Tuesday, January 22, 2013

Small Providers: Security Issues

The secure exchange of electronic health information is particularly challenging for small healthcare providers who may lack the security infrastructure or expertise that larger healthcare providers possess. Also, to secure an electronic health information exchange complete with desktops, laptops, and mobile devices and dealing with healthcare data exchange standards can be challenging.

The January 15th Federal Register (page 2953), announced that the National Cybersecurity Center of Excellence (NCCoE) is initiating the “Secure Exchange of Electronic Health Information Demonstration Project”. The goal for this specific demonstration project is to provide a security platform that is secure, usable, and affordable for small healthcare providers to exchange electronic health information.

NCCoE hosted by NIST with the State of Maryland Department of Economic Development, is a public-private collaboration located in Maryland to accelerate the widespread adoption of integrated cybersecurity tools and technologies. The Center brings experts together from industry, government, and academia under one roof to develop practical, interoperable cybersecurity approaches to address the real world needs of complex IT systems.

NIST is soliciting responses from vendors, academia, and integrators for the Demonstration project. All interested parties must complete a certification letter to be completed by March 1, 2013. NIST will then contact the interested parties if there are any questions regarding the certification letters or the project objectives or requirements. Selected participants will be required to enter into a consortium Cooperative Research and Development Agreement (CRADA) with NIST.

Additional details about the project will be made available at http://nccoe.nist.gov/hit. If interested, contact Karen Waltermire via email at NCCoe@nist.gov or phone at (301) 975-4500.