How should the technology be designed?

Federal and state privacy laws, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, are designed to protect both paper and electronic health records.Systems must be designed to meet these stringent requirements:

  • Individuals should know how their personal identifiable health information may be used and who has access to it.
  • Individuals should have control over whether and how their personally identifiable health information is shared.
  • Systems must protect the integrity, privacy and security, and confidentiality of an individual's information.
  • The governance and administration of electronic health information exchange networks should be transparent and publicly accountable.

Last modified: Jul 31, 2013
HISPC toolkit