Privacy panel calls for data encryption for information exchange

Healthcare providers have been recommended to encrypt patient information when sharing it with another provider, even in cases where a third-party organization is not involved. The privacy and security workgroup of the Health IT Policy Committee proposed that encryption, along with other policies for verification and limits on identifiable information, should be required to protect patient data. This recommendation would not require any additional individual consent beyond what is already required by law. However, more complex health information exchanges may require stronger policies, including patient consent.