HIE Security Guidelines in the Works
Comments on HITRUST's HIE Proposals Due Oct. 31HITRUST offers the Common Security Framework, a free guide to implementing security controls to comply with various regulations. It's proposing to add HIE-related details to the framework as well as create a security assurance program for HIEs, offering compliance assessments.
HITRUST is seeking feedback by Oct. 31 on the proposals developed by its HIE Working Group. "The objective is to provide leading guidance to the industry on acceptable controls to manage the confidentiality, integrity and availability of protected health information with HIEs and connecting organizations," according to HITRUST. For example, the working group proposes guidelines for access controls.
HITRUST hopes to "provide relevant guidance to the HIE community to ensure information security is a core pillar of HIE and connecting organization operations, and that it is adopted through a common approach."