Welcome to the Ohio HISPC Phase 1 page -
Now Complete - Please consider this for informational purposes only
Individuals and organizations interested in participating in this effort can assist through any of the following ways:
1) Stakeholder group conversations conducted through face-to-face, online survey, and/or online discussion group opportunities
2) Meetings within stakeholder group associations to identify issues and potential solutions supported by members of the respective associations
3) Participating on issue specific conversations conducted through face-to-face, online survey, and/or online discussion group opportunities
4) Participation with one or more of the required working groups and/or ad hoc groups (see below) to complete aspects of the required deliverables, either as an official member of the working group or as part of the public audience at working group meetings
5) Feedback to official members of the working groups or to project team members on draft work products or on general issues for consideration in developing these work products
The contract requires the state-level individuals and organizations participating on this project to focus their assessment of organization-level business policies and state laws on at least nine (9) privacy and security domains, using eighteen (18) scenarios created by the contractor overseeing the grant. The scenarios are still under development. The nine required domains to assess are:
1. User and entity authentication to verify that a person or entity seeking access to electronic personal health information is who they claim to be
2. Information authorization and access controls to allow access to only people or software programs that have been granted access rights to electronic personal health information
3. Patient and provider identification to match identities across multiple information systems and locate electronic personal health information across enterprises
4. Information transmission security or exchange protocols (encryption, etc.) for information that is being exchange over an electronic communications network
5. Information protections so that electronic personal health information cannot be improperly modified
6. Information audits that record and monitor the activity of health information systems
7. Administrative or physical security safeguards required to implement a comprehensive security platform for health IT
8. State law restrictions about information types and classes, and the solutions by which electronic personal health information can be viewed and exchanged
9. Information use and disclosure policies that arise as health care entities share clinical health information electronically
To complete the required work under the contract each state is to follow a consistent, comparable approach that includes the following formal working groups and steps:
1) Steering Committee, consisting of a representative or two from each stakeholder group. The Steering Committee oversees the work of all state working groups, reviews and comments on all deliverable reports, and submits final deliverables to the federal contractor for HISPC.
2) State Variations Working Group, consisting of a representative for each stakeholder group, creates the first deliverable, the interim assessment of variation report. This report serves as the foundation for all further work on the contract. The working group members, with input from the broader stakeholder community will complete the following tasks:
a. Obtain stakeholder feedback on the nine domains and eighteen scenarios
b. Compile this feedback by stakeholder group for review by each stakeholder group for its completeness
c. Classify policies as barriers or no barriers to exchange of health information and best practice or not best practice
d. Working with the legal working group map these policies to relevant law
e. Draft interim assessment of variations/best practice report
3) State Legal Working Group, consisting of individuals with expertise in legal issues pertaining to health information, which is to:
a. Assess applicable privacy and security policies underlying regulations, court cases, etc. and identify legal sources of barriers to interoperable electronic health records and health information exchange
b. Feed these findings to the State Variations Working Group
c. Review barriers identified by the State Variations Working Group and determine whether these barriers emanated from state privacy and security laws, misinterpretation of laws or caused by other factors
d. Develop a set of recommended policies that are consistent with the laws of the state of Ohio
e. Work with the Solutions Working Group and the Implementation Working Group to ensure that laws are accurately and consistently interpreted throughout the process of formulating solutions and planning implementation of those solutions
4) State Solutions Working Group which will:
a. Review the assessment of variation of state laws and business policies identified as barriers to health information exchange
b. Formulate preliminary solutions to address these barriers
c. Draft the analysis of solutions report
5) State Implementation Working Group, which will:
a. Review the interim analysis of solutions report
b. Propose preliminary implementation plans
c. Write the interim implementation plan report
6) Ad Hoc Working Groups, consisting of subgroups of specific stakeholder groups or multi-stakeholder groups formed to conduct work needed to support the other working groups. One ad hoc group will meet on an ongoing basis, meeting every two weeks. It will focus on education and outreach activities related with the contract. The other ad hoc groups will meet once or twice, focusing either on a specific issue or within a specific stakeholder group. Ad hoc group issue meetings being planned include:
a. Administrative data exchange
b. e-Prescribing
c. Behavioral health
d. Public health
e. Long term care
While bringing all these individuals and groups together to assist on the required work under the HISPC contract, HPIO will also engage folks to do the following:
1) Develop a strategic road map to promote the effective adoption of health information technology and exchange of health information in Ohio, to be called the Ohio Health Information Strategic Plan (OHISP)
2) Build the business case for promoting this road map
3) Identify barriers other than privacy and security which affect the adoption of health information technology, the exchange of health information, and interoperability
4) Propose public sector or private sector policies to address these barriers
This wiki includes a sign-up form for people wanting to participate on any of the working groups or ad hoc groups. It will also include information on upcoming meetings, as well as information on meetings that have taken place.
Comments (0)
You don't have permission to comment on this page.