Health information technology (HIT) is believed by most policymakers, health professionals, and other stakeholders to be the best means of improving patient safety and health, increasing healthcare efficiency, improving resource utilisation, and lowering healthcare costs. But HIT also raises concerns about the privacy and security of personal health information. As the United States and other nations grapple with healthcare quality and unsustainable costs by promoting HIT, health information exchanges, and collaborative care models, sensitive health information is becoming more vulnerable. Information that previously remained on paper and accessible only to the healthcare provider and staff who produced it will increasingly flow electronically among providers, within and outside a hospital's walls, and between providers and other stakeholders, such as payers. HIT creates fluid information, enabling more people to access and alter private health information and creating more issues for providers and payers in managing risks and compliance.
In this paper, we review:
* Initiatives to encourage the adoption of HIT;
* Health information exchanges (HIE) and collaborative care models;
* The risks and compliance issues emanating from HIT, HIE, and collaborative care models;
* The need for data continuity in the world of digitised healthcare information;
* The necessity of implementing a risk and compliance management strategy;
* Essential steps in designing any risk and compliance management strategy; and
* Examples of strategies and technologies for managing risk and compliance.
Healthcare executives, providers, payers, and their business associates must deal with risk and compliance management from the very beginning of HIT development, or face potentially serious consequences: poorer health outcomes, ruined reputations, and financial losses from security breaches, lost data, and non-compliance.
[VIDEO]
Share