The federally funded Healthcare Information Technology Standards Panel, which is seeking to harmonize healthcare IT standards, received an update from its security and privacy work group Monday at the close of a daylong meeting in Washington.
Jonathan Coleman of Security Risk Solutions, the facilitator for the HITSP security and privacy work group, said its members have compiled a list of possible privacy requirements to match three "use cases" chosen by HHS and approved by the American Health Information Community, a public-private advisory panel set up by HHS Secretary Mike Leavitt in 2005.
The privacy requirements will be posted in the work group's folder in the HITSP "members only" section of the American National Standards Institute Web site, but will not be made available to the public as they are working drafts, according to an e-mail from Michelle Maas Deane, HITSP secretariat at ANSI. Once they are approved and agreed on, they will be posted publicly as all HITSP documents are, Deane said.
The next step, Coleman said, will be for work group members to select those standards most appropriate to carry out the tasks of the use cases and prepare a "requirements, standards selection and design document" by April 12. A public comment period will be open on the selections from April 13 through May 3.
The goal of the work group is to advise the HITSP on ways to harmonize data transmission with "relevant security and privacy standards, including the HIPAA (Health Insurance Portability and Accountability Act) security and privacy rules and basic consents, where appropriate," according to an overview document presented during the meeting.