.
  • Current information sharing business practices
    have evolved without a business model

9
Major Barriers to HIE
  • Range of awareness and interpretation
  • Pre-emption NCGS 8 - 53
  • Application within organization
  • Fear of litigation / Lack of safe harbor
  • Lack of policy standardization
  • Lack of interoperability of information exchange
    - paper and electronic records

10
Major Barriers to HIE
  • Lack of incentive to share information
  • Inter/intrastate legal implications
  • Lack of business model
  • RHIO, Community Health
  • Lack of RHIO / IHE definition, standards or
    recognition as legal entity
  • CLIA does not recognize RHIOs or any entity
    other than the ordering physician as authorized
    persons for receiving lab results from labs
  • Entity to entity exchanges are highly controlled
    by business practice and law as compared to
    patient-mediated exchanges.

11
Issues and ChallengesLessons Learned
  • High dependence on volunteers
  • Confidentiality structure limited opportunity to
    approach and engage additional stakeholders
  • Breadth of stakeholder representation limited
    data collection of business practices
  • Methodology based on study or research protocols
  • No formal deliverables requirements until Sept.
  • Emerging assessment / collaboration tools /
    participants skill set
  • Nine privacy / security domains do not
    correspond with recognized privacy and security
    practice standards

12
Issues and Challenges Lessons Learned
  • Stakeholders reluctant to share proprietary
    information
  • Differing legal and practice philosophies
  • Workgroups unfamiliar with RHIO models and
    business practices
  • Healthcare marketing staff are not knowledgeable
    of privacy and security aspects of data
    protection.

13
Goals for the Regional Meeting
  • Engage other states in HISPC
  • Insights from those who have executed this
    process
  • Glean ideas from other approaches
  • Develop consistent approach to final deliverables
  • Pre-emption including NCGS 853
  • Highlight lack of RHIO / HIE definition and
    standards
  • Present CLIA issue and possible solution /
    amendment
  • Present the potential for patient-controlled
    health information exchange standards, policies
    and procedures

14
Questions for Other States
  • Would you be interested in sharing material for
    our growing health information exchange reference
    library?
  • Would you contribute your time to help us
    identify your state statutes or policy
    requirements that apply when sharing health
    information across state lines?
  • What is your current process for sharing health
    information across state lines?
  • Who are the thought leaders in your state?
  • Do you feel your legislative and or executive
    levels of government are supportive of training
    and funding to improve privacy and security
    practices?
  • Is there something special about your state
    that would aid or hinder carrying out this
    process?
  • Your turn
About PowerShow.com