Safe & Sound with Marianne Kolbasuk McGee

ONC's New Privacy, Security Priorities

Office of the National Coordinator for Health IT Outlines Goals
ONC's New Privacy, Security Priorities

Want to know what the Office of the National Coordinator for Health IT's privacy and security priorities are for the coming year? Then check out its new report to Congress.

See Also: ISO/IEC 27001: The Cybersecurity Swiss Army Knife for Info Guardians

The report provides updates on ONC's activities and the adoption of health IT from Jan. 1, 2012, to April 30, 2013. It also offers a glimpse of what's on its privacy and security agenda for the year ahead.

We'd like to know what you think of the list of priorities, so let us know by commenting in the box below.

The ONC, a unit of the Department of Health and Human Services headed by Farzad Mostashari, M.D., administers programs to guide healthcare providers as they "meaningfully use" certified electronic health record technology under the HITECH ActEHR incentive program. ONC also works with the health IT community to develop standards and technologies that facilitate interoperability and secure health information exchange.

In fiscal 2014, which starts on Oct. 1, ONC says it will address a number of key issues. For example, it will:

  • Identify and address cybersecurity threats;
  • Provide technical assistance in such areas as security program management, risk management, access management, integrity management, audit management, incident management, continuity management, chains of trust controls, workforce management and media management;
  • Work with the National Institute of Standards and Technology and other partners to assure that correct clinical information is associated with the correct patients and/or providers by supporting innovative frameworks that can provide a foundation for identity management;
  • Continue to incorporate policy components that further privacy and security in future stages of the HITECH Act electronic health record incentive program; and
  • Continue work on patient and provider identity management.

The report, Update on the Adoption of Health Information Technology and Related Efforts to Facilitate the Electronic Use and Exchange of Health Information, also spotlights the projects of ONC's Office of the Chief Privacy Officer during 2012, including:

  • Working with federal policymakers to assure that patient EHR data is protected and secure while supporting the right that individuals have under the HIPAA Privacy Rule to review and obtain a copy of their health information in electronic form;
  • Supporting the Data Segmentation for Privacy Initiative, which, through collaboration among federal and industry partners, identifies innovative ways of protecting the privacy of health information;
  • Launching an educational initiative and resource center on how to protect and secure health information when using a mobile device;
  • Conducting an e-consent pilot project to evaluate ways to inform individuals of their options with respect to the sharing of their electronic health information.

So do you think the agency has selected the right privacy and security priorities for next year? And what do you think of its track record so far? We invite you to share your thoughts with us in our discussion group below.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.