The Privacy and Security Tiger Team of the HIT Policy Committee is seeking public comment on authentication "trust" rules for provider organizations.

"For purposes of this discussion, authentication is the verification that a provider entity (such as a hospital or physician practice) seeking access to electronic protected health information is the one claimed, and the level of assurance is the degree of confidence in the results of an authentication attempt," the Tiger Team explains in an entry on the Federal Advisory Committee Blog.

All comments on organizational authentication are welcome, but the team particularly seeks information on six specific questions covering the strength of authentication, ability to receive digital credentials, the process for issuing digital credentials, who has authority to issue the credentials, the need for an established technical standard for credentials, and the types of transactions that must be authenticated.

Comments are due by Oct. 29. To access the questions and offer comments, click here.

--Joseph Goedert

 

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access