D.C. Report: Tiger Team Approves Privacy and Security Recommendations

Privacy and Security Recommendations Approved by Committee. The CHIME HIT Policy Committee’s Privacy and Security ‘Tiger Team’ presented its recommendations for electronic data exchange at the August 19 meeting. Among recommendations the work group called for transparency in healthcare delivery, so patients can make informed decisions about disclosing their personal health information. Trust was identified as the key to better relationships between consumers and providers, as well as for successful and secure information exchange. Providers must obtain patient consent before exchanging data with other clinicians, lab testing, or HIE networks. However, the team also recommended that providers have the responsibility of maintaining EHRs and “direct exchange” between two providers should not require patient consent. These recommendations, which are in a 19-page document produced by the Tiger Team, are based on the universal set of privacy guidelines called “fair information practices.”

Before voting on the recommendations, committee members raised a number of questions, including the requirement that healthcare providers offer alternative data exchange models for patient who opt out of a multi-point health data exchange network. There was concern this requirement would place an undue burden on providers. Other perspectives put the responsibility on the health data exchanges for establishing processes to transmit data without storing the information. The committee-approved recommendations must now be submitted to the ONC for final approval.