In order for health information exchange and Health Information Technology (HIT) to be successful, consumers must trust that their health information will be kept confidential and secure.  Likewise, participants in the exchange must feel confident that they are not exposing their organizations to risk or violations of law. Thus there is a critical need to review federal and state laws affecting health information exchange and HIT, particularly related to confidentiality, the use and disclosure of health information, and to anticipate new issues that may arise through health data exchange and HIT across multiple environments.

Legal Tasks:

• Document real and perceived legal concerns of MiHIA stakeholders within region.

• Understand and translate the existing and regulatory issues regarding health information exchange and HIT for the MiHIA stakeholders

• Identify examples of best practices from other regions and/or states that can be applied to a variety of health care environments, that comply with HIPAA, and that represent consumer interests

• Identify specific legal actions required for MIHIA stakeholders to participate in HIE.
• Document real and perceived legal barriers that could dramatically hinder health information exchange and HIT for different purposes, including for treatment, payment functions, quality improvement, public health and research
• Identify practical strategies and solutions (not technical) for developing health information exchange that will ensure the secure and confidential transmission of medical information 
• Prepare Data Sharing Agreement to achieve the foregoing

Major Deliverables

• Issues List
• Confidentiality and Data Sharing Agreement

• Policies to support the Data Sharing Agreement

Major Activities and Timeline

• TBD