The FISMA challenge

Federal healthcare officials are trying to figure out how to remove— or at least significantly reduce—what they say is a barrier to their ability to share health information with the private sector.

The obstacle is the Federal Information Security Management Act (FISMA), a set of information security requirements that were mandated for U.S. federal government computer systems and data in 2002.

Until now, only federal agencies and contractors who operate systems on their behalf have been required to meet FISMA’s stringent and paperwork-intensive information security requirements.

What concerns federal officials is the idea that the entire U.S. healthcare industry could be required to comply with FISMA in order for e-health records to be shared between federal agencies and private entities. Even worse, agencies would have to certify FISMA compliance for all the healthcare organizations that tap into their information.

Read more on Government Health IT.

About the author: Dissent

Comments are closed.