Providers should comply with existing fair information practices when exchanging patients' personal health data, according to recommendations from a workgroup advising the federally charted Health IT Policy Group. In a letter last week to national health IT coordinator David Blumenthal, the workgroup known as the "tiger team" issued preliminary recommendations for ensuring privacy and security as doctors and hospitals exchange patient information to fulfill the first stage of meaningful-use requirements for electronic records.
The recommendations cover only some issues, and the tiger team noted more work will be needed around such areas as remedies for violations, for example.
The tiger team urged the HIT Policy Committee to adopt guidelines set out in the Fair Information Practices, a code established in 1973. "This overarching set of principles, when taken together, constitute good data stewardship and form a foundation of public trust in the collection, access, use, and disclosure of personal information," the team's letter said.
According to InformationWeek, the principles cover individuals' rights to obtain and correct personal information and consent to the exchange of identifiable information; openness and transparency about policies and procedures; and protections against inappropriate use and disclosure, among other elements of privacy and security.
The tiger team also outlined four core values aimed at establishing a foundation of trust in health information exchange--by putting patient concerns at the forefront and making providers responsible for protecting patients' privacy--Health Data Management reports.
To learn more:
- read the InformationWeek article (which includes a link to a PDF of the letter)
- check out this HDM article
- obtain a copy of the letter by searching HHS' Health IT site