ONC Releases 2014 Health IT Privacy & Security Priorities

Posted on by Frank J. Rosello

Want to know what the Office of the National Coordinator for Health IT’s privacy and security priorities are for the coming year? Then take a look at the ONC’s new report to Congress.

Click here to view the ONC report.

The report provides updates on ONC’s activities and the adoption of health IT from Jan. 1, 2012, to April 30, 2013. It also offers a glimpse of what’s on its privacy and security agenda for the year ahead.

The ONC, a unit of the Department of Health and Human Services headed by Farzad Mostashari, M.D., administers programs to guide healthcare providers as they “meaningfully use” certified electronic health record technology under the HITECH Act EHR incentive program. The ONC also works with the health IT community to develop standards and technologies that facilitate interoperability and secure health information exchange.


In fiscal 2014, which starts on Oct. 1, 2013, the ONC says it will address a number of key issues. For example, it will:


  • Identify and address cybersecurity threats;
  • Provide technical assistance in such areas as security program management, risk management, access management, integrity management, audit management, incident management, continuity management, chains of trust controls, workforce management and media management;
  • Work with the National Institute of Standards and Technology (NIST) and other partners to assure that correct clinical information is associated with the correct patients and/or providers by supporting innovative frameworks that can provide a foundation for identity management;
  • Continue to incorporate policy components that further privacy and security in future stages of the HITECH Act electronic health record (EHR) incentive program; and
  • Continue work on patient and provider identity management.


The report, Update on the Adoption of Health Information Technology and Related Efforts to Facilitate the Electronic Use and Exchange of Health Information, also spotlights the projects of ONC’s Office of the Chief Privacy Officer during 2012, including:


  • Working with federal policymakers to assure that patient EHR data is protected and secure while supporting the right that individuals have under the HIPAA Privacy Rule to review and obtain a copy of their health information in electronic form;
  • Supporting the Data Segmentation for Privacy Initiative, which, through collaboration among federal and industry partners, identifies innovative ways of protecting the privacy of health information;
  • Launching an educational initiative and resource center on how to protect and secure health information when using a mobile device;
  • Conducting an e-consent pilot project to evaluate ways to inform individuals of their options with respect to the sharing of their electronic health information.

Leave a Reply

Follow GOEILLC on LinkedIn Follow GOEILLC on Twitter