• Report

Health information security and privacy collaboration: Action and implementation manual

Citation

Dimitropoulos, L. (2009). Health information security and privacy collaboration: Action and implementation manual. (Contract No. HHSP 233-200804100EC). Washington, DC: Office of Policy and Research, Office of the National Coordinator for Health IT.

Abstract

Between April 2008 and April 2009, the Health Information Security and Privacy Collabo-ration (HISPC) completed its third phase to develop state-level solutions to the privacy and security challenges presented by electronic health information exchange. The third phase focused on multistate collaboration, which resulted in the formation of seven mul-tistate privacy and security teams focused on developing tools and strategies to educate and engage consumers; developing a toolkit to educate providers; developing tools to help harmonize state privacy laws; studying intrastate and interstate consent policies; analyzing consent data elements in state law; developing interorganizational agreements; and rec-ommending basic security policy requirements. Each multistate collaborative was charged with developing common, replicable solutions that have the potential to reduce variation in and harmonize privacy and security practices, policies, and laws.