Wednesday, December 26, 2012

Book published on Healthcare Information Technology

I wrote chapter 28 - "Unique Operational Safeguards in an Electronic Health Record and a Healthcare Information Exchange". The full title of the book is quite complex "Healthcare Information Technology Exam Guide for CompTIA Healthcare IT Technician and HIT Pro Certifications"

It isn't a full book like Keith writes; but it is my second offering toward a book. The first was a book that likely sold only 10 ceremonial copies in 1997 "Intranet Resource Kit". In neither book am I a big enough writer to make much mention on the cover.

I am very pleased with my chapter in the HIT book, 31 pages. I cover quite a bit of ground on Privacy and Security related to EHR and HIE. Much of the material comes from my blog, but even that had to be rewritten to fit the editorial style of a book. The chapter covers everything from identity, identity proofing, access control, authentication, and role based access control. I cover the various perspectives one must take in healthcare to protect data appropriately; including the patient perspective, provider perspective, and organizational perspective. I cover this topic as an exercise in a local EHR, but also how this model needs to be extended across an HIE to continue to protect the sensitive healthcare information. This requires the expansion out into Metadata and Federated Identity. 

This book has a large number of contributors, some that I know well. The set of 8 chapters that make up Part IV "Healthcare IT Security, Privacy, and Confidentiality" is coordinated by Lori Reed Fourquet.  The chapters are anchored by Dixie Baker who starts off the section with "Building Trust"; Gila Pyke with "Risk Assessment and Management"; Dennis Seymour with "Physical Safeguards, Facility Security, Secure Systems and Networks, and Securing Electronic Media"; Sean Murphy with "Healthcare Information Security: Operational Safeguards"; Lisa Gallagher with "Architectural Safeguards"; Braulio Cabral with "Healthcare Cybersecurity Technology"; and Karen Bell with "Certification of HIT Products and Systems".

Others that I know well: Don Mon coordinated Part II on "Healthcare Regulatory Requirements". Floyd Eisenberg wrote "Using Healthcare IT to Measure and Improve Outcomes"; Marc Overhage "The Role of Healthcare IT in Improving Population Health"; John Glaser "Strategic Leadership and Management of Health Information Technology in Provider Organizations"; Judy Murphy "Healthcare Information Technology and Healthcare Policy"; Joyce Sensmeier "Navigating Health Data Standards and Interoperability"; Chris Apgar "Regulatory Aspects of Healthcare IT: Legal Best Practices and Requirements"; and so many more. It is shocking how many people contributed to this book.