Search:

Health Information Exchange Policy Board

• start of nav
• Home
• New Items
• Info by User

  Info by User Items

  • Consumers
  • Health Care Community
  • Small Employer / Employees
  • Policymakers
• About MHCC

  About MHCC

  • Overview
  • Contacts
  • Commissioners
  • Meeting Schedule
  • Directions
  • Procurements
  • Weather Updates
  • Career Opportunities
• Contact Us
• Tools

  Tools

  • News Feeds
  • Site Map
  • Helpful Links
  • Link This Site
• Can't Find Something?
• end of nav

Background

Four years ago the Maryland Health Care Commission (MHCC) began the process of planning for a statewide health information exchange (HIE) by engaging numerous stakeholders to address fundamental policy issues and to plan a course of action.  The MHCC has published a number of major policy reports based on these consensus-building deliberations (see Health IT Policy Reports).  The statewide HIE will:  support high quality, safe, and effective health care; make certain that data is exchanged privately and securely; ensure transparency and stakeholder inclusion; support connectivity regionally and nationally; achieve financial sustainability; and serve as the foundation for transforming health care in Maryland.

Subsequent to a nine-month planning project, in 2009 the MHCC selected the Chesapeake Regional Information System for our Patients (CRISP), a non-profit organization, to build the statewide HIE following a competitive application process.  This multi-stakeholder group consists of Johns Hopkins Medicine, MedStar Health, University of Maryland Medical System, Erickson Retirement Communities, and more than two dozen other stakeholder groups.  In August 2009, the Health Services Cost Review Commission awarded $10 million through its unique all-payor rate setting system as initial funding of the statewide HIE.

On May 19, 2011, House Bill 784, Medical Records – Health Information Exchanges (HB 784) was signed into law. This law stipulates that the MHCC will adopt regulations for the privacy and security of protected information exchanged through all HIEs in the state. The MHCC has assembled a Policy Board in 2009 with responsibility for general oversight of the statewide HIE, including the authority to evaluate and recommend to the MHCC the privacy and security policies that will apply to all HIEs in Maryland.  The members were selected based upon their expertise, consideration regarding the breadth of stakeholder representation, and a strong consumer background.  The Policy Board's separation of responsibilities assures participation by the public in both policy development and operational oversight.

Scope of Work

The responsibilities of this Policy Board include, although are not limited to, the development and recommendation of policies for privacy and security of protected information exchanged through a health information exchange operating in Maryland.  The MHCC will consider the recommendations of the Policy Board and adopt regulations for health information exchanges to implement. In particular, the Policy Board will establish policies regarding consumer authorization and consent, user authentication, role-based authorization, security requirements, and audit trail requirements. The Policy Board will develop policies that ensure a high level of privacy and security protections for health information exchanges in Maryland.

HIE Policy Board Members

Policy Board Operating Guidelines

Health IT Policy Reports

HIE Policy Development

HIE policies are continuously evolving.  The HIE Policy Development webpage includes all of the policies, resolutions, corresponding drafts, and voting results pertaining to HIE policies, which is an effort to display the evolution of HIE policy development and approval processes in Maryland.  The Approved Final Policies, Proposed Draft Policies and Primary Reviewers List depicts currently approved policies and the prioritization of proposed policies for HIEs. The status of policy development, the Policy Board members assigned as Primary Reviewers for each policy, and their respective organizations are listed.  In an effort to facilitate the policy development process of the HIE Policy Board workgroup meetings are convened. The HIE Policy Board Workgroup Summary includes dates of meetings, policies discussed, and the number of attendees at each workgroup meeting.  The Currently Approved Final Policies and Resolutions document indicates all policies and resolutions currently approved by the Policy Board.  Finally, the National HIE Policies webpage includes the links to other states regarding their HIE policies.

HIE Policy Development

Approved Final Policies, Proposed Draft Policies & Primary Reviewers

HIE Policy Board Workgroup Summary

All Currently Approved Final Policies and Resolutions

National HIE Policies

 

Meeting Schedule and Directions

2012 Policy Board Meeting Schedule and Directions

2011 Policy Board Meeting Schedule and Directions

2010 Meeting Archives

 

Meeting Minutes

September 27, 2011

May 24, 2011

April 12, 2011

March 1, 2011

January 11, 2011

Meeting Materials

September 27 , 2011

• Agenda
• HIE Policies Crosswalk
• CRISP update
• Audit Principles
• Audit v1.2.1
• Secondary Data Use Principles
• Secondary Data Use v1.2.1
• Data Use and Disclosure Principles
• Consumer Access to Audit v1.0

May 24 , 2011

• Agenda
• Telemedicine Legislative Update
• Consumer Access v1.2.1
• Consumer Outreach, Education & Engagement v1.2.1
• Data Use and Disclosure v1.2.1
• Audit v1.0

April 12, 2011

• Agenda
• Challenge Grant Briefing
• CRISP Update
• HIE Participants
• SB 723/HB 784 Medical Records – Health Information Exchanges
• SB 722/HB 736 Electronic Health Records – Incentives for Health Care Providers
• Suspension and Termination of User Access Policy Draft v1.2.2
• Consumer Access v1.1
• Data Use and Disclosure v1.2.1

March 1, 2011

• Agenda
• SB 723/HB 784 Medical Records – Health Information Exchanges
• SB 722/HB 736 Electronic Health Records – Incentives for Health Care Providers
• Proposed Query Resolution
• Sensitive Health Information Policy Draft v1.2.4
• Emergency Access for Participating Organizations Policy Draft v1.2.3
• Suspension and Termination of User Access Policy Draft v1.2.1
• Data Use and Disclosure v1.2.1
• Consumer Access v1.0
• HIE Phased Connectivity Status 03/01/2011

January 11, 2011

• Agenda
• Consumer Choice Policy Draft v1.3.4
• User Authentication Policy Draft v1.3.4
• MPI Data Elements
• User Authorization Policy Draft v2.0
• Sensitive Health Information Policy Draft v1.2.3
• Emergency Access for Participating Organizations Policy Draft v1.2.2
• Suspension and Termination of User Access Policy Draft v1.2.1
• Proposed Resolutions for Increased Patient Control v1
  

Planning Team Reports

Chesapeake Regional Information System for Our Patients (CRISP)

Montgomery County Health Information Exchange Collaborative (MCHIE)

 

Implementation Project

Request for Application for A Consumer-Centric Health Information Exchange for Maryland

CRISP Response to RFA

 

Resource Documents

A Difficult Balancing Act (Between granting access to electronic health records while maintaining their proper security.)

After Blumenthal: A To-Do List

ARRA Funding Awards in Maryland

Confidentiality of Alcohol and Drug Abuse Patient Records (42 CFR Part 2)

Consumer Partnership for eHealth.  May 2011.  The Consumer Platform for Health IT:  Advancing Patient and Family Engagement Through Technology.

Data Segmentation in Electronic Health Information Exchange: Policy Consideration and Analysis – Executive Summary

Despite incentives, doctors are wary about switching to EHRs

Electronic Prescribing: CMS Should Address Inconsistencies in Its Two Incentive Programs That Encourage the Use of Health Information Technology, GAO-11-159

FAQs Applying the Substance Abuse Confidentiality Regulations to Health Information Exchange

The Federal Health IT Strategic Plan: 2011-2015

HIPAA/HITECH Privacy & Security Checklist - Assessment and Guidance Instructions NEW

HIPAA Privacy Rule Accounting of Disclosures under the HITECH

HIPAA Security - Chapter 14 - Access Controls NEW

HIPAA Security Series - Security Standards: Technical Safeguards NEW

HIT Implementation Realties Versus Policy Aspirations

Infectious Disease Surveillance in Maryland

Informational Brief: Health Information Technology - An HIE Policy Board Overview NEW

Intuit Patient Portal Demonstration

Many Physicians Are Willing To Use Patients’ Electronic Personal Health Records, But Doctors Differ By Location, Gender, And Practice

Medicare & Medicaid EHR Incentive Program for Eligible Processionals

Medicare & Medicaid EHR Incentive Program for Hospitals

Meaningful Use of Electronic Health Records - The Road Ahead

MedTouch Signs Partnership with Indianapolis Health System to Deliver Integrated Patient Portal

MGMA: Proposed 'accounting of disclosures' rule too burdensome

National Health Service Summary Care Records Consumer information webpage

NCVHS Letter to the Secretary Regarding Sensitive Health Information

ONC awards additional $12M to 48 RECs for EHR adoption

ONC Certified EHR Product List Website

ONC Health IT Policy Committee’s Privacy and Security Tiger Team - Policy and Technology Framework for Health Information Exchange

ONC plans to develop patient consent for exchange

ORC Slides - Proposed HITECH HIPAA Modifications

Privacy and Security Solutions for Interoperable Health Information Exchange

Protecting Sensitive Health Information in the Context of Health Information Technology

Report: Health Care Providers Falling Short in Securing Data

Review of Recent Studies Shows Predominantly Positive Results for HIT

State HIEs wrangle with thorny 'patient consent' issue

Senator Nelson files Medical Privacy Bill

Sensitive Health Information State Policies

Last Updated: January 23 , 2012