Michigan and Ohio are syncing up – health records, that is. State health information exchange groups, the Ohio Health Information Partnership CliniSync and Michigan Health Connect have joined forces to allow residents of Ohio to seek medical treatment in Michigan. These state organizations allow for data-sharing of electronic medical records (EMRs), including immunization records, MRI results, and more, making it convenient for physicians and hospitals to treat patients in either state.
As part of the federal Direct Project, part of the Nationwide Health Information Network, the program’s objective is allow for a standardized way to send encrypted digital health information directly to recipients online. Focused mainly on the technical standards, the project includes a document explaining how to use SMTP, S/MIME and X.509 certificates for secure information exchange. The document, Applicability Statement for Secure Health Transport, is the most updated version, and it describes the standard encryption algorithms, trust verifications, and more.
To clarify, the Direct Project only addresses how information is sent, and not interoperability as a whole, which also involves the structure and format of exchanged content and what terms they will use within their content. The project also doesn’t specify if the standards are HIPAA compliant, although one might assume as such since it’s a federal project. It does indicate that the standards may satisfy some State 1 Meaningful Use requirements.
For some specific recommendations when it comes to encrypting data for HIPAA compliance, read Encrypting Data to Meet HIPAA Compliance.
With the health exchange movement comes the mobile movement – BYOD (Bring Your Own Device) is another way to expedite workflow in the healthcare industry. But sending health data via mobile devices comes with its own inherent risks. The best way to keep sensitive data safe and within compliance is to keep data off of the device itself, and in an offsite, secure location, like a HIPAA compliant data center. Read our HIPAA white paper for best practices.
About the Michigan Health Connect
Michigan Health Connect is a nonprofit corporation founded by leading health systems in Michigan to advance the delivery and coordination of high quality, efficient, patient-focused health care across the state through collaboratively leveraging information technology and clinical data exchange.
About the Ohio Health Information Partnership, CliniSync
The Ohio Health Information Partnership is a nonprofit entity whose mission is to assist physicians and other providers with the adoption and implementation of health information technology (HIT) throughout Ohio, specifically in the adoption and use of electronic health records. Funded through the Office of the National Coordinator of HIT within the U.S. Department of Health and Human Services, we also are responsible for the creation of a technological infrastructure that will allow Ohio physicians, hospitals and healthcare professionals to electronically share patient health records across the state.
Applicability Statement for Secure Health Transport (PDF)
Electronic Health Record Collaborative CliniSync Links with Michigan Counterpart
HealthIT.Gov: Direct Project
Michigan Health Connect
Ohio Health Information Partnership, CliniSync
Michigan Physicians Benefit From HIPAA Compliant E-Prescribing
The federal government agency for health IT, the Office of the National Coordinator for Health Information Technology (ONC), has recognized Michigan as an early achiever, completing the first milestone in e-prescribing as determined by the State Health Information Exchange Grantee … Continue reading →
Securing Data During Michigan’s Healthcare Upheaval
The University of Michigan recently launched one of the nation’s largest accountable care organizations (ACO) that combines nine major physician groups across Michigan’s Lower Peninsula. According to the U-M Health System (UMHS), the Physician Organization of Michigan ACO (POM ACO) … Continue reading →
The Effect of Michigan Health System Mergers on Health IT
Last year, Michigan saw widespread health system mergers, with a focus on the need to deliver integrated care. Part of the change may come from a shift in how healthcare is sold, meaning a switch from the traditional fee-for-service model … Continue reading →
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.