Why HHS Needs a Privacy Leader and a Cybersecurity Leader

By Nam Nguyen and Sayee Balaji Chandrasekaran, Chair and Vice Chair, EHRA Privacy & Security Workgroup

_Security and Privacy are not the same. A Security leader_s primary concern is protecting and securing data. A Privacy leader_s primary concern is who can access certain data and wha Cyber-threats are all over the news, including attempts to hack elections, steal corporate trade secrets, and hold medical records for ransom. Phishing is rampant, and is the way most hackers ultimately get into secure systems. The U.S. government has, of course, taken notice, and is taking action on several fronts.

One of those fronts is healthcare, with the release by HHS of the Health Care Industry Cybersecurity Task Force’s “Report on Improving Cybersecurity in the Health Care Industry,” which was delivered to Congress in June 2017. The task force wrote, “Our nation must find a way to prevent our patients from being forced to choose between connectivity and security.”

EHRA welcomes this report, which we view as a path forward for increasing security in the healthcare sector. The report directly aligns with two of EHRA’s privacy and security positions: Read the full post »

Leave a comment

by EHRA on April 5, 2018 • Permalink

Posted in Privacy and Security, Public Policy and Health IT

Posted by EHRA on April 5, 2018

https://ehrablog.org/2018/04/05/why-hhs-needs-a-privacy-leader-and-a-cybersecurity-leader/

HIMSS18: Listening, Learning, Leading

EHRA member companies were out in force at HIMSS18 in Las Vegas, and not just in booths on the exhibit floor.

In a small conference room on the 4th floor of the Sands Convention Center, EHRA volunteer executives were meeting with stakeholder groups to discuss how EHRs can be optimized to improve usability, interoperability, and patient safety. We listened, we asked questions, and we shared our perspectives on the challenges and what the next steps could be.

Read the full post »

Leave a comment

by EHRA on March 29, 2018 • Permalink

Posted in Health IT Regulation, Interoperability, Usability and Clinician Experience, Value of HIT

Posted by EHRA on March 29, 2018

https://ehrablog.org/2018/03/29/himss18-listening-learning-leading/

Draft TEFCA Needs A Lot More Work

TEFCA Since the release of the Draft Trusted Exchange Framework and Common Agreement (TEFCA) on January 5th, EHRA volunteers from the Standards and Interoperability, Privacy and Security, and Public Policy Leadership Workgroups have been reviewing and discussing the document. Together, they drafted EHRA’s comments, which were submitted this week to the Office of the National Coordinator for Health IT (ONC).

As EHR developers, we support the goal to provide nationwide interoperability using networks as important building blocks, and believe TEFCA has the potential to dramatically improve interoperability.

However, the draft TEFCA overreaches, neglects important details, and doesn’t consider the practicality or potential unintended consequences of the policy. We strongly recommend that ONC review stakeholder feedback and publish a revised proposed draft for another round of feedback, before finalizing the policy.

Read the full post »

Leave a comment

by EHRA on February 26, 2018 • Permalink

Posted in Health IT Regulation, Interoperability, Public Policy and Health IT

Posted by EHRA on February 26, 2018

https://ehrablog.org/2018/02/26/draft-tefca-needs-a-lot-more-work/

Reflections on EHRA, Past and Future

By Mark Segal, PhD, FHIMSS

Mark Segal welcomed ‘retirement’ by exploring Morocco with his son.

Late in 2017, I left GE Healthcare via an early “retirement” opportunity. Retirement is in quotes but that is a story for another day; suffice it to say that I intend to remain active in the digital health policy world.

One of the biggest changes with my departure from GE is that I also left the EHRA Executive Committee, on which I had served in both elected and ex officio capacity for years. This was a double whammy of many fewer conference calls per day.

My involvement with EHRA, wearing many hats, has been one of the most important and satisfying aspects of my professional life. Read the full post »

Leave a comment

by EHRA on January 15, 2018 • Permalink

Posted in Case Studies and Personal Stories, Public Policy and Health IT

Posted by EHRA on January 15, 2018

https://ehrablog.org/2018/01/15/reflections-on-ehra-past-and-future/

Don’t Create a Certification Ceiling

By Sasha TerMaat

Certification blog quote At the end of November 2017, JAMIA published the article, “Are all certified EHRs created equal? Assessing the relationship between EHR vendor and hospital meaningful use performance.” The authors, A Jay Holmgren, Julia Adler-Milstein, and Jeffrey McCullough, performed a statistical analysis of publicly available data sets on Meaningful Use EHR Incentive Program performance, stratifying based on the developer of the EHR product used by the Meaningful Use participant.

It’s wonderful to see the data sets published by CMS and ONC used for insightful research. I know from personal experience doing data analysis of CMS and ONC published data sets that a lot of effort goes into data normalization, and the authors took a thoughtful and careful approach.

However, I was surprised by the authors’ conclusions and policy recommendations at the close of the article. Having found EHR developer-correlated variability in performance on certain activities measured in the Meaningful Use incentive program, the authors state that is undesirable, and write recommendations to standardize. The authors say, “Our results suggest that policy-makers should pursue modifications to the EHR certification process to decrease such variation across EHR vendors and improve EHR systems.” Read the full post »

Leave a comment

by EHRA on January 3, 2018 • Permalink

Posted in Certification, Health IT Regulation, Health IT Standards

Posted by EHRA on January 3, 2018

https://ehrablog.org/2018/01/03/dont-create-a-certification-ceiling/

FDA Health IT Guidance Is A Good Start, But More Clarity Is Needed

By Shari Medina, MD

This month, the FDA issued long-awaited guidelines on the agency’s implementation of the 21st Century Cures Act in regards to Clinical Decision Support and the FDA’s intent to exercise enforcement discretion for many types of patient-facing software, mobile applications, and software which have not obtained ONC certification.
Read the full post »

Leave a comment

by EHRA on December 19, 2017 • Permalink

Posted in Health IT Regulation, Patient Safety and Health IT, Public Policy and Health IT

Posted by EHRA on December 19, 2017

https://ehrablog.org/2017/12/19/fda-health-it-guidance-is-a-good-start-but-more-clarity-is-needed/

Search the EHRA blog

Search for:
Follow the EHRA Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 96 other followers
Follow EHRA on Twitter
My Tweets
Categories
- Case Studies and Personal Stories (4)
- Certification (4)
- Delivery System Reform (5)
- Electronic Clinical Quality Management (1)
- General (4)
- Health IT Regulation (14)
- Health IT Standards (2)
- Innovation (1)
- Interoperability (10)
- Meaningful Use (4)
- Partner Sites (1)
- Patient Safety and Health IT (6)
- Privacy and Security (2)
- Public Policy and Health IT (19)
- Uncategorized (6)
- Usability and Clinician Experience (11)
- Value of HIT (2)
Contact Us
Sarah Willis-Garcia
EHRA Program Manager
swillis@himss.org
312-915-9518

Elinore Boeke
Communications and Media
elinore @ kecommunications.net

EHRA Blog

Why HHS Needs a Privacy Leader and a Cybersecurity Leader

HIMSS18: Listening, Learning, Leading

Draft TEFCA Needs A Lot More Work

Reflections on EHRA, Past and Future

Don’t Create a Certification Ceiling

FDA Health IT Guidance Is A Good Start, But More Clarity Is Needed

Search the EHRA blog

Follow the EHRA Blog via Email

Follow EHRA on Twitter

Categories

Contact Us