Although the Health and Human Services Department has made progress in ensuring the protection of health information in a national network, there is still room for improvement, according to a new report by the Government Accountability Office.
In January 2007, GAO called for HHS to define and implement a privacy mechanism for the network, which is under development. The report is intended as an update on privacy safeguards.
As signs of progress, GAO auditors pointed to efforts by the Office of the National Coordinator for Health Information Technology to address key privacy principles and challenges. Among other initiatives, GAO cited:
* The Healthcare IT Standards Panel’s effort to define standards for integrating security features in systems that process personal health information.
* The Certification Commission for Healthcare IT’s electronic health records certification criteria, which include privacy protections.
* HHS’ release of a strategic plan for federal health IT that includes privacy and security objectives and strategies and target dates for meeting them.