Policy Committee Charter

Committee Leadership

Chair: Steve Fox, Ex Officio Board Member, Partner, Post & Schell, P.C.

Vice‐Chair: Robert Torres, Ex Officio Board Member, Deputy Secretary of Administration, Pennsylvania Department of HealthState HIT Coordinator

Committee Purpose (Goals)

Serve as a resource for best practices and recommended policies for data security, data use/sharing agreements, privacy and confidentiality that may be applied in Pennsylvania health information exchanges (HIEs).

2012-13 Objectives (Deliverables)

1. Develop and/or recommend model documents or templates for inclusion in the

Reference Guide (e.g., model clause regarding HIEs for Notice of Privacy Practices, authorization forms, participant agreements, vendor agreements regarding software).

2. Develop answers to FAQs for Reference Guide (written in general terms) to address legal questions about starting an HIE.

3. Assist with the evaluation and/or development of a master provider index methodology, which identifies all licensed personnel in the state who are qualified to access health information through the HIE.

4. Assist with the evaluation and/or development of a master patient index methodology and guidelines to facilitate maintenance and record‐keeping to ensure that the index remains accurate and updated.

5. Establish or evaluate proposed requirements for creating, administering and terminating access rights to the HIE.

6. Identify or develop business agreements, policies, procedures and document templates that may be implemented as part of local HIEs that comply with applicable federal and state regulations and laws.

7. Work with members, state agencies and organizations to educate legislators on the need to modify existing laws to enable health information exchange.

8. Provide recommendations to ensure that HIEs comply with applicable federal laws and regulations such as HIPAA, Stark, etc.

9. Ensure that HIEs include medical consumer representatives (i.e., patients).

10. Promote the deployment and sustainable use of interoperable specifications established by HHS, CCHIT, HITSP and other applicable standards committees.

11. Collaborate with the BAT, HIE and other PAeHI committees in the achievement of common goals and the co‐development of deliverables as appropriate.

12. Provide input to and work with the Office of Health Care Reform on the proposed Pennsylvania Health Information Exchange (PHIX) (details to be published in the

Pennsylvania Bulletin in November 2009).

2010 Objectives (Deliverables)

1. Work with the BAT & HIE committees to develop an HIE “How To Guide.”

2. Create a special Privacy and Security Workgroup in collaboration with the BAT, HIE and

Policy committees with the goal of assisting providers, stakeholders via a centralized forum within PAeHI to facilitate the adoption of best practices, standards, privacy and security related issues for compliance with HIPAA requirements and enforcement.

1. Provide input to and work with the PA eHealth Collaborative and other PAeHI committees in development of policy and legal related issues focused on HIPPA, privacy, security, and consent with respect to Health Information Exchange.

2. Work in collaboration with the PA eHealth Collaborative and other agencies in providing expert input and appropriate language towards the development of a Universal Consent Form.

3. Develop an updated “Fact Sheet” as it relates to current laws effecting affecting privacy and security. The results will be an educational session presented at a future All Committee Meeting and made available for distribution on the PAeHI website.

4. Identify and support internship opportunities to college, and graduate and law students in disciplines such as public policy and Healthcare IT law with specific focus in the areas of HIPPA, privacy, security and consent.

Committee Membership

Open to individual PAeHI members and representatives of PAeHI member organizations.

Approved by PAeHI Board: November 18, 2009

Reviewed and Updated March 2012