News Feature | November 13, 2015

What IT Solutions Providers Need To Know About The ONC, Encryption And Patient Privacy

By Megan Williams, contributing writer

What IT Solutions Providers Need To Know About The ONC, Encryption And Patient Privacy

The Office of the National Coordinator for Health IT (ONC) is turning its focus from interoperability to privacy, according to Gov Info Security.

Lucia Savage, ONC’s chief privacy officer, and her team are situated to address multiple hurdles around interoperability in 2016. Their work is meant to move the U.S. healthcare system closer to being a “learning health system” which “flows seamlessly and is available to the right people, at the right place, at the right time to better inform decision-making to improve individual health, community health, and population health."

Their work will touch on privacy and security protections as well as patients and their right to access information. The agency additionally plans on clarifying misunderstandings that may exist around HIPAA’s privacy regulations — misunderstandings that providers often use as excuses to not share patient information with other healthcare organizations.

Barriers To Information Sharing

ONC is looking to direct particular focus to dismantling barriers to information sharing in 2016. According to Savage, they want to focus on moving people away from keeping information that they’re capable of sharing but, for whatever reason, are choosing not to — a practice known as information blocking.

Earlier this year, ONC highlighted the ways in which information blocking slowed the road to interoperability, and additionally suggested solutions including

  • proposing new certification requirements
  • proposing new transparency obligations for developers
  • partnering with the Centers for Medicare and Medicaid Services (CMS) to coordinate healthcare payment incentives around interoperability

ONC confirmed that it will be partnering with CMS to address public complaints about information being blocked, a topic ONC issued a report to Congress on in April of this year.

The agency also plans on focusing on privacy along-side the National Governors Association in order to tackle differences in state privacy laws as well as barriers to health information exchange.

Privacy And Patient Consent

Savage also promises that they will address giving patients the right to opt in or out of having some, or all of their data exchanged. This will include steps such as, for example, creating an architecture that documents patient choice around use of their data for research purposes.

In an audio interview available at Gov Info Security, Savage also covers topics including

  • How ONC’s interoperability roadmap intersects with and supports the Obama administration’s Precision Medicine Initiative.
  • Short- and longer-term privacy and security goals.

Desired progress in the broader implementation of more robust authentication methods and encryption.