Office of the National Coordinator for Health Information Technology; American Health Information Community Confidentiality, Privacy, and Security Workgroup; Meeting, 26392-26394 [07-2277]
Download as PDF
<![CDATA[
26392
Federal Register / Vol. 72, No. 89 / Wednesday, May 9, 2007 / Notices
holding companies may be obtained
from the National Information Center
Web site at www.ffiec.gov/nic/.
Unless otherwise noted, comments
regarding each of these applications
must be received at the Reserve Bank
indicated or the offices of the Board of
Governors not later than June 4, 2007.
A. Federal Reserve Bank of Chicago
(Burl Thornton, Assistant Vice
President) 230 South LaSalle Street,
Chicago, Illinois 60690-1414:
1. Midwest Banc Holdings, Inc.,
Melrose Park, Illinois; to merge with
Northwest Suburban Bancorp, Inc.,
Mount Prospect, Illinois, and thereby
indirectly acquire Mount Prospect
National Bank, Mount Prospect, Illinois.
B. Federal Reserve Bank of Kansas
City (Donna J. Ward, Assistant Vice
President) 925 Grand Avenue, Kansas
City, Missouri 64198-0001:
1. Southwest Bancorp, Inc., Stillwater,
Oklahoma; to acquire up to 100 percent
of the voting shares of Hart Food Stores,
Inc., Hutchinson, Kansas, and thereby
indirectly acquire voting shares of Bank
of Kansas, South Hutchinson, Kansas.
Board of Governors of the Federal Reserve
System, May 3, 2007.
Robert deV. Frierson,
Deputy Secretary of the Board.
[FR Doc. E7–8803 Filed 5–8–07; 8:45 am]
BILLING CODE 6210–01–S
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Office of the National Coordinator for
Health Information Technology;
American Health Information
Community Personalized Healthcare
Workgroup Meeting
sroberts on PROD1PC70 with NOTICES
ACTION:
Announcement of meeting.
SUMMARY: This notice announces the
sixth meeting of the American Health
Information Community Personalized
Healthcare Workgroup in accordance
with the Federal Advisory Committee
Act (Pub. L. No. 92–463, 5 U.S.C., App.)
DATES: June 7, 2007, from 2 p.m. to 5
p.m. [Eastern Daylight Time].
ADDRESSES: Mary C. Switzer Building
(330 C Street, SW., Washington, DC
20201), Conference Room 4090 (please
bring photo ID for entry to a Federal
building).
FOR FURTHER INFORMATION CONTACT:
https://www.hhs.gov/healthit/ahic/
healthcare/
SUPPLEMENTARY INFORMATION: The
Workgroup will discuss possible
common data standards to incorporate
interoperable, clinically useful genetic
laboratory test data, family history
VerDate Aug<31>2005
18:12 May 08, 2007
Jkt 211001
information, and analytical tools into
Electronic Health Records (EHR) to
support clinical decision-making for the
health care provider and patient.
The meeting will be available via Web
cast. For additional information, go to:
https://www.hhs.gov/healthit/ahic/
healthcare/phc_instruct.html.
Dated: April 31, 2007.
Judith Sparrow,
Director, American Health Information
Community, Office of Programs and
Coordination, Office of the National
Coordination for Health Information
Technology.
[FR Doc. 07–2274 Filed 5–8–07; 8:45 am]
BILLING CODE 4150–24–M
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Office of the National Coordinator for
Health Information Technology;
American Health Information
Community Chronic Care Workgroup
Meeting
ACTION:
Announcement of meeting.
SUMMARY: This notice announces the
16th meeting of the American Health
Information Community Chronic Care
Workgroup in accordance with the
Federal Advisory Committee Act (Pub.
L. No. 92–463, 5 U.S.C., App.)
June 5, 2007, from 1 p.m. to 4
p.m. Eastern Daylight Time.
DATES:
Mary C. Switzer Building
(330 C Street, SW, Washington, DC
20201), Conference Room 4090. Please
bring photo ID for entry to a Federal
building.
ADDRESSES:
FOR FURTHER INFORMATION CONTACT:
https://www.hhs.gov/healthit/ahic/
chroniccare/
The
Workgroup will discuss barriers to
availability of care in the virtual setting.
The meeting will be available via Web
cast. For additional information, go to:
https://www.hhs.gov/healthit/ahic/
chroniccare/cc_instruct.html
SUPPLEMENTARY INFORMATION:
Dated: April 30, 2007.
Judith Sparrow,
Director, American Health Information
Community, Office of Programs and
Coordination, Office of the National
Coordinator for Health Information
Technology.
[FR Doc. 07–2275 Filed 5–8–07; 8:45 am]
BILLING CODE 4150–24–M
PO 00000
Frm 00060
Fmt 4703
Sfmt 4703
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Office of the National Coordinator for
Health Information Technology;
American Health Information
Community Consumer Empowerment
Workgroup Meeting
ACTION:
Announcement of meeting.
SUMMARY: This notice announces the
17th meeting of the American Health
Information Community Consumer
Empowerment Workgroup in
accordance with the Federal Advisory
Committee Act (Pub. L. No. 92–463, 5
U.S.C., App.)
DATES: June 13, 2007, from 1 p.m. to 4
p.m.
ADDRESSES: Mary C. Switzer Building
(330 C Street, SW., Washington, DC
20201), Conference Room 4090. Please
bring photo ID for entry to a Federal
building.
FOR FURTHER INFORMATION: https://
www.hhs.gov/healthit/ahic/consumer/
SUPPLEMENTARY INFORMATION: The
Workgroup will continue its discussion
on how to encourage the widespread
adoption of a personal health record
that is easy-to-use, portable,
longitudinal, affordable, and consumercentered.
The meeting will be available via Web
cast. For additional information, go to:
https://www.hhs.gov/healthit/ahic/
consumer/ce_instruct.html.
Dated: April 30, 2007.
Judith Sparrow,
Director, American Health Information
Community, Office of Programs and
Coordination, Office of the National
Coordinator for Health Information
Technology.
[FR Doc. 07–2276 Filed 5–8–07; 8:45 am]
BILLING CODE 4150–24–M
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Office of the National Coordinator for
Health Information Technology;
American Health Information
Community Confidentiality, Privacy,
and Security Workgroup; Meeting
ACTION:
Announces of meeting.
SUMMARY: This notice announces the
11th meeting of the American Health
Information Community Confidentiality,
Privacy, and Security Workgroup in
accordance with the Federal Advisory
Committee Act (Pub. L. 92–463, 5
U.S.C., App.)
DATES: June 22, 2007, from 10 a.m. to
4:30 p.m.[Eastern].
E:\FR\FM\09MYN1.SGM
09MYN1
Federal Register / Vol. 72, No. 89 / Wednesday, May 9, 2007 / Notices
Hubert H. Humprey
Building (200 Independence Avenue,
SW., Washington, DC 20201),
Conference Room 505A (please bring
photo ID for entry into a Federal
building).
FOR FURTHER INFORMATION: https://
www.hhs.gov/health/ahic/
confidentiality/ Purpose: The
Workgroup Members will continue
discussing the working hypothesis and
evaluate the confidentiality, privacy,
and security protections for participants
in an electronic information exchange
network at a local, state, regional, and
nationwide level. The meeting will be
available via Web cast. For additional
information, go to: https://www.hhs.gov/
healthit/cps_instruct.html.
SUPPLEMENTARY INFORMATION: The
American Health Information
Community Confidentiality, Privacy,
and Security (CPS) workgroup is
seeking public feedback on its working
hypothesis. To submit comments via email (preferred), please send them to
cps-wkg@hsrnet.com (to ensure that
your e-mail is received and
appropriately filed, we ask that you put
‘‘CPS June 2007 Public Comment’’ in the
subject line of your e-mail) or mail your
comments to Steven Posnack, Office of
the National Coordinator (ONC), 330 C
Street, SW., Suite 4090, Washington, DC
20201. Written testimony submitted by
the public is not required to address all
of the questions listed below, and
answers to any or all of the questions
will be accepted so long as they comply
with the following guidelines.
Comments should be double-spaced and
submitted via e-mail or mail by 5 p.m.
Eastern Daylight Time and June 4, 2007,
in order to receive consideration by the
CPS workgroup.
For the past several months, the CPS
workgroup has been refining the
following ‘‘working hypothesis’’ as an
approach to gather information and
develop recommendations regarding the
protections that should apply to certain
persons and entities in a nationwide
health information exchange
environment. The main tenet of the
‘‘working hypothesis’’ is as follows:
All persons and entities excluding
consumers that participate in an
electronic health information exchange
network at a local, state, regional or
nationwide level, through which
individually identifiable electronic
health information is stored, compiled,
transmitted, or accessed, should be
required to meet privacy and security
criteria at least equivalent to relevant
Health Insurance Portability and
Accountability Act (HIPAA) Privacy and
Security Rate requirements In this case,
sroberts on PROD1PC70 with NOTICES
ADDRESSES:
VerDate Aug<31>2005
18:12 May 08, 2007
Jkt 211001
HIPAA is used to help establish a
common understanding of what federal
health information privacy and security
requirements apply to whom and for
what. Its inclusion in the ‘‘working
hypothesis’’ should not be
misinterpreted to mean the CPS
workgroup is only considering HIPAAfocused recommendations. Rather, the
CPS workgroup intends to evaluate, in
the future, whether the overall, baseline
standard for participating in these
networks should be changed to a
standard that is different from or
exceeds the current HIPAA privacy and
security rules.
THe CPS workgroup is interested to
hear from any party that may be affected
by its ‘‘working hypothesis.’’ Responses
should address the following questions
in the sections below. Please reference
the section with which your comment is
associated when making a comment.
1. Enforceable Mechanisms
The CPS workgroup understands that
there may be one or more appropriate
mechanisms to properly enforce and
ensure that confidentiality, privacy, and
security requirements are met in an
electronic health information exchange
environment Therefore, the workgroup
is interested in comments on
appropriate, effective, and feasible ways
to enforce confidentiality, privacy, and
security protections in this new
environment. Comments will be
considered by the workgroup for the
purposes of developing one or more
recommendations associated with the
‘‘working hypothesis’’ above.
2. Relevant Requirements
For a given participant’s
characteristics and role in an electronic
health information environment, certain
confidentiality, privacy, and security
requirements may be more relevant than
others. The CPS workgroup requests
comment as to whether particular
confidentiality, privacy, and security
requirements equivalent to those in the
HIPAA Privacy and Security Rules
should or should not apply to a
particular type of person or entity and
why. Please identify specific section(s)
of the HIPAA Privacy and Security
Rules. The following examples have
been developed to identify the level of
detail and specificity the workgroup is
seeking in a response:
Example 1: Similar to the treatment of
health care clearinghouses under the HIPAA
Privacy Rule it may not be appropriate for a
health information exchange organization to
provide privacy notices (Section 164.500(b)).
Example 2: With respect to Section 164.510
of the HIPAA Privacy Rule, a health
information exchange organization may not
PO 00000
Frm 00061
Fmt 4703
Sfmt 4703
26393
have a function analogous to a ‘‘facility
directory’’ and therefore compliance with
that type of requirement may not be
appropriate.
3. Business Associates
The CPS workgroup is concerned that
an electronic health information
exchange environment may lead to an
unwieldy amount of contractual
relationships in the form of business
associate agreements each with their
own specific confidentiality, privacy,
and security nuances—with limited
direct enforcement. The workgroup is
seeking comments on the pros and cons
of having business associates directly
responsible for HIPAA requirements—
not through contractual arrangements. If
you are a business associate please
answer the following questions:
(A) How does your organization
ensure compliance with the privacy and
security policies of covered entities with
whom it contracts, particularly when
there are numerous contracts?
(B) How do you handle business
associate contracts with large numbers
of covered entities including
compliance with each covered entity’s
privacy policies?
(C) How are business associate
agreements negotiated? Do you have a
standard contract?
(D) How is the data protection
compliance of subcontractors ensured
and/or assessed?
(E) Do you have subcontractors and
how do you handle those agreements?
(F) How would direct accountability
for meeting relevant HIPAA
requirements impact your business?
4. General Questions
The CPS workgroup is seeking
comment on any of the following
additional questions.
(A) What are the implications of
having some entities performing similar
services covered by federal law (e.g.,
HIPAA) and others not? For example, a
personal health record (PHR) could be
offered by a health plan (covered entity)
and an independent PHR service
provider (non-covered entity).
i. How does this impact your
competitiveness?
ii How doe this impact your ability to
exchange information with others?
iii. Does contracting with non-covered
entities create different levels of
accountability and/or enforceability in
the exchange of health information?
(B) Assuming you are not a covered
entity, what would be the implications
of complying with enforceable
confidentiality, privacy, and security
requirements at least equivalent to
relevant HIPAA principles?
E:\FR\FM\09MYN1.SGM
09MYN1
26394
Federal Register / Vol. 72, No. 89 / Wednesday, May 9, 2007 / Notices
(C) Is there a minimum set of
confidentiality, privacy, and security
protections that you think everyone
should follow, if not HIPAA, what?
The meeting will be available via Web
cast. For additional information, go to
https://www.hhs.gov/healthit/ahic/
cps_instruct.html.
Dated: May 2, 2007.
Judith Sparrow,
Director, American Health Information
Community, Office of Programs and
Coordination, Office of the National
Coordinator for Health Information
Technology.
[FR Doc. 07–2277 Filed 5–8–07; 8:45 am]
BILLING CODE 4150–24–M
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
National Toxicology Program (NTP);
Report on Carcinogens; Request for
Nominations of Scientific Experts for
Review of Candidate Substances for
the 12th Report on Carcinogens
National Institute of
Environmental Health Sciences
(NIEHS), National Institutes of Health
(NIH).
ACTION: Request for nominations of
scientific experts.
AGENCY:
sroberts on PROD1PC70 with NOTICES
SUMMARY: On April 16, 2007, NTP
released the final review process for
preparation of the 12th Report on
Carcinogens (RoC, 72FR18999, available
at https://ntp.niehs.nih.gov/go/9732).
This notice invites the public to
nominate scientists to serve on expert
panels. These scientists should have
expertise and/or knowledge relevant to
evaluation of the potential carcinogenic
hazard of the candidate substances that
will undergo review for the 12th RoC.
DATES: Nominations of scientific experts
received by June 8, 2007.
ADDRESSES: Nominations should be sent
to Dr. C. W. Jameson, Report on
Carcinogens (NIEHS, P.O Box 12233,
MD EC–17, Research Triangle Park, NC
27709; fax: (919) 541–0144, e-mail:
jameson@niehs.nih.gov. Courier
address: Report on Carcinogens, NIEHS,
79 Alexander Drive, Building 4401,
Room 3118, Research Triangle Park, NC
27709).
FOR FURTHER INFORMATION CONTACT: Dr.
C. W. Jameson, telephone: (919) 541–
4096 or jameson@niehs.nih.gov.
SUPPLEMENTARY INFORMATION:
Request for Nominations of Scientific
Experts
The review process for preparation of
the 12th RoC is available on the NTP
RoC Web site (https://ntp.niehs.nih.gov/
VerDate Aug<31>2005
18:12 May 08, 2007
Jkt 211001
go/15208). The process includes
development of a draft background
document for each candidate substance
undergoing review for the 12th RoC.
The NTP will convene an ad hoc expert
panel to peer review the draft
background document at a public
meeting and make a recommendation to
the NTP on the candidate substance’s
listing status for the RoC. The NTP
invites the public to nominate scientists
to serve on the expert panels who have
expertise and/or knowledge relevant to
the evaluation of carcinogenicity for the
candidate substances (listed below).
Relevant areas of expertise and/or
knowledge include, for example,
biostatistics, carcinogenesis, chemistry,
epidemiology, exposure assessment,
molecular biology, pathology,
toxicokinetics, and toxicology.
Scientists nominated in response to a
previous notice (70FR60548), which
sought names of scientists to write and/
or review background documents, will
also be considered as potential
candidates for the expert panels.
Each nomination should include
contact information for the nominee
[name, affiliation (if any), address,
telephone, fax, and e-mail], the
candidate substance(s) for which they
have relevant expertise and/or
knowledge, and a complete curriculum
vitae. Final selection of individuals to
serve on these panels will be made in
accordance with the Federal Advisory
Committee Act and Department of
Health and Human Services
implementing regulations. Previously,
NTP sought input on substances
nominated for possible review for the
12th RoC (69FR28940, 69FR62276, and
70FR60548). The 14 candidate
substances selected for review for the
12th RoC are listed below. Information
on these candidate substances is
available on the NTP Web site for the
12th RoC (https://ntp.niehs.nih.gov/go/
10091) or by contacting Dr. C. W.
Jameson (see ‘‘FOR FURTHER INFORMATION
CONTACT’’ above).
The candidate substances for the 12th
RoC are:
• Aristolochic acid-related exposures:
(1) Botanical products containing
aristolochic acid
(2) Aristolochic acid
• Captafol
• Cobalt-tungsten carbide powders and
hard metals
• Di (2-ethylhexyl) phthalate
• Selected DNA topoisomerase II
inhibitors:
(1) Etoposide
(2) Etoposide in combination with
cisplatin and bleomycin
(3) Teniposide
PO 00000
Frm 00062
Fmt 4703
Sfmt 4703
•
•
•
•
•
•
Formaldehyde
Glass wool fibers (certain)
Metalworking fluids
ortho-Nitrotoluene
Riddelliine
Styrene
Background Information on the Report
on Carcinogens
The RoC is a congressionally
mandated document [Section 301(b)(4)
of the Public Health Services Act, 42
U.S.C. 241(b)(4)], approved by the
Secretary of Health and Human Services
(HHS), that identifies agents,
substances, mixtures, or exposure
circumstances (collectively referred to
as ‘‘substances’’) that may pose a
carcinogenic hazard to human health.
The Secretary, HHS, delegated
responsibility for preparing the report to
the NTP. Substances are listed in the
RoC as either known to be human
carcinogens or reasonably anticipated to
be human carcinogens. Publication of
the RoC is the end result of an extensive
scientific review and assessment
process with multiple opportunities for
public comment
The NTP solicits and encourages the
broadest participation from interested
individuals or parties in nominating
agents, substances, mixtures, or
exposure circumstances for review for
future RoCs. Nominations should
contain a rationale for review.
Appropriate background information
and relevant data [e.g., journal articles,
NTP Technical Reports, International
Agency for Research on Cancer (IARC)
listings, exposure surveys, release
inventories, etc.] that support a
nomination should be provided or
referenced when possible. Contact
information for the nominator should
also be included [name, affiliation (if
any), address, telephone, fax, and email].
Dated: April 30, 2007.
Samuel H. Wilson,
Deputy Director, National Institute of
Environmental Health Sciences and National
Toxicology Program.
[FR Doc. E7–8899 Filed 5–8–07; 8:45 am]
BILLING CODE 4140–01–P
E:\FR\FM\09MYN1.SGM
09MYN1
]]>Agencies
[Federal Register Volume 72, Number 89 (Wednesday, May 9, 2007)]
[Notices]
[Pages 26392-26394]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 07-2277]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of the National Coordinator for Health Information
Technology; American Health Information Community Confidentiality,
Privacy, and Security Workgroup; Meeting
ACTION: Announces of meeting.
-----------------------------------------------------------------------
SUMMARY: This notice announces the 11th meeting of the American Health
Information Community Confidentiality, Privacy, and Security Workgroup
in accordance with the Federal Advisory Committee Act (Pub. L. 92-463,
5 U.S.C., App.)
DATES: June 22, 2007, from 10 a.m. to 4:30 p.m.[Eastern].
[[Page 26393]]
ADDRESSES: Hubert H. Humprey Building (200 Independence Avenue, SW.,
Washington, DC 20201), Conference Room 505A (please bring photo ID for
entry into a Federal building).
FOR FURTHER INFORMATION: https://www.hhs.gov/health/ahic/
confidentiality/ Purpose: The Workgroup Members will continue
discussing the working hypothesis and evaluate the confidentiality,
privacy, and security protections for participants in an electronic
information exchange network at a local, state, regional, and
nationwide level. The meeting will be available via Web cast. For
additional information, go to: https://www.hhs.gov/healthit/cps_
instruct.html.
SUPPLEMENTARY INFORMATION: The American Health Information Community
Confidentiality, Privacy, and Security (CPS) workgroup is seeking
public feedback on its working hypothesis. To submit comments via e-
mail (preferred), please send them to cps-wkg@hsrnet.com (to ensure
that your e-mail is received and appropriately filed, we ask that you
put ``CPS June 2007 Public Comment'' in the subject line of your e-
mail) or mail your comments to Steven Posnack, Office of the National
Coordinator (ONC), 330 C Street, SW., Suite 4090, Washington, DC 20201.
Written testimony submitted by the public is not required to address
all of the questions listed below, and answers to any or all of the
questions will be accepted so long as they comply with the following
guidelines. Comments should be double-spaced and submitted via e-mail
or mail by 5 p.m. Eastern Daylight Time and June 4, 2007, in order to
receive consideration by the CPS workgroup.
For the past several months, the CPS workgroup has been refining
the following ``working hypothesis'' as an approach to gather
information and develop recommendations regarding the protections that
should apply to certain persons and entities in a nationwide health
information exchange environment. The main tenet of the ``working
hypothesis'' is as follows:
All persons and entities excluding consumers that participate in an
electronic health information exchange network at a local, state,
regional or nationwide level, through which individually identifiable
electronic health information is stored, compiled, transmitted, or
accessed, should be required to meet privacy and security criteria at
least equivalent to relevant Health Insurance Portability and
Accountability Act (HIPAA) Privacy and Security Rate requirements In
this case, HIPAA is used to help establish a common understanding of
what federal health information privacy and security requirements apply
to whom and for what. Its inclusion in the ``working hypothesis''
should not be misinterpreted to mean the CPS workgroup is only
considering HIPAA-focused recommendations. Rather, the CPS workgroup
intends to evaluate, in the future, whether the overall, baseline
standard for participating in these networks should be changed to a
standard that is different from or exceeds the current HIPAA privacy
and security rules.
THe CPS workgroup is interested to hear from any party that may be
affected by its ``working hypothesis.'' Responses should address the
following questions in the sections below. Please reference the section
with which your comment is associated when making a comment.
1. Enforceable Mechanisms
The CPS workgroup understands that there may be one or more
appropriate mechanisms to properly enforce and ensure that
confidentiality, privacy, and security requirements are met in an
electronic health information exchange environment Therefore, the
workgroup is interested in comments on appropriate, effective, and
feasible ways to enforce confidentiality, privacy, and security
protections in this new environment. Comments will be considered by the
workgroup for the purposes of developing one or more recommendations
associated with the ``working hypothesis'' above.
2. Relevant Requirements
For a given participant's characteristics and role in an electronic
health information environment, certain confidentiality, privacy, and
security requirements may be more relevant than others. The CPS
workgroup requests comment as to whether particular confidentiality,
privacy, and security requirements equivalent to those in the HIPAA
Privacy and Security Rules should or should not apply to a particular
type of person or entity and why. Please identify specific section(s)
of the HIPAA Privacy and Security Rules. The following examples have
been developed to identify the level of detail and specificity the
workgroup is seeking in a response:
Example 1: Similar to the treatment of health care
clearinghouses under the HIPAA Privacy Rule it may not be
appropriate for a health information exchange organization to
provide privacy notices (Section 164.500(b)).
Example 2: With respect to Section 164.510 of the HIPAA Privacy
Rule, a health information exchange organization may not have a
function analogous to a ``facility directory'' and therefore
compliance with that type of requirement may not be appropriate.
3. Business Associates
The CPS workgroup is concerned that an electronic health
information exchange environment may lead to an unwieldy amount of
contractual relationships in the form of business associate agreements
each with their own specific confidentiality, privacy, and security
nuances--with limited direct enforcement. The workgroup is seeking
comments on the pros and cons of having business associates directly
responsible for HIPAA requirements--not through contractual
arrangements. If you are a business associate please answer the
following questions:
(A) How does your organization ensure compliance with the privacy
and security policies of covered entities with whom it contracts,
particularly when there are numerous contracts?
(B) How do you handle business associate contracts with large
numbers of covered entities including compliance with each covered
entity's privacy policies?
(C) How are business associate agreements negotiated? Do you have a
standard contract?
(D) How is the data protection compliance of subcontractors ensured
and/or assessed?
(E) Do you have subcontractors and how do you handle those
agreements?
(F) How would direct accountability for meeting relevant HIPAA
requirements impact your business?
4. General Questions
The CPS workgroup is seeking comment on any of the following
additional questions.
(A) What are the implications of having some entities performing
similar services covered by federal law (e.g., HIPAA) and others not?
For example, a personal health record (PHR) could be offered by a
health plan (covered entity) and an independent PHR service provider
(non-covered entity).
i. How does this impact your competitiveness?
ii How doe this impact your ability to exchange information with
others?
iii. Does contracting with non-covered entities create different
levels of accountability and/or enforceability in the exchange of
health information?
(B) Assuming you are not a covered entity, what would be the
implications of complying with enforceable confidentiality, privacy,
and security requirements at least equivalent to relevant HIPAA
principles?
[[Page 26394]]
(C) Is there a minimum set of confidentiality, privacy, and
security protections that you think everyone should follow, if not
HIPAA, what?
The meeting will be available via Web cast. For additional
information, go to https://www.hhs.gov/healthit/ahic/cps_instruct.html.
Dated: May 2, 2007.
Judith Sparrow,
Director, American Health Information Community, Office of Programs and
Coordination, Office of the National Coordinator for Health Information
Technology.
[FR Doc. 07-2277 Filed 5-8-07; 8:45 am]
BILLING CODE 4150-24-M
