Skip to Main Content

Breadcrumb

  1. Governor
  2. hie.illinois.gov

Privacy and Security Work Group Minutes - May 26 2011 

May 26, 2011

Attendees (phone and in-person):

  • Chair: Ira Thompson, Infinite Systems Support
  • Mark Chudzinski, Office of Health Information Technology (OHIT)
  • Joseph Duff, OHIT
  • Carl Gunter, University of Illinois SHARPS (by telephone)
  • Ivan Handler, OHIT
  • Krysta Heaney, OHIT
  • Jay McCutcheon, Lincoln Land HIE (LLHIE) (by telephone)
  • Crystal VanDeventer, LLHIE (by telephone)
  • Dr. Arnold Widen, Office of the Attorney General

Introductions:

Chairman Ira Thompson opened the meeting at 2 p.m. The meeting was hosted by OHIT at the James R. Thompson Center, with a telephone conference call-in number provided for participants unable to attend in person. Roll call was taken.

Minutes Review:

With no changes noted; the minutes from April 21, 2011, were unanimously approved.

ILHIE Update:

Mark Chudzinski provided the Work Group with three state and one federal-level update.

  1. OHIT anticipates the release of the request for proposals (RFP) for the Illinois Health Information Exchange (HIE) technical architecture within the next week.
  2. The Office of the National Coordinator (ONC) recently released a Notice for Proposed Rule Making (NPRM) providing guidance on protected health information (PHI) audit trail disclosure to patients. The federal rule may impact the implementation of the ILHIE consent management system; OHIT will continue to monitor developments at the federal level.
  3. OHIT has held initial discussions with the University of Illinois SHARPs project team. OHIT will explore the prospect of partnering with the SHARPs program to address specific aspects of privacy and security.
  4. The Illinois HIE Authority Board of Directors held its inaugural meeting on Wednesday, April 27, 2011. The next meeting of the Board is scheduled for Wednesday, June 22, 2011. The remaining 2011 Board meetings are scheduled for September 7, 2011, in Chicago, and November 16, 2011, in Springfield.

Ivan Handler provided a summary of the LOINC (Logical Observation Identifier Names and Codes) Coding Workshop hosted by the Chicago Health Information Technology Regional Extension Center (CHITREC). The workshop focused on the standardization process for electronic laboratory results delivery and electronic laboratory reporting (ELR) to public health.

Audit Sub-Committee Update:

Ira Thompson provided an update on the Audit Sub-Committee. Ira Thompson briefly reviewed the Nationwide Health Information Network (NHIN) Trail Implementations Service Interface Specifications Audit Log Query V. 1.3.1, released January 30, 2009. Ira Thompson noted the specificity provided in the document regarding several critical audit processes including, query service structures. Ivan Handler briefly described the objective to include real- to near-real time monitoring and pattern recognition as audit services within the ILHIE.

Jay McCutcheon asked how the state will communicate with providers about the privacy and security requirements for participation in the ILHIE. Mark Chudzinski explained that once the privacy and security policies are developed, the Authority and OHIT staff will work collaboratively with stakeholder organizations on outreach and communication.

General HIE Project Updates:

Jay McCutcheon asked if OHIT was comparing the federal Data Use and Reciprocal Support (DURSA) requirements for user participation with Illinois law. Mark Chudzinski explained that the DURSA Subcommittee of the ILHIE Legal Task Force was examining user agreements and the impact of various Illinois statutes and regulations on those agreements. Mark Chudzinski also informed the group that a new federal DURSA was scheduled for release in June 2011; the DURSA Subcommittee will compare the two agreements and provide an analysis to OHIT.

Carl Gunter provided a high-level summary of several of the topic areas the University of Illinois SHARPs program is exploring. Two areas of exploration that may be germane to the privacy and security framework for the ILHIE are analyzing audit logs for HIEs and experienced-based access management.

Next Steps: The next meeting of the ILHIE Privacy & Security Work Group was scheduled for June 28, 2011, at 2 p.m.

Meeting Adjourned: 2:30 p.m.