The HIT Policy Committee is holding a hearing today in Washington, D.C. to discuss the privacy aspects of healthcare IT found in the American Recovery and Reinvestment Act (ARRA).

Jodi Daniel, director of the Office of Policy and Research at the Office of the National Coordinator for Health IT (ONC), who opened the meeting this morning, said privacy and security are fundamental building blocks for meaningful use of healthcare IT.

"The success of health information technology and exchange rests on consumer and provider confidence in privacy and security protections," she said.

Daniel outlined the key privacy aspects found in ARRA. The HIT Policy Committee is responsible for advising the federal government on:

* Technologies that protect the privacy of health information and promote security in an electronic health record;
* Segmentation and protection from disclosure of specific and sensitive individually identifiable health information with the goal of minimizing the reluctance of patients to seek care;
* Use and disclosure of limited data sets;
* Infrastructure that allows for accurate exchange;
* Technologies for an accounting of TPO (treatment, payment and health operations) disclosures;
* Technologies that allow IIHI to be rendered unusable, unreadable or indecipherable to unauthorized individuals; and
* Methods to facilitate secure access to personal health information by an individual or person assisting in care.

ONC officials proposed a breach notification rule in April, with a final rule out in August. The rule will be effective Sept. 23 with a comment period closing Oct. 23, Daniel said.

Deborah Peel, a national expert on patient healthcare IT privacy, was the first to testify today on patient privacy. "Millions of Americans are concerned about the control of their personal data," she said. She said ensuring data privacy and security is the only way that healthcare IT can move forward successfully.

Peel said privacy should have been established before policy on healthcare IT.