Monday, March 28, 2011

ONC Issues Five-Year HIT Strategic Plan

Breaking News, March 25, 2011

The Office of the National Coordinator for Health Information Technology has released the Federal Health IT Strategic Plan for 2011-2015 and will accept public comment through April 22. The plan is available here.

The strategy is designed to build on the initiatives of the HITECH Act now underway, including the electronic health records meaningful use program, substantial federal support for health information exchanges, and stronger privacy and security protections. The strategy outlines five specific goals, which in many respects are the overall goals of HITECH, to reach during the next half-decade:

GOAL 1: Achieve adoption and information exchange through meaningful use of health I.T.;
GOAL 2: Improve care and population health, and reduce health care costs through use of health I.T.;
GOAL 3: Inspire confidence and trust in health I.T.;
GOAL 4: Empower individuals with health I.T. to improve their health and the health care system; and
GOAL 5: Achieve rapid learning and technological achievement.

Much of the strategic plan, however, breaks little new ground, particularly in the area of privacy and security. Strategies for Goal 3 to inspire confidence and trust in health I.T., for instance, include the crafting of long-overdue final privacy, security, breach notification and final rules that were to accompany the EHR meaningful use program that started in January, not follow it.

The plan reiterates that ONC will issue regulations to establish a governance mechanism for a nationwide health information network and will include "elements" of privacy and security. It acknowledges the ongoing work of the HIT Policy Committee to study the degree to which individuals may choose to participate in electronic health information exchange.

The plan mentions the ability of the Direct Project interoperability initiative to exchange encrypted information, and notes that certified EHRs must be capable of encrypting data. But there is no mention of requiring encryption of protected health information during the next five years.

Newer strategic initiatives to inspire confidence and trust in health I.T. include:

* Identifying system vulnerabilities and developing solutions,
* Identifying and disseminating privacy and security best practices,
* Increasing transparency of privacy and security issues, and
* Monitoring patient safety issues related to health I.T. and address concerns.

"While developing an updated overall approach to health I.T. safety, HHS agencies are monitoring patient safety issues and addressing immediate concerns," the plan states. "ONC is exploring mechanisms to improve data integrity, including an assessment of existing and emerging technologies that may allow for automated resolution of inaccurate or questionable data in EHRs and PHRs."

--Joseph Goedert

No comments:

Post a Comment