What are the roles of the HITPC and HITSC in privacy and security?

HITECH (Section 13101) required the establishment of a Health Information Technology Policy Committee (HITPC) to make recommendations on the policies needed to enable the electronic exchange and use of health information. The HITPC recently formed a privacy and security work group (called a “Tiger Team”) with strong consumer representation to make recommendations on patient choice in health information exchange; consumer access to their health information; personal health records; segmentation of health information; and transparency about information sharing practices. The Health Information Technology Standards Committee (HITSC) deliberates on the technical HIT standards required for electronic exchange. HITSC held hearings to better understand security priorities, the effectiveness of security procedures, vulnerabilities, and is currently soliciting information related to data segmentation and privacy. The Committees submit their recommendations to the National Coordinator. The National Coordinator evaluates the Committees’ recommendations and advises the Secretary of Health and Human Services.