Despite support, HIMSS notes lack of security in ONC interoperability standards advisory

Two groups have come out in support of the Office of the National Coordinator for Health IT's 2015 Interoperability Standards Advisory, while offering comments on fixes that can be made to the draft.

The Healthcare Information and Management Systems Society (HIMSS) says it "supports the tenets" of the advisory, in a letter sent to the agency May 1. HIMSS' Electronic Health Record Association (EHRA), meanwhile, said in its own letter to National Coordinator Karen DeSalvo that its members welcome the draft and "agree with most of the choices of ONC in evaluating the best available standards."

The draft, according to ONC's announcement in January, "represents ONC's assessment of the best available standards and implementation specifications for clinical health information interoperability."

HIMSS did have some recommendations for the agency. For instance:

  • There is a lack of security standards, HIMSS noted. The society in its letter makes suggestions for security standards that should be included in the advisory, such as a transport layer security (TLS) protocol, advanced encryption and digital signature standards
  • ONC should work with current "healthcare community-led processes" to show the best available standards when updating the advisory. An updated version will be released every December, ONC has said
  • There should be a cohesive set of best available standards that will allow for sharing and comparing of data, HIMSS said. Sharing of evidence-based health data will advance care through a learning health system

For its part, the EHRA said that ONC should:

  • Define principles to ensure stability/sustainability, including criteria to add or remove standards as well as having information in each new version on standards maturity
  • Refine the intended use of the standard advisory, "especially in relation to regulation and the Interoperability Roadmap"
  • Create a separate, dedicated committee to conduct comment resolution; the draft currently assigns this task to the HIT Standards Committee or one of its sub-groups

When the standards advisory was announced, CHIME also came out in support of the draft.

"This is a much-needed playbook for each and every health IT professional," CHIME President and CEO Russell Branzell said in January. "Now, healthcare providers and health IT developers have a single source of truth, with an extensible process to align clinical standards towards improved interoperability, efficiency and patient safety."

To learn more:
- here's HIMSS' letter (.pdf)
- check out EHRA's letter (.pdf)