HIE: Privacy & Security

This video from Oregon HISPC is pretty interesting:

HISPC Reports on State Law, Business Practices, and Policy Variations
Conducted during 2009 as part of the Health Information Security and Privacy Collaboration (HISPC), the following compendium of 5 reports detail variations in state law, business practices and policy related to privacy and security and the electronic exchange of health information. For quick reference, several reports contain aggregate findings tables in their appendices. Summaries of each report are below.

This report analyzes state laws that are intended to require health care providers (specifically, medical doctors and hospitals) to afford individuals access to their own health information and to identify potential barriers to the electronic exchange of health information. Specific state law provisions examined: scope of medical records to which patients are afforded access, format of information furnished, deadlines for responding to requests, fees for furnishing copies, record retention laws and access to records of minors.

This report identifies and analyzes the impact and variation of state laws related to e-prescribing. The report addresses state laws related to the e-prescribing of controlled and non-controlled substances as well as topics such as record keeping and content requirements, out-of-state prescriptions, and generic substitution laws.

  • Perspectives on Patient Matching: Approaches, Findings, and Challenges [PDF - 629 KB]
    This report analyzes various approaches to matching patients to their health information in the context of electronic health information exchange. Current and potential methods for matching patients to their health records are discussed, challenges to performing patient matching such as scalability and ease of use are analyzed, and the types of information some HIOs use to match patients to their health records is described.