The Office of
the National Coordinator (ONC) for Health IT’s privacy and security priorities
recently released a list of their priorities for fiscal year 2014 starting on
October 1, 2013.
For those
wondering, the ONC is a division of the Department of Health and Human Services
and is headed by Farzad Mostashari, MD.
ONC duties include:
1.
Administer
programs to guide healthcare providers as they “meaningfully use” certified
electronic health record (HER) technology under the HITECH ActEHR incentive
program.
2.
Development
of standards and technologies that will facilitate interoperability and secure
health information exchange (HIE).
The ONC’s 2014
agenda includes:
1.
Identify
and address cybersecurity threats
2.
Provide
technical assistance in:
A.
Security
program management.
B.
Risk
management
C.
Access
management
D.
Integrity
management
E.
Audit
management
F.
Incident
management
G.
Continuity
management
H.
Chains
of trust controls
I.
Workforce
management
J.
Media
management.
3.
Work
with National Institute of Technology (NIST) and others to develop frameworks
that provide a foundation for patient and provider
identity management, which will ensure clinical information is associated
with the correct patient and/or provider.
4.
Continue
to further privacy and security in future stages of the HITECH Act.
Has the ONC
chosen the right privacy and security and priorities?
I believe they
have chosen the appropriate priorities for security management. My suggestion would be for the ONC to also
concentrate on interoperability issues.
The number of proprietary systems in existence creates significant
challenges for organizations attempting to comply with “meaningful use”
initiatives. Furthermore, critical
access hospitals are struggling with just meeting mandated milestones, thus
leaving security initiatives as a last priority.
Article
Referenced:
Kolbasuk McGee,
Marianne. ONC’s New Privacy, Security
Priorities: Office of the National Coordinator for Health IT Outlines
Goals. Safe and Sound. Found on
July 5, 2013. Retrieved from
No comments:
Post a Comment