What ONC activities are targeted to assure sufficient security capabilities in HIE?

ONC federal advisory committees have been active in collecting information, deliberating on key issues, and making recommendations to the National Coordinator on measures related to security of health information exchange. In addition to the activities of the Health Information Technology Policy Committee (HITPC), the Health Information Technology Standards Committee held hearings to better understand security priorities, the effectiveness of security procedures, and vulnerabilities. ONC also embarked on a multi-phase cybersecurity program that includes an assessment of HIT risks and threats and the development of a multi-pronged approach to combating them. ONC also is collaborating with the President’s cybersecurity initiative along with other federal partners to solicit input from the best security minds in the government on security best practices and standards. Meaningful use requirements for Medicare and Medicaid incentive payments include measures to protect security and privacy, and ONC’s interim final rule certification standards for EHRs includes the technical capabilities required to assure that information is adequately protected.