Health Information Exchange in the US Term Paper

Download this Term Paper in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Term Paper:

Health Information Exchange


Health Information Exchange in the U.S.

The Guidelines


Privacy and Security

Challenges and Strategies

Why Clinicians Use or Don't Use HIE

Doctors' Opinion on HIE

Consumer Preferences around HIE

Health Information Exchange or HIE is a system, which allows the immediate electronic access of a person's health information records by a health provider (Fricton and Davies, 2008). The overall objective is to improve the safety and quality of health, especially for emergency care. This is the response to the problem of poor communication and exchange of medical information from one provider to another. This has resulted in many medical errors and undesirable drug effects (Fricton and Davies).


The use of the personal health record or PHR has been brought up as an innovative solution to this problem concerning diverse electronic medical record systems or EMR (Fricton and Davies, 2008). It becomes the only source for authentication and remote access of health information data from these systems. A voluntary survey revealed an almost popular interest among patients and health provides in its regular use in accessing these data. The information includes medication and medical history reconciliation and patient education (Fricton & Davies).

Modifications were proposed for the HIPAA Privacy & Security Rules to implement and enforce the pertinent provisions of the HITECH Act of 2009 on protection (Jones et al., 2011). These would do so by extending the Office for Civil Rights' enforcement to business associates and other agencies; upholding individual rights to seek and obtain medical information in electronic form, and limit the use and sale of information. This coordinated effort with the Office of the National Coordinator for Health Information Technology will assure or improve the privacy and security of the exchange (Jones et al.).


Guiding Principles

Health Information Exchange or HIE is a network community of healthcare entities, which use interoperable electronic health record systems to swap health information (Carter, 2006). These entities include regional health information organizations, HIE as the nationwide health information network, and community health information organizations. An HIE can be a federated model with shared repositories or peer-to-peer network, non-federated peer-to-peer network, and centralized database or data warehouse. The 2005 report on Connecting for Health listed the 9 guiding principles in insuring the confidentiality of patient data in this system. These principles are openness and transparency, purpose specification and minimization, collection limitation, use limitation, individual participation and control, data integrity and quality, security safeguards and controls, accountability and oversight, and remedies. These are necessary in assuring the success of HIE. Certain issues have, however, been raised concerning several of them (Carter).

Legal Issues

Many State and federal laws require a thorough analysis on the requirements for the release of information (Carter, 2008). When settled, an agreement must be made on HIE participation. At this point, problems may be encountered because of variations in State law or there are federal laws still existing and affecting the exchange of health information. Examples are Medicare Conditions of Participation, Confidentiality of Alcohol and Drug Abuse Patient Records Regulation, Family Educational Rights and Privacy Act, and the Food, Drug, and Cosmetic Act. Any conflicting law should be interpreted in order to assure compliance. Still another legal issue concern HIE participation agreements. These agreements must address HIPAA business associate provisions, protecting proprietary information, intellectual property rights, software licensing, insurance, indemnification, audit rights, and dispute resolution (Carter).

Operational Issues

HIPAA security and security rules protect health information for patient access; maintain patient privacy, security, and data integrity; and release information according to State and federal laws (Carter, 2008). Health information professionals confront certain operational issues concerning these requirements. These are the minimum necessary regulation under HIPAA privacy rule, access to health information, identity management, opt in or opt out, quality of information, security and communication standards, operational impact of variations in State law, notice of privacy practices, and patient education (Carter).


The full-blown adoption of automated information was a strong likelihood even in the past, but was among the slowest areas in the industry to develop it (Kuperman, 2011). Huge costs are a major consideration. Another delay was the lack of appropriate privacy and structure design. But the benefits are large, although there are many problems in connection with automating healthcare (Kuperman).

These include ease of data access, substantially large storage capability, statistically enhanced modeling, and a large capacity of information for setting patterns and drawing conclusions (Kuperman, 2011). The benefits from the exchange's design include the ability for information to go with the patient from system node to node. The technology used in the exchange is meant to access records across counties and hospitals as a primary function. HIE promises potential benefits for the individual patient and the healthcare system. These include improved clinical care and reduced cost (Kuperman).

While providing these benefits, HIE also poses some issues and opportunities (Kuperman, 2011). If patients or others lack trust in the electronic exchange because of some real or perceived or actual risks to one's identifiable health information, accuracy or completeness, he may refuse to reveal these information. This could have fatal consequences (Kuperman).

Privacy and Security

These principles are premier in HIE as it improves quality, reduce errors, increase the level of administrative efficiency, and widen access to health care services (Fricton, 2008). Confidential healthcare records are now being conveyed electronically and thus require strict standard to protect patient privacy. The HIPAA Act of 1996 guaranteed the privacy of a patient's health information through the Patient Security Rule and the Patient Safety Rule, enforced by the Office of Civil Rights. HIPAA's Security Rule became the basis for the electronic transfer of the information. The Patient Safety Rule, on the other hand, protects identifiable information when used to improve patient safety. Advances in the electronic transfer of patient information led to the use of EMRs, which eliminated the use of paper patient charts. HIPAA creates the framework for this information transfer and technology for the transfer to the requesting patient. This is done at the HIPAA website where common questions by a healthcare professional are asked. A Health Information Organization or HIO electronically processes the medical records. A HIO is the legal identity, which oversees and manages the exchange among health organizations, guides the request through questions about health information technology (Fricton).

Privacy and Security Gaps at HIE

The Healthcare Information and Management Systems Society and the American health Information Management Association collaborated in identifying issues surrounding privacy and security in HIE activities (AHIMA, 2011). The objective was to highlight these gaps within the HIE environment, which must be considered in organizing an HIO or implementing an HIE. These are regulatory issues, administrative issues, technological and physical security, access management, public health or population health, and consumer privacy (AHIMA).

Regulatory issues include policies covering personal health information or PHI; the need for consistent data-sharing agreements and standards; interstate exchange of health information; and compliance with meaningful use (AHIMA, 2011). Administrative issues include implementation of a strong governance framework; clearly defined and implementing policies for changing demographic and clinical data; defined roles and responsibilities over data stewardship; providers-data stewardship; HIE/HIO data stewardship; requirement for unique user identification; restricting access to data by role and other user attributes; unique patient identifier; identity management; authentication; and industry adoption. Technical and physical security issues include risk assessment of HIOs and HIE participants' accountability and lack of technical or physical standards for HIPAA covered entities. Access management issues include authorization, federated access management; access to personal health information or disease management by health plans; HIPAA security standard for employee health plans; third-party use of PHI for wellness programs; access to PHI for research purposes; third-party access; and health plan user access. Public or population health issues include multi-stakeholder considerations for authorization and health oversight agencies not required to comply with HIPAA security standards. And consumer privacy issues include consent; restricting access to "sensitive" portions of the record; HIT privacy and security tiger team recommendations; meaningful consent; the mechanics of consent; opt-in; opt-out; resources and timing; and technical constraint (AHIMA).

Challenges and Strategies

A loud observation more than a decade ago reverberated that the main obstacle is the lack of a sustainable business model (Vest and Gamm, 2010). RHIOs may need $12 million for development and $2-3 million for annual operating costs. And hospitals are organizations, which are hard-pressed to show a return on investment. Other obstacles are the collaborative nature of HIE; distrust and control over information; the persistent need for RHOs to insure patient privacy despite the allowed sharing of information between organizations; and fears of liability from unlawful disclosure. Lessons learned so far are that technological progress is not a ready-made solution to problems in healthcare information sharing; grant funding was not a viable alternative to self-sustaining revenues; and long-term financial uncertainties present enough risk to defeat the most technologically advanced offensive (Vest & Gamm).


The following have been suggested for continued HIE development, which complements the mixed economy of the U.S. health service…[continue]

Cite This Term Paper:

"Health Information Exchange In The US" (2012, November 30) Retrieved October 22, 2016, from

"Health Information Exchange In The US" 30 November 2012. Web.22 October. 2016. <>

"Health Information Exchange In The US", 30 November 2012, Accessed.22 October. 2016,

Other Documents Pertaining To This Topic

  • Health Care System United States

    These stakeholders are also vital in the promotion of the application of standards-based technology. This is critical as it enhances the safety and security of the citizens as they pursue low-cost health care services and products within the context of the United States. The federal and state governments have also been influential in the development and implementation of policies towards addressing security and privacy issues in relation to the utilization

  • Health Information Professionals Are Those

    Salary and benefits The salary earned depends to a large extent on the responsibility held by the individuals. In general, the more the responsibility, the higher the salary. In a survey conducted in 2008 by AHIMA, the average salary was $57,370. The salary for a IS/IT Director is $96,640, other director is $90,740, security officer is $83,000, consultant is $76,267, HIM Director is $73,376, compliance officer is $72,218, other officer is

  • United States Healthcare Programs to Citizens Compare

    United States healthcare programs to citizens compare with the healthcare provided to residents in other countries? That question will be the focus of this paper, along with the background to the decision of major health insurance companies to support the candidacy of Republican Mitt Romney. Where does the U.S. stand in the world when it comes to healthcare? According to a statement by the Speaker of the House of Representatives, John

  • Health Information Technology Hit Under the Terms

    Health Information Technology (HIT) Under the terms of the current financial and regulatory environment, it is highly incumbent upon healthcare institutions to operate utilizing the most current and compliant Health Information Technology (HIT). But implementation and maintenance are not sufficient alone to ensure that an adopted strategy is achieving its desired or optimal outcomes, particularly not in an era of such fast-moving change for the healthcare industry. This is why,

  • Health Information Technology for Economic and Clinical

    Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted as part of the 2009 bailout. The focus of the act is initiating "incentives related to health care information technology…and specific incentives designed to accelerate the adoption of electronic health record systems among providers (No author, 2013). There has been a longstanding push to implement electronic health records in the U.S. health care system, for a variety of

  • Healthcare Reform in the United

    4 million young people); e) Americans that are uninsured and that have "preexisting conditions" can as of now get insurance through the "Pre-Existing Condition Insurance Program" (PCIP); f) 46 states are using Affordable Care Act resources to "crack down on unreasonable premium increases" (White House). There are additional benefits that result from the Affordable Care Act will come into play in 2014, according to the White House. Those include a new

  • Health Care Facility Labor Relations

    5) Celebrate the customer decision and ask for feedback- Many customers will be with us for the duration of their lives. Everyone will inevitably become sick and will need to make tough decisions in regards to their health. Whatever their decision, we must be there to help console or celebrate their success and triumph. The essence of good customer service is genuine appreciation, not flattery. The distinction between the two

Read Full Term Paper
Copyright 2016 . All Rights Reserved