ONC Medical Identity Theft Assessment
- In May 2008, the Office of the National Coordinator for Health Information Technology (ONC) awarded an approximately $450,000 contract to Booz Allen Hamilton to document the scope of the medical identity theft problem in the U.S.
American Health Information Community's (AHIC) Confidentiality, Privacy, and Security Workgroup
- In the summer of 2006, the AHIC created a Workgroup - Confidentiality, Privacy, & Security (CPS) - specifically focused on nationwide privacy and security issues raised by health IT activities and the findings of the other AHIC workgroups.
The Certification Commission for Healthcare Information Technology (CCHIT)
- An important part of CCHIT's work is to certify the security of health information systems.
- In each successive year, CCHIT will focus on security for ambulatory EHR systems, security for inpatient EHR systems and security for network systems.
- CCHIT's certification process promotes well-established, tested security capabilities in health IT systems.
Healthcare Information Technology Standards Panel (HITSP)
- Brings together the intellectual assets of over 260 organizations with a stake in health data standards to increase the interoperability of health care systems and information.
- Seeks to harmonize the critical standards needed to protect the privacy and security of health data.
- Once standards have been identified to support specific clinical use-cases, the HITSP will develop implementation guides to support the activities of system developers in pursuing interoperable electronic health records.
Nationwide Health Information Network (NHIN)
- A critical portion of the required NHIN prototype deliverables is the development of security models that directly address systems' architecture needs for securing and maintaining the confidentially of health data.
- Participants are required to comply with security requirements established by HHS to ensure proper and confidential handling of data and information.
- Each architecture capability will be used in the next steps of the NHIN to address the complex issues of authentication, authorization, data access restrictions, auditing and logging, consumer controls of information access and other critical contributions.