The Privacy and Security Tiger Team is continuing its efforts to flesh out a comprehensive privacy and security policy framework for electronic health information exchange. The framework is intended to build on current law (HIPAA, Health Insurance Portability and Accountability Act) and is based on the fair information practice principles articulated by the Office of the National Coordinator for Health Information Technology (ONC) in its “Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information” (first released on December 15, 2008). (more…)