HIT Policy Committee HIT Policy Committee

Governance Workgroup MeetingGovernance Workgroup Meeting

September 3, 2010

Purpose of This Call

• Confirm Workgroup focus • Consider scope of nationwide health information

network governance • Identify panels for 9/28 hearing• Confirm process for drafting recommendations

2

Agenda

• Background

• Workgroup charge

• Scope and focus– Workgroup – Nationwide health information network

• Existing Governance Analysis• September 28th hearing• Next steps

3

BACKGROUND

4

HITECH Calls for Governance Mechanism

• HITECH directed the National Coordinator to “establish a governance mechanism for the nationwide health information network*.”

• Proposed rulemaking would identify governance mechanism(s) that:– Engender trust;– Assure effectiveness; – Meet or exceed consumer expectations; and – Promote and facilitate use of the nationwide health information

network.

* The name Nationwide Health Information Network will be changed in Fall 2010.

5

Why Address Governance Now?

• HITECH requires it. • Governance is essential to make decisions needed to

accomplish national HIT agenda and HITECH goals.• Necessary for the existing limited production exchange

(“Exchange”) to expand and grow beyond those entities under federal contract, grant or cooperative agreement.

• Necessary in order to validate and assure that conditions for trust and nationwide interoperability exist.

• States are establishing governance roles (e.g. for certification of HISPs) in the absence of national governance.

• Necessary for transparent oversight, enforcement and accountability. 6

WORKGROUP CHARGE

7

Governance Workgroup Purpose

• CHARGE: To draft a set of recommendations on the scope and process of governance for nationwide health information network, including measures to ensure accountability and oversight.

• Related purposes:– To provide recommendations to engender trust in the

nationwide health information network (“network”) and to promote and facilitate broader participation in the nationwide health information network exchange (“exchange”);

– To facilitate development of a notice of proposed rulemaking (NPRM); and

– To provide comment on the NPRM when it is issued.

8

Governance Workgroup Deliverables

• Deliverables: – Governance hearing (September 28)

• Identify structure and panels• Develop questions for testifiers to address

– Initial recommendations presented to HITPC (October 20)– Final recommendations presented to HITPC (November 19)– Hearing and comments on NPRM (Q2 / Q3 2011)

9

SCOPE AND FOCUS

10

Nationwide Health Information Network (“Network”) Definition

• Standards, services and policies for promoting and facilitating secure exchange of health information on the internet to improve health and health care– Not a centralized database or single physical network– Includes a set of core functionality for data transmission,

registries and privacy and security– Not inclusive of all health information exchange (HIE)

11

Guidance

• Recognize and leverage existing governance mechanisms where feasible.

• Identify and bridge gaps in existing governance mechanisms.

• identify those aspects of governance (existing and new) where coordination could enhance and/or promote greater trust and interoperability, and suggest approaches for appropriate coordination.

• Promote the broad utilization of core functionality, including the underlying standards, services and policies for the nationwide health information network.

12

“Network” Governance Mechanisms

• Governance mechanisms for the “Network” could establish or ratify:– A preferred option for trusted and interoperable health

information exchange, where various levers could be employed to encourage its use.

• Those who voluntarily participate in the “Network” would be subject to governance and applicable law

• Those who chose not to participate would comply with applicable law

– A process for: • Assuring use of identified standards and services that

promote interoperability for the “Network”;• Defining policies that promote and facilitate HIE through the

“Network”, while appropriately protecting privacy and security; and

• Providing oversight, enforcement and accountability. 13

Workgroup Focus

14

Key Workgroup Questions

• What needs to be governed in a centralized fashion?– Why is centralized governance important for this/these

element(s)?

• When should there be coordination by the federal government (e.g. across governance roles, for certain functions, services, etc.)?– Why is coordinated governance important this/these

element(s)?

15

ANALYSIS OF EXISTING GOVERNANCE MECHANISMS

16

Existing Mechanisms

• FACA process and ONC process (as required by HITECH)– Prioritize and identify a set of standards, implementation

specifications, certification criteria and related certification programs for meaningful use.

• Standards and Interoperability (“S&I”) Framework – A portion of which is specific to the Network, e.g. use cases,

requirements, specifications, reference implementation)

3. Existing laws (e.g. HIPAA, FISMA, state and other applicable laws)

4. Regulations for e-Commerce and Internet privacy (e.g. FTC)

17

Existing Mechanisms - continued

5. Existing or developing networks for HIE (e.g. state efforts, Health Information Organizations (HIOs), national networks, EHR vendor networks, public and private networks, public-private partnerships, etc.)– Various self-governance mechanisms employed (e.g. governing

board structures, contractual, other, etc.)

6. Federal procurement process to the extent that it defines conditions for HIE under federal contracts.

18

Possible Gaps

• Is there a need for an authoritative mechanism for the nationwide health information network to: – Define a set of criteria (i.e. conditions for trust and

interoperability) for the Network across all exchange modalities to assure user and individual confidence in order to promote exchange.

– Establish an authoritative validation process to assure that conditions for trust and interoperability are met. In some forms of exchange, there may be a need for validation that intermediaries satisfy certain conditions in order to be trusted (e.g. identity assurance, etc.)

– Recognize trusted shared technical resources (e.g. Certificate Authority, UDDI registry, etc.) for use by the Network.

– Oversee and assure accountability for upholding conditions for trust, interoperability and for the governance mechanisms themselves on an ongoing basis. 19

GOVERNANCE HEARINGSeptember 28, 2010

20

Governance Hearing (9/28)

• Today: – Identify panels– Describe purpose / focus of each panel– Identify key types of questions for each panel to address

• E-mail suggestions for panelists

21

Draft Governance Hearing Outline

• Panel 1: Governance models in other domains (e.g. W3C, ICANN, Banking, telecommunications)

• Panel 2: Experience of governance in health information exchange

• Panel 3: Governance for trust • Panel 4: Governance for interoperability• Panel 5: Accountability, enforcement and oversight

22

NEXT STEPS

23

Drafting Recommendations

• Today: Identify small sub-group to lead the drafting of recommendations

• Workgroup meeting (conference call) to discuss initial outline week of October 4th

• Additional Workgroup calls as needed to develop draft recommendations for presentation to HITPC 10/20

• Workgroup call week of October 25 to review new draft based on HITPC input

• Additional Workgroup calls as needed to finalize recommendations for presentation to HITPC 11/19

Pre-decisional DRAFT 081010 24