Frequently Asked Questions for Health Care Providers
About Electronic Health Records and Health Information Exchange
KHITE, KHIE, KHIN, LACIE, HIE, HIO…..so many “K’s”, “H’s”, and “I’s”….it’s all very confusing. What does all this mean and how does it all fit together?
The key term here is “HIE”. The acronym stands for “Health Information Exchange”, which is a system that allows for the secured exchange of electronic patient health records.
HIE’s are formed and are operated by “HIOs”, or Health Information Organizations. Two such HIOs are approved to operate in Kansas. These HIOs are the Kansas Health Information Network (KHIN), and the Lewis and Clark Information Exchange (LACIE).
The HIOs are required to make formal application for certification by a regulator. The regulator is an organization named “KHIE”, an acronym that stands for the “Kansas Health Information Exchange”. To some extent, the name is a misnomer, because KHIE doesn’t provide any exchange services…it simply approves and monitors the organizations that do provide exchange services….in this case KHIN and LACIE.
The laws in Kansas that make this possible are called “KHITE”, an acronym for the Kansas Health Information Technology Exchange Act. KHITE was passed by the Kansas legislature in 2011, and authorizes KHIE to create certification criteria for health information exchanges. It also requires KHIE to promulgate and publish policies related to the electronic exchange of health information in Kansas, and, again, to monitor the operations of the organizations that provide health information exchange services in Kansas.
What else does KHITE do?
KHITE provides a measure of immunity for all providers who participate with an approved health information exchange in Kansas, provided that the provider follows the privacy and security guidelines as defined by the federal Health Insurance Portability and Accountability Act (HIPAA). The immunity shields providers from state civil and criminal action and adverse action from regulatory agencies and boards….again if they follow HIPAA privacy and security guidelines.
KHITE also establishes Kansas as an “opt-out” state. This means that patient information may be exchanged by participants in an approved health information exchange unless the patient elects to restrict his or her information by “opting out” of the exchanges. Forms for opting out of, or for opting back in to the exchanges may be found on the KHIE web site.
Where can I find the HIPAA privacy and security guidelines?
You may learn more about HIPAA in general, and find additional links to more in-depth discussions of the HIPAA Privacy and Security rules by following this link: http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html
Where can I learn more about KHITE?
Additional information about the Kansas Health Information Technology Exchange Act (KHITE) may be obtained by clicking here .