Assessing HIEs on Privacy Issues

As featured on HealthcareInfoSecurity.com

Enforcing standards for privacy and security is a major part of a new health information exchange accreditation program, says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.

Building trust in health information exchanges will require a demonstrated commitment to privacy and security policies and the use of specific technologies, Barrett says.

In an interview at the Healthcare Information and Management Systems Society Conference in Orlando, Barrett:

  • Describes how the commission recently expanded its accreditation efforts beyond claims clearinghouses to include HIEs and others. So far, two organizations, The Utah Health Information Network and Passport Health Communications, have earned HIE accreditation.
  • Outlines the privacy and security requirements for HIE accreditation. For example, HIEs must use encryption and authentication, have detailed policies in place for protecting against the unauthorized disclosure of patient information and create guidelines for giving individuals the opportunity to consent to data exchange.
  • Predicts that the Nationwide Health Information Network and the Direct Project standards, now in development at the federal level, eventually will be used by most HIEs.

In addition to his position as executive director for the Electronic Healthcare Network Accreditation Commission, Barrett is senior vice president of the national healthcare consulting practice at Virtusa Corp. Previously, he was executive vice president of business development for American Dental Association Business Enterprises Inc. He also formerly was the vice president of EDI solutions for Ingenix Corp. and CEO of Claredi Corp.