Subcontracts on Nationwide Privacy and Security Health Information Project

Saturday 18 February 2006
iHealthBeat reports on a nationwide effort to identify state privacy and security laws, policies and practices that could negatively impact health care data sharing. HHS has awarded a contract to The Research Triangle Institute International who will organize subcontrators in up to 40 different states to help identify the state related issues. The Request for Proposal outlines the details and deadlines for those interested in becoming a subcontractor under the project.

The RTI International press release states:

As part of a contract with the U.S. Department of Health and Human Services, RTI International and the National Governors Association (NGA) Center for Best Practices released a request for proposals inviting U.S. states and territories to participate in a collaborative effort to examine privacy and security laws and business practices that affect the ability of states and territories to exchange interoperable electronic health information.

Working collaboratively through a stakeholder process, the team members will work with representatives from up to 40 state governments and territories to identify, assess and develop plans to address variations in organization-level business policies and state laws that affect privacy and security practices that may pose challenges to interoperable health information exchange.

The request for proposals provides detailed information on the requirements for each state and/or territorial project, guidelines for submitting a proposal and information on the support provided by RTI and the NGA. States and territories receiving an award will be required to complete the work within one year.

Award recipients will examine the state or territory's privacy and security policies and business practices regarding electronic health information exchange; convene and work closely with a wide range of stakeholders within the state or territory; and develop an implementation plan to address organization-level business practices and state laws that affect privacy and security practices and impede interoperable health information exchange.