(D3) Trying on the RCKMS Glass Slipper: How Well Do Jurisdictional Reporting Criteria Fit?
A recent article in HealthAffairs describes a significant decline in the number of both operational HIEs and HIEs in the planning stage from several years earlier. The authors note continuing barriers to broad-based HIE and a shift to vendor-driven exchange which diminishes the effectiveness of community-based networks. In effect, this translates to a shift away from geographic-based/dominated HIEs to product-dominated HIEs. We have already noted (see The Interoperability of Things) the lack of a national strategy on HIE, and ONC’s Nationwide Interoperability Roadmap barely mentions the concept.
By Noam H. Arzt and Michael Berry
It is common practice today to encrypt data at rest, that is, data stored on servers. To build off an old adage, no one ever got fired for encrypting their data. But what protection does that really provide? Is just encrypting data enough?
First, let’s distinguish between three methods for encrypting data at rest.
Full-disk encryption. Most modern operating systems (like Linux or Windows Server) provide the capability to encrypt their disks in their entirety. This is accomplished with symmetric encryption whereby there is a key or passphrase that a computer operator has to enter when the disks are encrypted and when the system boots to allow access to the data. Typically, the password must be manually entered on the physical server console, though some virtualized and cloud-based environments offer remote passphrase entry and varying degrees of passphrase management and automation. With full-disk encryption, software installed on the server does not need to know or do anything special to operate normally: the operating system provides transparent access to the encrypted data as necessary with very little performance loss. But note that the initial encryption needs to be done on a new disk (or set of disks) as an existing disk will be wiped clean in the process. So it’s easiest to do this during an initial deployment or migration to a new server.
HLN Consulting is pleased to announce a new project with the Veterans Health Administration (VHA) which will result in the incorporation of HLN’s Open Source ICE Immunization Evaluation and Forecasting software into VistA, the EHR used by VHA, and its deployment system-wide over the next few years. VHA is the largest health system in the US (other than the Department of Defense). HLN has been collaborating with VHA and its Open Source partners in the Open Source Electronic Health Record Alliance (OSEHRA) for the past several years. This represents a major step forward for the Open Source movement in government and for higher quality immunization forecasting and evaluation. For more information contact Noam Arzt (firstname.lastname@example.org) or Mike Suralik (email@example.com).
HLN’s president, Dr. Noam Arzt, participated in a regional meeting in Hawai’i sponsored by the American Immunization Registry Association (AIRA). Bringing together Immunization Information Systems managers and staff from the Pacific Islands, this two-day session focused on the unique needs of these island jurisdictions with respect to IIS functionality and interoperability. Dr. Arzt participated as a panelist in a session on successful vendor-client relationships.