Security and privacy laws — and patients — hold sway over NHIN
Patients get the last word on whether network uses their records
The Nationwide Health Information Network is in limited production, allowing a small but growing group of organizations to securely exchange electronic health records. Participants include the Social Security Administration, the Defense and Veterans Affairs departments, MedVirginia, and Kaiser Permanente.
The core capabilities of NHIN enable users to:
- Search and retrieve health information and securely exchange it.
- Apply consumer preferences for sharing information.
- Use NHIN for other business operations, as authorized by the consumer.
Although the network is intended to widely enable the exchange of electronic health information among providers, insurers and other organizations, patients have the last word on whether and how NHIN is used. The specifications include a consumer preference profile that specifies whether information can be shared via NHIN and what access to the records is allowed. A policy engine, which is part of the gateway software that connects organizations to NHIN, enforces those preferences.
Health network is ready -- and waiting for your records
Agencies using the system must adhere to the Federal Information Security Management Act and Health Insurance Portability and Accountability Act. The network is expected to be expanded from its limited environment during the next 12 to 18 months, and nonfederal organizations can participate in the exchange only through a federally sponsored contract with a participating agency.
In February, SSA, which has been using NHIN on a limited basis for more than a year, announced that 15 health care providers and networks have received $17.4 million in NHIN contract awards through the American Recovery and Reinvestment Act.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.