Dive Brief:
- Not satisfied to wait for government or the tech companies to unilaterally set standards for healthcare IT data, the Health Information Trust Alliance (HITRUST) has announced it has formed a working group of health industry IT leaders to address the growing issues with healthcare data security.
- "Given the pace and complexities associated with protecting these systems, the private sector, not the government, should step up to manage this process. It needs to be practical and pragmatic, done quickly and with the flexibility required to match the rapidly evolving market," said David Muntz, senior vice president and chief information officer, GetWellNetwork and former principal deputy national coordinator and chief of staff, Office of the National Coordinator (ONC), in the HITRUST press release.
- HITRUST will use the group to address concerns over security and reliability of health information systems, develop a framework to handle data vulnerabilities, establish guidelines for security best practices and monitor progress on all fronts regarding the securing of healthcare data.
Dive Insight:
Cybersecurity, as it relates to healthcare data, would be the number one concern for the industry if achieving interoperability wasn't proving to be such a Herculean task. With the high-profile hack of Sony Pictures' email system demonstrating the inherent weakness of corporate security, industry leaders are not content to wait on the government—still huddling over the actual definition of Meaningful Use—to weigh in on the issue.
Further, this group's makeup is almost as important as its mission. Comprised of top executives from healthcare companies like Athenahealth and McKesson, with minority membership coming from the IT industry, it's the perfect mix for the job at hand.
HITRUST already distinguished itself last year by setting up monthly briefings with HHS to keep the bureaucrats up to speed on the challenges of managing healthcare data. Our bet is that their group is going to make some important steps in helping the industry police itself to keep data secure.