Health IT Standards Committee Can’t Understand Recommendations

Check out this quote from an article at health care IT news that talks about the challenges the HIT Standards Committee has had understanding the committee’s recommendations:

However, some standards for 2011 – particularly those governing security and privacy – have been difficult to grasp, even for committee members. “They don’t understand what we’re recommending and how the pieces fit together,” said Dixie Baker, chairman of the committee’s privacy and security workgroup.

The security standards the committee has recommended are based on the HIPAA security and privacy rule, she said. Those include requirements to authenticate identity, control access to health information by authorized users, encrypt and decrypt information, and create an audit trail to track who has accessed data.

In explaining the security standards for 2011, Baker said they “are used on a daily basis when we use the Web even if you don’t realize it.” For instance, the standard that the committee used for identity authentication is the same standard used to conduct commercial transactions securely over shopping Web sites, such as Amazon.

“When you’re about to present a credit card (online) a picture of a lock appears in the lower corner (of the Website),” said Baker. “What locks that is an approach that’s called the Transport Layer Security,” which authenticates one or both ends of the exchange, she said.

Does this scare anyone else? First, you have to wonder what those people are doing on the committee. Second, you have to ask if the committee (who should be well educated on these subjects) has a challenge understanding their recommendations how are busy doctors going to do with the regulations? Doctors must be so excited to go through the 692 pages of Meaningful Use regulations.

About the author

John Lynn

John Lynn

John Lynn is the Founder of the, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.