1 / 45

HIT Policy Committee

HIT Policy Committee. Nationwide Health Information Network Governance Workgroup Appendix : Supporting Details to Recommendations Presented to the HITPC on 12/13/10 Draft 12/10/10 v5. Pre-Decisional Draft. Appendix: Table of Contents.

shen
Download Presentation

HIT Policy Committee

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HIT Policy Committee Nationwide Health Information Network Governance Workgroup Appendix: Supporting Details to Recommendations Presented to the HITPC on 12/13/10 Draft 12/10/10 v5 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 Pre-Decisional Draft

  2. Appendix: Table of Contents Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Governance principles and functions • NW-HIN as preferred approach • Federal, ONC and shared responsibilities • Conditions of Trust and Interoperability • Validation • Public comments

  3. Recommendations to the HITPC 10/20/10 1. GOVERNANCE PRINCIPLES AND FUNCTIONS

  4. NW-HIN Governance Principles (1) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 1. Transparency and openness • Maximize to extent possible in developing governance; in the structures, standards, services and policies, including privacy protections themselves; in information sharing, oversight, enforcement and accountability. • Support engagement of the general public and those exchanging information. 2. Inclusive participation and adequate representation • Explicit preference for inclusion of diverse stakeholders over exclusion. • Permit and encourage robust participation in governanceby diverse stakeholders, including consumers. If necessary for scalability, support representative models.

  5. NW-HIN Governance Principles (2) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 3. Effectiveness and efficiency • Form should follow function. Functions should be conducted with goal of maximizing efficiency and effectiveness. • Responsiveness and minimization. 4. Accountability • Participating stakeholders and governance mechanisms should be accountable and, as part of the national health agenda, be understood to have some responsibility to the nation at large.

  6. NW-HIN Governance Principles (3) 1 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 5. Federated governance and devolution • Multiple functions may be distributed across multiple entities, with national-level coordination. • Decisions should be made by those closest to the issue and with the greatest stake in successful resolution and NW-HIN goals. • Federal government should perform those functions that require centralized governmental control, particularly in areas essential to maintaining public trust and assuring the NW-HIN meets stated national HIT goals.

  7. NW-HIN Governance Principles (4) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 6. Clarity of mission and consistency of actions • Rights, responsibilities and obligations should be well-documented and clear to all stakeholders. Consistency in decision-making is helpful for stakeholder planning, but should not be an obstacle to innovation or improvement. 7. Fairness and due process • Governance must be fair to those that participate or are affected by governance decisions. Governance processes should include due process to assure fairness and responsiveness.

  8. NW-HIN Governance Principles (5) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 8. Promote and support innovation • Governance should be consistent with creating conditions for innovation, and focus on those issues that require uniform treatment. Administrative burdens should be minimized and voluntary agreements, in principle, preferred. • Degree of uniformity in policies and standards should reflect the needs for that particular issue and consider where necessary to enable and not inhibit innovation. Technical standards should not set policy, but support and be in service to policy goals. 9. Evaluation, learning and continuous improvement • Governance should be evaluated based upon appropriate performance and effectiveness measures, with ongoing evaluation and adaptations and improvements to meet evolving NW-HIN. • Given critical nature of healthcare and sensitivity of health information, particular attention should be paid to issues implication safety.

  9. NW-HIN Governance Objectives and Functions 9 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10

  10. Establish policies and practices for NW-HIN 10 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • There should be a uniform set of NW-HIN policies and practices that are followed as a condition of exchanging health information through the NW-HIN and that should be reflected in technical design. • Privacy, security, interoperability, eligibility criteria, compliance expectations and jurisdiction. • There should be mechanisms to: • Address gaps in policies and practices • Coordinate to assure policies and technical requirements are consistent. • Necessary to assure that sufficient privacy protections and safeguards are in place to facilitate and promote nationwide exchange, interoperability and to remove barriers to nationwide exchange of health information

  11. Establish technical requirements 11 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Adopt technical requirements for the NW-HIN through a recognized process that coordinates and harmonizes standards and that provides for stakeholder input, including consumers. • There should be mechanisms to address: • Transition processes as technical requirements change. • Authorization of technical resources for use in NW-HIN (e.g. provider directories, certificate authority, registries.) • Necessary to assure that technical requirements are established to accomplish interoperability and policy objectives for trust, including a defined security level of assurance.

  12. Compliance, accountability and enforcement 12 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Assure that eligibility criteria are satisfied and that compliance with conditions for trust and interoperability are met, as well as clear accountability and appropriate enforcement. • Establish and conduct validation to determine eligibility and verify compliance with policy and technical requirements as a condition of exchanging information through the NW-HIN. • Determine consequences of non-compliance with policies, practices and technical requirements. • Provide a mechanism to address disputes, concerns or complaints, taking into account measures provided for under existing law. • Determine how mechanisms for redress, remedies and sanctions would be applied. • Consider need for coordinated investigation, enforcement and breach notification.

  13. Oversight of the governance mechanisms 13 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Oversight is necessary to assure governance objectives are met and are effective and able to adapt over time. • Track or measure certain issues or activities in support of overseeing the effectiveness and efficiency of NW-HIN governance. • Oversee ongoing compliance. • Conduct ongoing assessments of risks and benefits for the NW-HIN governance, including prevention of harm. • Periodically evaluate the performance of the overall governance mechanisms and incorporate the findings into continuous improvement. • Resolve disputes regarding decision rights among federated governance functions.

  14. 2. NW-HIN AS PREFERRED APPROACH

  15. Nationwide Health Information Network ONC Definition: A set of policies, standardsand services that enable the Internet to be used for secure and meaningful exchange of health information to improve health and health care. Private and secure health information exchange enables information to follow the patient when and where it is needed for better care. The Federal government is working to enable a wide range of innovative and complementary approaches that will allow secure and meaningful exchange within and across states, but all of our efforts must be grounded in a common foundation of standards, technical specifications, and policies. Our efforts must also encourage trust among participants and provide assurance to consumers about the security and privacy of their information. This foundation is the essence of the nationwide health information network. David Blumenthal, May 14, 2010 15 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10

  16. Workgroup Consideration of NW-HIN for Governance (1) 16 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • What is NW-HIN? • An environment of trust and interoperability created by NW-HIN standards, services and policies, and • A preferred approach for exchange of health information nationwide supported by the federal government, with strong incentives to vigorously promote adoption. • When is exchange considered NW-HIN and subject to NW-HIN governance? • When that exchange complies with applicable NW-HIN standards, services and policies (i.e. NW-HIN conditions of trust and interoperability (COTIs); and • When those exchanging health information assert they are doing so under the auspices of NW-HIN. • When is exchange not considered NW-HIN and, therefore, not subject to NW-HIN governance? • When not asserted to be NW-HIN compliant. • If there is only compliance with a portion of the applicable NW-HIN requirements (e.g. exchange complies with NW-HIN technical requirements, but not NW-HIN policies, or vice versa)

  17. Workgroup Consideration of NW-HIN for Governance (2) 17 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Who is part of NW-HIN? • Any entity, large or small, or aggregation of entities, large or small, that engages in the exchange of health information, asserts itself as being NW-HIN compliant and is recognized to have met NW-HIN conditions of trust and interoperability (COTIs). • Why would entities want to be part of NW-HIN? • Entities will be more willing and able to exchange with unfamiliar partners who are recognized as meeting NW-HIN COTIs. • Provides a benchmark for entities who wish to qualify for Federal contracts, exchange with federal entities, and be eligible for other federally-supported incentives. • Entities may believe that they would be advantaged competitively in the marketplace if they meet widely recognized conditions of trust and interoperability.

  18. 3. FEDERAL, ONC AND SHARED RESPONSIBILITIES

  19. Federal Leadership and Shared Responsibilities 19 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • For the NW-HIN to be successful and to ensure the public good, the federal government should: • Provide strong federal leadership, support and engagement in the NW-HIN environment and its governance. • Establish fundamental requirements for trust and interoperability. • Other entities should have specific appropriate roles with respect to NW-HIN governance. • Certain aspects of governance (e.g. accountability, enforcement, oversight) should apply across NW-HIN governance roles.

  20. Governance Framework Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • ONC should establish a national framework for governance of the NW-HIN that: • Assures trust and interoperability. • Reflects “governance of governances.” • Is based upon the nine sound governance principles. • Includes national-level coordination and oversight across a set of core functions. • Provides opportunities for broad stakeholder input, including consumers.

  21. Specific Federal Responsibilities Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • The federal government should: • Leverage existing governance and enforcement mechanisms as applicable. • Recognize existing state authorities across all relevant domains, facilitating coordination and harmonization with states and other entities as needed. • Federal agencies should: • Participate fully and directly in the NW-HIN, including in appropriate governance mechanisms. • Meet NW-HIN COTIs when exchanging in NW-HIN environment. • Condition federal information exchange upon compliance with NW-HIN requirements.

  22. ONC Responsibilities Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 ONC specifically should: • Facilitate coordination • Across federal activities /authorities, and identify needs to strengthen. • Identify incentives that vigorously promote use of the NW-HIN. • Optimize broad stakeholder input, including consumers. • Establish core NW-HIN elements • NW-HIN Conditions of Trust and Interoperability (COTIs). • Criteria and mechanisms to verify compliance with NW-HIN COTIs. • Oversee NW-HIN governance and assure accountability • Monitor and highlight innovation and address governance barriers. • Provide ongoing evaluation and continuous improvement.

  23. 4. CONDITIONS OF TRUST AND INTEROPERABILITY

  24. NW-HIN Conditions of Trust and Interoperability * The federal government should determine whether any factor should preclude an entity from eligibility, temporarily or permanently. Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • There should be a defined set of conditions of trust and interoperability established for the NW-HIN (NW-HIN COTIs): • Include policies, eligibility criteria* and technical requirements for the NW-HIN. • Engender trust, promote interoperability, address barriers to nationwide exchange while remaining technology agnostic. • NW-HIN COTIs should provide a baseline and address the need for variability: • Universally required NW-HIN COTIs should apply across all NW-HIN scenarios. • Other NW-HIN COTIs may be required in particular circumstances. • The Governance rule should establish an initial set of COTIs and processes for adding and modifying.

  25. NW-HIN COTI Considerations Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • How should NW-HIN COTIs be developed and maintained? • Should COTIs be established only through rulemaking? • Should categories of COTIs be established in the rule, with a federally-guided process for developing and approving them? • Should a non-governmental entity (e.g. similar to the role of SDOs in HIPAA) do some or all of the developmental work, following federally-set process requirements, and bring COTIs to ONC for approval? • How should final acceptance of the COTIs be addressed? • Through rulemaking? • Through an approval process established in the rule?

  26. NW-HIN COTI Process (1) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • When developing and maintaining NW-HIN COTIs, obtain input from a broad range of stakeholder communities, including consumers. • Establish COTIs through a multi-phased process. • NW-HIN COTIs that are available at the time of rulemaking should be adopted for the NW-HIN. • There should be a process for adding other NW-HIN COTIs. • There should be a process for maintaining NW-HIN COTIs, including those established in the rule itself and others adopted for the NW-HIN.

  27. NW-HIN COTI Process (2): Example Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Following is an example of a process in which NW-HIN COTIs could be initiated, developed, proposed, reviewed and approved through a combination of rulemaking and other processes: • Define categories of COTIs for which new/modified COTIs should be subject to rulemaking. • Work with other agencies having appropriate jurisdiction when modifications in those agencies’ rules are desired. • Specify which categories of NW-HIN COTIs should be subject to another process, including the criteria by which a candidate NW-HIN COTI would be evaluated. • Define a process by which proposed, new / modified conditions would be reviewed and included as part of NW-HIN COTIs by the federal government.

  28. 5. VALIDATION

  29. NW-HIN Validation* * Validation is used to generally refer to the process for verifying compliance. This could include a broad array of possible methods (e.g. self attestation, testing, certification of systems, accreditation of entities, etc.) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • NW-HIN COTIs are established to assure trust and interoperability. A mechanism should be established to verify that the conditions have been satisfied (i.e. “NW-HIN Validation”). • NW-HIN validation should: • Be required for exchanging in NW-HIN environment and asserting NW-HIN compliance. • Include appropriate validation processes and criteria, including process to address non-compliance. • Maintain appropriate balance between assuring that COTIs have been satisfied and cost and burden of validation.

  30. Scope of NW-HIN Validation Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • NW-HIN validation is a process to verify that NW-HIN COTIs have been satisfied. • NW-HIN validation should leverage existing validation methods, processes and entities where appropriate. • Validation facilitated by other entities (e.g. by states, other networks, etc.) may satisfy NW-HIN validation. • There may be different methods of validation depending upon the nature of the COTIs. For example: • Validation methods for trust and interoperability will likely differ and should be appropriate for the NW-HIN COTI. • Validation of systems to assess system conformance with NW-HIN technical requirements (e.g. testing, certification, etc.) • Validation that an entity meets NW-HIN requirements (e.g. self-attestation, legal agreements, accreditation, etc.) • There may be different methods of validation depending upon the level of certainty needed to assure that COTIs and other NW-HIN requirements are met.

  31. Example Interactions: NW-HIN Validation Establish mechanism to authorize NW-HIN validation body(ies) / equivalency Oversee NW-HIN validation efforts; serve as “court of appeals” Establish NW-HIN validation process and criteria Federal Feedback Loop Validation Body(ies) Oversee and enforce ongoing compliance Approve, deny or revoke compliance recognition Recognized as authorized NW-HIN validating body Appeal decision Validated Party Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10

  32. Example: Federal Responsibilities - Validation Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Federal responsibilities: • Establish and maintain validation criteria. • Assure the validation criteria reflect the COTIs. • Establish a mechanism to authorize NW-HIN validation body(ies) and a process by which existing and equivalent validations are recognized. • Maintain appropriate balance between assuring that COTIs have been satisfied and cost and burden of validation. • Coordinate and oversee NW-HIN validation body(ies) to assure NW-HIN goals and principles of NW governance are met. • Serve as “court of appeals” for decisions by validation body(ies) to approve, deny, revoke recognition of compliance

  33. Potential Responsibilities of NW-HIN Validation Body(ies) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 Apply established and applicable eligibility criteria to determine eligibility. Verify that practices are consistent with applicable NW-HIN policies. Verify that systems used to exchange through the NW-HIN environment meet NW-HIN COTIs, including technical requirements. Issue validation decision to approve, deny, revoke NW-HIN recognition of NW-HIN compliance. Investigate possible non-conformance with COTIs and take appropriate remedial action including revoking NW-HIN compliance recognition when warranted, with provision for appeals.

  34. 6. PUBLIC COMMENTS

  35. Public Hearing: Example Models of Governance Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 Financial Services / Payment Card Industry HIPAA Federal Trade Commission Federal initiatives National Quality Forum (NQF) Lessons from NW-HIN Exchange Standards and Interoperability Framework

  36. Key Findings Regarding Governance Roles: Public Hearing Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Leverage and coordinate across existing federal authorities. • Provide strong federal leadership, engagement and participation. • Federal role needed to: • Set national-level policy and adopt interoperability standards only where critical to enable trust and interoperability for nationwide exchange. • Oversee and coordinate across a set of governance processes that, together, comprise NW-HIN governance. • Assure NW-HIN governance includes ability to evaluate, learn and adapt on an ongoing basis.

  37. Key Findings Regarding Governance Roles: Public Hearing (cont’d) Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Recognize that there will likely be a variety of approaches and multiple levels of coordination, validation, and enforcement: • Different views expressed regarding need for national-level validation mechanisms, such as certification and accreditation. Some recommended it; others cautioned that it was premature to do this. • Need for national-level coordination across wide range of stakeholders to build consensus and inform development of NW-HIN requirements. • Recognition that enforcement occurs at various levels, through other federal authorities (e.g. FTC, OCR) states, local, and exchange partners, often through contractual mechanisms.

  38. Blog 1: Where to Leverage? Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Are there existing entities or processes performing a particular governance function? If so: • Does it accomplish the NW HIN governance objectives and principles? • Can it scale to meet NW-HIN needs? • Which essential functions or activities are not currently addressed, but are needed now to overcome barriers and to promote exchange through the NW-HIN? • Should the federal government perform that function directly or delegate it? • If delegated, to whom? • If a new entity is needed, what type of structure / attributes should it have?

  39. Key Findings: Blog 1 (10/25/10) - 1 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • 234 Commenters (33 – blog; 201 - E-mail) • Need for public education and use of plain language • Commenters generally seemed unclear over the function and role of the NW-HIN. • More emphasis should be placed on safety. • Greatest concern was privacy and security of protected health information (PHI), and need for strong privacy and security protections, e.g. mechanisms for consent, control, authorization, and explicit policies for data reuse. • Public comments varied but mainly sought to leverage existing mechanisms where appropriate.

  40. Key Findings: Blog 1 (10/25/10) - 2 • Specific suggestions for: • State / federal partnership. • Need for national-level policies and standards, with input from HITPC. • National accreditation program for qualified entities. • Public-private collaborative structure to act as a convener and support adoption of NW-HIN. • Suggestions for leveraging existing governance structures: • For policies and practices: FCC, state regulatory frameworks, Exchange Coordinating Committee. • For interoperability requirements: Standards Development Organizations (SDOs). • For validation: CCHIT, EHNAC, ONC-ATCB model. Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10

  41. Blog 2: Roles and Responsibilities Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Focus on federal and ONC responsibilities, development and validation of NW-HIN COTIs • Blog for additional public input (11/30/10) • Which activities should be tightly held by the federal government? • Should there be an overarching entity to accredit NW-HIN validation bodies? • Is there a need for a governance mechanism in the near-term to address implementation support and coordination? If so, what type of entity should facilitate this?

  42. Key Findings: Blog 2 (11/30/10) - 1 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 There should be a well formed committee to supervise these standards or make the standards (and the development process of standards) more open; a proposal based approach. It is absolutely critical that standard file formats be developed for any systems funded, in whole or part, with federal dollars. Support for delegating areas of accreditation and certification and using a more federated, governance of governances, approach. Recognition that government is not usually the best place for innovation to occur, but acts best when it is a platform for innovation.

  43. Key Findings: Blog 2 (11/30/10) - 2 43 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 Information should be communicated to all people involved. Responsive governance shouldn’t be confused with reactionary approach. Government and non-government roles should be addressed equally. Governance must remain tightly controlled at the federal level to the extent that it sets policy and defines the principles for participation. There should be an overarching validation entity, with implementation and day to day operation of certification / accreditation handled by multiple other entities, many of which already exist within and outside government. The federal government should certify these various entities as valid certification / accreditation entities for HIT to assure trust in the overall system.

  44. Key Findings: Blog 2 (11/30/10) - 3 44 Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 The federal government must establish an oversight body that will be able to support current efforts being made throughout the nation to implement HIT. At the very least, individuals and entities adopting HIT should be able to look for support and advice as to whether what they are implementing is valid in terms of governance structures and privacy and security practices. There should be an overarching governance committee that includes representatives across the various NW-HIN projects, with representatives from the Security and Trust developers.

  45. Examples of Other Governance Models Pre-decisional DRAFT.  For HITPC Consideration – 12/13/10 • Other models of governance suggested through diverse input • OMB HIT Task Force • International models (UK and Canada) • ISO – OECD Principles of Corporate Governance

More Related