Security Architecture Design Process for Health Information Exchanges (HIEs)

    Security Architecture Design Process for Health Information Exchanges (HIEs)

    Electronic Health Care records offer enormous efficiencies, but passing such sensitive information between organizations creates challenges. This guide provides a framework for securing health care info exchanges.

    Protecting electronic patient health information is crucial to developing systems
    and structures that support the exchange of that information among healthcare
    providers, payers, and consumers using Health Information Exchanges (HIEs). As noted in
    the Summary of the Nationwide Health Information Network (NHIN) report from the Office
    of the National Coordinator, “An important core competency of the HIE is to maintain a
    trusting and supportive relationship with the organizations that provide data to, and
    retrieve data from, one another through the HIE. The trust requirement is met through a
    combination of legal agreements, advocacy, and technology for ensuring meaningful
    information interchange in a way that has appropriate protections.”

    The purpose of this publication is to provide a systematic approach to designing
    technical security architecture for the exchange of health information that leverages
    common government and commercial practices and that demonstrates how these practices
    can be applied to the development of HIEs. This publication assists organizations in
    ensuring that data protection is adequately addressed throughout the system development
    life cycle, and that these data protection mechanisms are applied when the organization
    develops technologies that enable the exchange of health information.

    The attached Zip file includes:

    • Intro Page.doc
    • Cover Sheet and Terms.doc
    • Security Architecture Design Process for Health Information Exchanges

    Latest Articles