ONC's New Privacy, Security Priorities

ONC's New Privacy, Security Priorities

Office of the National Coordinator for Health IT Outlines Goals

By Marianne Kolbasuk McGee, June 28, 2013.
  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
Marianne Kolbasuk McGee

Want to know what the Office of the National Coordinator for Health IT's privacy and security priorities are for the coming year? Then check out its new report to Congress.

The report provides updates on ONC's activities and the adoption of health IT from Jan. 1, 2012, to April 30, 2013. It also offers a glimpse of what's on its privacy and security agenda for the year ahead.

 Do you think the agency has selected the right privacy and security priorities for next year? 

We'd like to know what you think of the list of priorities, so let us know by commenting in the box below.

The ONC, a unit of the Department of Health and Human Services headed by Farzad Mostashari, M.D., administers programs to guide healthcare providers as they "meaningfully use" certified electronic health record technology under the HITECH ActEHR incentive program. ONC also works with the health IT community to develop standards and technologies that facilitate interoperability and secure health information exchange.

In fiscal 2014, which starts on Oct. 1, ONC says it will address a number of key issues. For example, it will:

  • Identify and address cybersecurity threats;
  • Provide technical assistance in such areas as security program management, risk management, access management, integrity management, audit management, incident management, continuity management, chains of trust controls, workforce management and media management;
  • Work with the National Institute of Standards and Technology and other partners to assure that correct clinical information is associated with the correct patients and/or providers by supporting innovative frameworks that can provide a foundation for identity management;
  • Continue to incorporate policy components that further privacy and security in future stages of the HITECH Act electronic health record incentive program; and
  • Continue work on patient and provider identity management.

The report, Update on the Adoption of Health Information Technology and Related Efforts to Facilitate the Electronic Use and Exchange of Health Information, also spotlights the projects of ONC's Office of the Chief Privacy Officer during 2012, including:

  • Working with federal policymakers to assure that patient EHR data is protected and secure while supporting the right that individuals have under the HIPAA Privacy Rule to review and obtain a copy of their health information in electronic form;
  • Supporting the Data Segmentation for Privacy Initiative, which, through collaboration among federal and industry partners, identifies innovative ways of protecting the privacy of health information;
  • Launching an educational initiative and resource center on how to protect and secure health information when using a mobile device;
  • Conducting an e-consent pilot project to evaluate ways to inform individuals of their options with respect to the sharing of their electronic health information.

So do you think the agency has selected the right privacy and security priorities for next year? And what do you think of its track record so far? We invite you to share your thoughts with us in our discussion group below.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE FFIEC Issues Cyber-Resilience Guidance

New business continuity guidelines from the Federal Financial Institutions Examination Council...

Latest Tweets and Mentions

ARTICLE FFIEC Issues Cyber-Resilience Guidance

New business continuity guidelines from the Federal Financial Institutions Examination Council...

The ISMG Network