November HIT Standards Committee

The Standards Committee met on November 19th this month. All the meeting materials and presentations can be found on the committee’s web page. This month’s meeting combined an update on the Implementation workgroup and a public hearing on Security issues. There is much to be completed to meet the HITECH mandates by the end of the year.

Aneesh Chopra and his Implementation Workgroup presented recommendations from the Adoption Experience Hearing, discussed comments from the FAC Blog, revealed conclusions. John Halamka presented the closing observations. The top ten recommendations compiled from the hearing were:

  1. Keep it simple
  2. Don’t let “perfect” be the enemy of “good enough”
  3. Keep the implementation cost as low as possible
  4. Design for the little guy
  5. Do not try to create a one-size-fits-all standard
  6. Separate content and transmission standards
  7. Create publicly available vocabularies and code sets
  8. Leverage the web for transport – “health internet”
  9. Position quality measures so they motivate standards adoption
  10. Support implementers

Read Chopra’s reflections on progress and what is to come in his FAC blog post.

Dixie Baker and her Privacy & Security Workgroup held a public hearing on security issues. The hearing highlighted four panels of domain experts and health practitioners on potential issues, challenges, threats and solutions on securing health information. The testimonies and discussions will be used as input to the workgroup’s recommendations for 2013 and beyond.

The four panels presented and led discussions on the areas of identified challenges. The Systems Stability and Reliability panel covered the challenges related to maintaining the stability and reliability of EHRs in the face of natural and technological threats. Aneesh Chopra moderated the Cybersecurity panel taking on the challenges related to maintaining the trustworthiness of EHRs and HIEs in the face of cyber threats such as denial of service attacks, malicious software, and failures of internet infrastructure. A third panel discussed the challenges involving accidental loss of data, data theft, extortion and sabotage, including criminal activities and other related areas. The final group, moderated by Steve Findlay, tackled the issues and challenges related to building and maintaining trust in the health IT ecosystem, and the impacts that real and perceived security weaknesses and failures exert on health organization, individual providers, and consumers. Read the presenters biographical sketches.

For more on this meeting, check out Dr. Halamka’s blog post. And for a rough draft transcript, as always you can find one on Brian Ahier’s blog, Health It & Healthcare Reform. The next meeting will be December 18, 2009