Advancing Health IT Security and Interoperability: 3 Targets

Our recent posts on the U.S. Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology’s “Federal Health IT Strategic Plan 2015-2020” have covered the scope of the plan and gone in depth on one of its top goals, namely, expanding the adoption of health IT.

In this post, we’re going to focus on another goal laid out in the plan: advancing the security and interoperability of health information. As healthcare providers have started to leave paper in the dust and embrace digital records, there’s been an increased need to make sure the sensitive information is not only available but that it’s protected as well.

If that data isn’t fully locked down, it could prove costly for healthcare organizations. According to one estimate by the Ponemon Institute, data breaches could wind up costing the healthcare industry $5.6 billion annually. That same study also revealed that 40% of organizations aren’t confident in their ability to keep patient data shared on health information exchanges secure and private.

To improve security while also making interoperability a reality, the Feds plan to reduce variability by ensuring standards are implemented more consistently across the board. That would provide the groundwork needed to make it easier for varied healthcare systems to interact with each other and to do so in a safe and secure manner.

Where to focus

What does the government’s plan of attack look like? Here are the three cornerstones:

1) Enable individuals, providers, and public health entities to securely send, receive, find, and use electronic health information

Interoperability makes finding, exchanging and using health information much easier which in turn improves the quality of care providers can deliver and empowers individuals to make better decisions about their care. As part of the effort to increase interoperability, the government plans to create a set of rules and governance related to standards, data policy, and operations, for the exchange of electronic health information. It will also work with partners to take out some of the regulatory and business hurdles between organizations and a free-flowing yet secure exchange of health information.

2) Identify, prioritize, and advance technical standards to support secure and interoperable health information

Standards are the key to making health information searchable, easy to exchange, and secure. However, not all data in healthcare fits neatly into a nice little box. So the government is hoping to beef up standards where applicable and find ways to present non-standard info and data in the most consistent way possible. To do that, the Feds will look to improve modularity in terminology, coding, content, format, and security. Also, it will try to advance standards to better allow for data capture and use for decision support, quality assurance, and reporting. 

3) Protect the privacy and security of health information

With all of that digitized health info floating out there, security has been a growing concern for providers and patients. Over the next few years, the government plans to invest in the development of policies, standards, technologies, and solutions which put more control of health info into the hands of the individual. The Feds also will support a single health and public health Information Sharing and Analysis Center (ISAC) to open the lines of conversation between providers and the government about cyber threats and vulnerabilities. The government will also continue to develop and enforce HIPAA regulations for organizations which fall under that umbrella. Organizations who aren’t subject to HIPAA will continue to face their own privacy and security requirements.

Once again, the “Strategic Plan 2015-2020” won’t be finalized until February, so there’s still some time to discuss and maybe even amend these goals. But near-universally appealing elements like more interoperability and better security aren’t likely to go anywhere.

Your IT team will want to be ready for the new opportunities and challenges brought on as the government looks to accomplish its objectives. Arraya Solutions can help your team find the right tech for the job and even automate lower-level tasks so IT has the time and resources needed to focus on what really matters to you and your patients.

Visit http://go.arrayasolutions.com/healthcare.html to learn more about Arraya’s healthcare solutions, or speak to your Arraya Account Executive to find out more. Follow Arraya on Twitter @ArrayaSolutions