States to assess privacy laws for health IT impact

The Health and Human Services Department today announced that RTI International Inc. of Research Triangle Park, N.C., has subcontracted with 22 states and territories to evaluate their privacy laws and how they may hinder data exchange as part of HHS' health IT efforts.Twelve more states are expected to sign subcontracts within the next two weeks.HHS' Office of the National Coordinator for Health Information Technology and the Agency for Healthcare Research and Quality jointly manage and fund RTI's contract. RTI established the Health Information Security and Privacy Collaboration, a partnership with the National Governors' Association, to work with the states.The national health IT coordinator's office also today added $5.7 million to the existing $11.5 million contract with RTI for a total value of $17.2 million for more state proposals, submitted in response to a January request for proposals from RTI.Subcontractors will work with health care professionals, patients and others in their states to review privacy and security issues, and differences in laws governing electronic clinical data exchange, and identify best practices to address them. States will also develop plans for future health data exchange activities."One of the strongest early lessons we're learning from our research on electronic health information is that some of the main challenges for adoption are not technical issues. Rather, they're issues of inclusion and trust," said AHRQ director Carolyn Clancy.The privacy and security work at the state level "will leave an indelible mark on the ultimate formulation of a national health information network," she said.The Health Insurance Portability and Accountability Act provides a baseline for health information privacy and security among states. Some states have more stringent privacy laws, which could pose challenges for interoperability of electronic health records systems.Results from the states will provide a foundation for future work to assure that consumers' health information continues to be appropriately protected as medicine becomes more digitized and interoperable, said acting deputy national coordinator for health information technology Karen Bell."This effort to partner with states and territories will ensure that the health care system serves consumers' needs and meets the president's goal for health information technology," she said.RTI plans to release an interim report Oct. 30 and deliver its final assessment and recommendations March 30, 2007. At that time, representatives from each region will discuss how to implement plans that will let them electronically share health information across states, said Linda Dimitropoulos, RTI's project director."This collaborative effort among experts will help us work through the myriad security and privacy issues so that policy makers at the state and federal levels can begin to address the concerns that will allow Americans to benefit from improved sharing of health care information," she said.The subcontracting states to date are: Alaska, Arkansas, Colorado, Iowa, Illinois, Indiana, Kentucky, Maine, Massachusetts, Michigan, Minnesota, Mississippi, New York, North Carolina, Ohio, Oklahoma, Rhode Island, Utah, Washington, Wisconsin, West Virginia and Wyoming. Washington Technology's .