privacy and security of personal health information. The rules that emerged from the HIPAA regulations require that all health care providers, clearing-houses, and health plans implement these standards by the compliance date specified for each. The Administrative Simplification provisions identified data exchange standards and code sets for representing the information; compliance was required by October 16, 2003 (with the option of filing for a 1-year extension). The privacy rules establish the minimum standards required for the protection of information within an organization and among business associates, as well as stipulations for obtaining authorization for disclosure and de-identification of information. Compliance was required by April 14, 2003. The security standards govern the administrative procedures, physical safeguards, and technical security services and mechanisms for ensuring data protection using all media and for storing, maintaining, and exchanging information. These rules were just completed, and compliance is required by April 21, 2005.

Data Standards for Connectivity

In 2002, the Consolidated Health Informatics (CHI) initiative was established as part of the Office of Management and Budget’s eGOV efforts to streamline and consolidate government programs among like sectors (OMB, 2000). The CHI, with input from the National Center on Vital and Health Statistics and various private-sector standards-setting bodies, identifies data standards for government-wide adoption. Acting on advice from CHI, in June 2003 the Secretary of DHHS assumed a lead role in the promulgation of data standards for key areas, including reporting of laboratory results, digital radiology reporting, medical device communications, pharmacy communications, and clinical data communications. A great deal of standards-setting work remains to be done, and a recent IOM report provides a roadmap for additional progress in this area (IOM, 2003d). Designation of the National Center on Vital and Health Statistics as the preeminent health information policy advisory group of the federal government, the development of its vision statement for the NHII, the CHI collaboration, and the recent promulgation of some data standards have established a policy process and generated a widespread expectation that the federal government will continue to address this important issue in a thoughtful, coordinated, and strategic manner.

The National Academies of Sciences, Engineering, and Medicine
500 Fifth St. N.W. | Washington, D.C. 20001

Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement