The Department of Health and Human Services (HHS) recently shared its draft Federal Health IT Strategy for 2020-2025, developed in partnership with the Office of the National Coordinator for Health Information Technology (ONC).
Privacy and security are the main focus of the plan, along with a need to establish API standards. Championing patient empowerment, high-quality patient care, and improved health outcomes through secure health IT infrastructure are the plan’s prime objectives.
Emphasizing patient-centered care that values privacy
The plan highlights the federal government’s goals and strategies for patient empowerment, high-quality patient care, and health IT security through the lens of four key objectives:
- Promote health and wellness
- Enhance the care delivery experience
- Fuel innovation and research by building a secure data-driven ecosystem
- Connect care and health data through a unified health IT framework
A secure data sharing infrastructure centered around privacy and security can help support research, clinical decision making, population health management, and patient access to personal health and cost data.
Integrating cybersecurity into health IT
Standards-based APIs will be depended on to accomplish the plan’s objectives, which as many industry groups have pointed out, include a variety of privacy and security challenges.
ONC asserts privacy and security must be integrated into the design and use of health IT to protect health information and privacy. So, security mechanisms such as using encryption with APIs, and other technologies like two-factor authentication will play an important part in ensuring patient privacy.
The plan also intends to help patients make more informed decisions about how their data is used. Technical assistance will be provided around health information exchange policies and regulations.
Cybersecurity risks and best practices are still often misunderstood by healthcare organizations. Especially as healthcare moves towards the cloud, the report emphasizes that data security is imperative as interoperability increases across the industry.
According to the report, “ONC collaborated with over 25 federal organizations involved in health IT in developing the plan for public comment. ONC conducted research and considered recommendations from its Health IT Advisory Committee.”
Feedback is invited from industry stakeholders until March 18. After this time, ONC and its other federal partners will review the comments and include the analysis in the final published strategy.
Additional Reading: HIPAA Compliant Email: The Definitive Guide