HISPC Phase 1

What is HISPC?

In October 2005, the Office of the National Coordinator for Health Information Technology and the Agency for Healthcare Research and Quality awarded the Privacy and Security Solutions for Interoperable Health Information Exchange contract to RTI International. RTI, in collaboration with the National Governors Association Center for Best Practices, formed the Health Information Security and Privacy Collaboration (HISPC) project. RTI awarded subcontracts to 33 states and Puerto Rico. NCHICA was awarded the subcontract for the state of North Carolina,and gathered stakeholders from its membership and other organizations across the state to form the NC HISPC team.

In Phase 1, each subcontractor was required to:

Assess variations in organization-level business policies and state laws that affect health information exchange in its state or territory;
Work closely with RTI, NGA (National Governor's Association), and other states and territories to exchange information and experiences regarding interoperable health information exchange (HIE) barriers and best practices;
Identify and propose practical solutions that protect privacy and security of health information and permit interoperable health information exchange; and
Develop plans to implement solutions in its state, and, if applicable, at the federal level.

The project required NCHICA to:

Organize the steering committee and working groups to examine statewide privacy and security policies and business practices regarding electronic health information exchange and the current legal requirements in the state that may be driving those policies.
Convene and work closely with a wide range of stakeholders throughout the state, representing statewide interests, which have a stake in advancing interoperable health information technology. The entities shall include, but not be limited to, clinicians, physician groups (primary and specialty care) and other providers, federal health facilities (i.e., Department of Defense, Indian Health Service, Department of Veterans Affairs), hospitals, payers (including employers that sponsor group health plans), public health agencies, community clinics and health centers, laboratories, pharmacies, long-term care facilities and nursing homes, homecare and hospice, correctional facilities, professional associations and societies, medical and public health schools that conduct research, quality improvement organizations, state government entities (Medicaid, public health departments, etc.), and both individual consumers and consumer organizations.
Identify any challenges that existing privacy and security policies and laws pose to interoperable health information exchange.
Identify best practices and solutions for maintaining privacy and security protections while enabling operation of a health information network.
Develop an implementation plan to address organization-level business practices and state laws that affect privacy and security practices in order to permit interoperable health information exchange.
Identify the intersection with, and build upon, existing state and regional interoperability efforts (if any).
Participate in regional and national meetings with other states to share knowledge and collaborate on health information exchange privacy and security issues and related issues.

Project Timeline

Date	Milestone	Current Status
1/4/2006	Release RFP to Governor's Offices	Completed
2/8/2006	Bidders' Conference Call	Completed
3/1/2006	Proposals Due	Completed
4/28/2006	Subcontracts Signed by Selected States	Completed
4/28-06 to 5/15/06	Kick Off Meetings	Completed
6/9/2006	Deliverable No. 1: Work Plan Due (Task 4 Deliverable)	Completed
11/6/06	Deliverable No. 2: Interim Assessment of Variation Report Due (Task 1 Deliverable)	Completed
11/13/06	State and Regional Meeting for NC Charlotte, NC	Click here to view NC slide presentation.
1/16/07	Deliverable No. 3: Interim Analysis of Solutions Report Due (Task 2 Deliverable)	Completed
2/14/07	Deliverable No. 4: Interim Implementation Plan Report Due (Task 2 Deliverable)	Completed
3/5 & 3/6/07	National Meeting	Agenda Registration Form
3/30/07	Deliverable No. 5: Final Assessment and Analysis Report Due (Task 3 Deliverable)	Completed
4/16/07	Deliverable No. 6: Final State Implementation Plan Report Due (Task 3 Deliverable)	Completed
4/17/07	Final Meeting	Agenda Presentation

Project Workplan July - December 2007 (Excel format)

Project Tasks & Deliverables

Task 1: Assess variation in organization-level business policies and state laws.

Task 2: Formulate interim solutions and implementation plan.

Task 3: Formulate final solutions and implementation plan.

Click here to visit the AHRQ website and see the final reports from all the states that participated in the project.

Project Participants

Organizational Chart

Steering Committee

Linda Attarian, NC DHHS, Executive Co-Chair
Holt Anderson, NCHICA, Executive Co-Chair
Wesley G. Byerly, Wake Forest University Baptist Medical Center
Fred Eckel, NC Association of Pharmacists
Jean Foster, Pitt County Memorial Hospital, Sub Co-Chair
Mark Holmes, NC Institute of Medicine
Donald E. Horton, Jr., LabCorp
Linwood Jones, NC Hospital Association (NCHA)
Eileen Kohlenberg, NC Nurses Association (NCNA)
Patricia MacTaggart, Health Management Associates, Sub Co-Chair
Doc Muhlbaier, Duke University Health System
David Potenziani, UNC School of Public Health
Melanie Phelps, NC Medical Society (NCMS)
N. King Prather, Blue Cross and Blue Shield of NC
Morgan Tackett, Blue Cross and Blue Shield of NC

Project Team

Holt Anderson, NCHICA, Project Executive
Jean Foster, Pitt County Memorial Hospital, Steering Committee Sub Co-Chair
Dave Kirby, Kirby IMC, Task 2 Interim Solutions and Plan Co-Chair
Laura Ksycewski, NCHICA, Project Assistant
Patricia MacTaggart, Health Management Associates, Steering Committee Sub Co-Chair
Patricia Markus, Smith Moore Law, Task 1 Variations of Business Practices / Law Co-Chair
James Murphy, NC DHHS MMIS, Task 1 Variations of Business Practices / Law Co-Chair
Angie Santiago, TM Floyd & Company, Project Manager
Mike Voltero, Blue Cross and Blue Shield of NC, Task 1 Variations of Business Practices / Law Co-Chair
Lori Von Colln, NCHICA, Project Assistant
Roy Wyman, Maupin Taylor Law, Task 1 Variations of Business Practices / Law Co-Chair

Disclaimer
While the information and recommendations contained in the North Carolina Health Information Security and Privacy Collaboration (NC HISPC) documents and website have been compiled from sources believed to be reliable, NC HISPC makes no guarantee as to, and assumes no responsibility for, the accuracy, sufficiency, or completeness of such information or recommendations.

Links made from the reference documents submitted shall not represent an endorsement by the State of North Carolina, NC HISPC, NCHICA, or by its members, board of directors, committees, or staff.

The views and opinions of authors expressed within the documents and website do not necessarily state or reflect those of the State of North Carolina, NC HISPC, NCHICA, or by its members, board of directors, committees, or staff, and they may not be used for endorsement purposes.

The information provided is not intended to constitute an "authoritative statement" under the State of North Carolina's policies, general statutes, and regulations.

Website Readers
During your visit to our Web site, your Web browser may produce pop-up advertisements. These advertisements were most likely produced by other Web sites you visited or by third party software installed on your computer. NCHICA does not endorse or recommend products or services that may appear as pop-up advertisements on your computer screen while visiting our site.

Commercial Products or Services
Any mention of commercial products within the NC HISPC documents or web pages is for information only; it does not imply recommendation or endorsement of any commercial products, processes, or services by the members of NC HISPC, NCHICA, or the State of North Carolina.