Framework aims to scale state's HIE trust agreements

The California Office of Health Information Integrity wants to create standards for establishing trust among health information organizations in the state, reports Government Health IT.

It has published a trust framework that can apply to other HIEs or Regional Health Information Organizations without those organizations having to draft separate data-sharing agreements with each partner. It's called the Model Modular Participant Agreement and designed to comply with the business associate provisions of HIPAA.

"Point-to-point agreements are obsolete. Trust must be scalable," Robert Cothren, technical director of California Health eQuality, a program of the University of California-Davis Institute for Population Health Improvement that's overseeing state HIE efforts, said in an announcement.

He said the model agreement outlines common processes that organizations working together can adopt to build a path to scalable trust.

The model presents contract language for agreements for five levels of data exchange. They range from merely sending patient data to another organization without establishing and applying standards for that exchange to an HIE that aggregates data in a central repository and provides search capabilities and sharing between organizations.

The office, part of the California Health and Human Services Agency, will take public comment through June 6.

Trust was among four guiding principles in the HIE governance framework just released by the Office of the National Coordinator for Health IT. The framework was designed to provide a "common foundation" for all types of HIE governance models.

The Washington, D.C.-based eHealth Initiative, meanwhile, has warned against too much federal regulation of health information exchange, saying it could inhibit innovation and development.

Two consumer coalitions--Consumer Partnership for eHealth and the Campaign for Better Care--recently called for use of the Direct standard to help accelerate data exchange. Direct enables participants to send authenticated and encrypted health data directly to trusted recipients online.

To learn more:
- find the Government Health IT article
- here's the announcement

Suggested Articles

Federal regulators have listened to physicians' complaints about health IT burdens and they have some solutions.

NRC Health was hit with a ransomware attack Feb. 11 and it still working to restore its systems and services.

Welcome to this week's Chutes & Ladders, our roundup of hirings, firings and retirings throughout the industry.