A series of reports issued by the Agency for Healthcare Research and Quality scrutinized proposed plans by 33 states to ensure safe, secure electronic health information exchanges. Among the results is a call for more research to address what AHRQ called misinterpretations of meanings, and variations in federal and state privacy laws.
State project teams created for the Privacy and Security Solutions for Interoperable Health Information Exchange study assessed 10 major areas with issues that they found to have "broad implications" for secure health information exchange, according to the reports summary. Facilities have different interpretations and applications of the Health Insurance Portability and Accountability Act of 1996 requirements. Security is an issue because organizations have their own authorization protocols or varying technology systems that are not compatible with other organizations. In addition, there is no standard method that ensures accuracy of gathering information from multiple sources.
While all states follow a standard core methodology, the variations in their health information technology adoption, market forces, regulatory practices and financial status led to each state customizing those dimensions to fit its needs. AHRQ recommends that the states develop efficient practices of reducing those variations as they move forward with their proposed plans so health information can flow more easily within and across state lines.
"These reports address one of the greatest concerns that Americans have about health information technology: Will their personal data be safe?" said Carolyn Clancy, AHRQ director, in a statement. "This work presents information on how to develop privacy and security solutions that allow for the exchange of information safely and securely."