The "tiger team" created to resolve thorny privacy and security issues associated with sharing patients' health records wasted no time before tackling a difficult issue Thursday at the team's first public meeting.

Should health information services providers (HISPs), such as regional networks, be allowed to look at the records the HISPs are transferring from one health care provider to another?

If so, can HISP employees look at the records, or should this access be limited to computerized reviews to ensure the necessary routing and other minimum data are present?

And if either computers or people can look at the records en route, how can patients be informed of this access and be given an opportunity to withdraw their consent for e-records sharing?

Ancillary issues include the question of how long the HISP could keep the records in its possession and how to resolve conflicts between federal rules governing these situations and those of multiple states that the records might end up in.

The team came to no conclusions but agreed to continue its discussion at its next meeting.

Although the team members acknowledged that some technical staff at HISPs might need to look at some parts of the records being transmitted, a representative of the Regenstrief Institute in Indianapolis " operator of a health information network that is regarded as the nation's largest and most advanced " informed the team that her organization looks at all the records it transmits.

That statement, during a public comment period, seemed to surprise tiger team members. The Regenstrief representative said she would provide them with more information.

The team, composed of members of the privacy and security workgroups of the official Health IT Policy Committee and Standards Committee, is supposed to find sound policies that can be used in real-world settings and identify technical solutions that will support those policies.

The Office of the National Coordinator of Health IT, which formed the team, wants the team's work completed by late fall. Paul Egerman, a health IT entrepreneur who co-chairs the team, said its work would be "a very intense process."

Also at the meeting, Mariann Yeager, an ONC contract employee, said four new users next week will begin using the Nationwide Health Information Network Exchange (formerly called NHIN Connect) and users are expected to total about two dozen by early 2011.

In new applications, the Regenstrief Institute will deliver biosurveillance data to the federal Centers for Disease Control and Prevention using NHIN Exchange software, and at least one healthcare provider will deliver quality metrics to the Centers for Medicare and Medicaid Services, Yeager said.