ICA’s Health Information Exchange Solution Provides Enhanced Layers of Security and Patient Privacy Protection: Authentica

Visit ICA at HIMSS11: Orlando, Fla., Feb 20 - 24, 2011, Booth # 2837

NASHVILLE, Tenn.--(BUSINESS WIRE)-- In response to heightened interest in protecting individual health information – especially in the growing multi-community Health Information Exchange (HIE) environment – Informatics Corporation of America (ICA) points to the capabilities of its CareAlign™ technology solution in addressing the “Three A’s” of security and privacy: authenticate – validate identity of the user seeking access to data; authorize – determine user role as the framework for allowing access; audit – trigger an examination of the system and all user activities, including data collection and audit reporting.

ICA, a leading provider of comprehensive HIE solutions to hospitals, integrated delivery networks (IDNs), communities, and states, will feature its comprehensive security service at the HIMSS11 Exhibition in Booth # 2837 February 20-24, 2011, Orange County Convention Center, Orlando, Fla.

“Achieving optimal patient privacy and security to maintain trust among all stakeholders is one of the most important pieces of the health care technology puzzle,” says John Tempesco, chief marketing officer, ICA. “ICA is committed to striking the right balance between safeguarding patient data and enabling it to be shared across multiple settings in an aggregated and patient-specific way. The importance of trust between physicians and patients cannot be overstated and holds the key to a successful HIE – which is proving to be the critical channel for delivering improved outcomes, safety and efficiency in health care.”

The data in ICA’s CareAlign™ provider portal solution is encrypted in transit. Each participant’s data is secured in its own database, with its own user authentication mechanism, to protect against access by unauthorized individuals and co-mingling of data from other participants. Once a user has been properly authenticated, the solution uses role-based authorization as the framework for managing user access to information and functional capabilities. Users are associated with one or more roles as part of the user set-up process, and information and functional access decisions are based upon those defined roles.

“Our patient consent levels dictate who can view data and when,” Tempesco adds. “By allowing user profiles to vary at the participant level, the technology is better able to support numerous security policies of the HIE’s member institutions. Taking into account user roles, profiles can be configured to allow or disallow access to specific categories of information and functionality. In other words, clinical users can be enabled or prevented from viewing sensitive categories of patient information such as psychiatric data.”

Maintained at the participant, encounter and result levels, the “Opt In” and “Opt Out” functionality allows individuals to control what information is made available or can be viewed, allowing patients to opt-out at certain facilities or encounters but not others. These indicators can be maintained directly through the portal or sent from participant source systems. Patient information can also be made available to accommodate public health reporting entities based upon regulatory mandated requirements and or community or state law.

“In emergency scenarios where a person’s life is at risk – regardless of previously directed opt-out specifications – the system allows providers to ‘break the glass’ and ascertain critical medical history related to previous treatment, emergency room visits, drug allergies, prescription, and medications,” adds Tempesco. “Such events automatically trigger an audit event, which records all system transactions including viewing, editing, and printing. Comprehensive periodic third-party privacy and security audits verify continued regulatory compliance and adherence to government and community regulations and policies.”

The ICA CareAlignTM provider portal solution currently provides a consent management and security model with a level of access control and configurability that is unsurpassed among HIE solutions.

“We are confident that this sophisticated level of health care technology meets expectations for efficiency on how patient data is collected and distributed, and certain aspects of patient privacy,” says Tempesco.

About Informatics Corporation of America (ICA)

Informatics Corporation of America (ICA) was established to take innovative technology developed by Vanderbilt Medical Center to the broader healthcare market and now delivers a comprehensive HIE solution to hospitals, IDNs, communities and states.Unmatched in its ability to yield cost efficiency, improved patient care, and better outcomes, ICA’s CareAlign solution captures complete data to enhance the decision making process. ICA’s CareAlign™ intelligence engine empowers HIEs to leverage existing core systems to construct a longitudinal patient record. CareAlign™ also features provider/patient portals, secure clinical communication, NHIN compliant interoperability, EHR-lite and population management tools. Visit www.icainformatics.com; follow us on Twitter; and Facebook.


CPR for Informatics Corporation of America
Katelyn Petersen, 201-641-1911 x18
[email protected]

KEYWORDS:   United States  North America  Tennessee

INDUSTRY KEYWORDS:   Technology  Data Management  Security  Health  Hospitals  General Health