6 Steps for Securing Patient Information in Healthcare
Bernard Harguindeguy, Chief Technology Officer & General Manager Intelligence Ping Identity The Centers for Medicare and Medicaid Services (CMS) strive for innovations in healthcare technologies that drive down costs and improve the patient experience. One big step forward is the 21 st Century Cures Act passed in 2016, putting patients in charge of their own health records.
Then in 2021, both the CMS Interoperability and Patient Access Final Rule and the Office of the National Coordinator for Health IT (ONC) Information Blocking Rule went into effect, which aims to drive interoperability and patient access to Electronic Health Information (EHI) by liberating patient data through a data exchange using secure Application Programming Interfaces (APIs). In other words, health care organizations must now allow patients to access and share their electronic health information through the Fast Healthcare Interoperability Resources (FHIR) API.
Any organization implementing the API must also publicly document its functionality and operation by posting it directly on their website or via publicly accessible hyperlinks. The documentation must include at a minimum the API syntax, function names, required and optional parameters and their data types, return variables and their types/structures, exceptions and exception-handling methods, software components and the configurations an app must […]