HIE privacy & security policy

KeyHIE privacy and security safeguards meet or exceed federal, state and local requirements including the:

To ensure optimal security, KeyHIE uses the Transport Layer Security (TLS) protocol to provide secure communication across a Virtual Private Network (VPN) for all KeyHIE products.

Opt-in or opt-out privacy
KeyHIE supports the privacy model (opt-in or opt-out) that is preferred by each member organization. Opt-in requires a patient’s authorization before a health care provider can access KeyHIE for the patient’s relevant clinical information and unless the patient chooses not to participate or “opts-out”, opt-out allows a health care provider to access a patient’s clinical information without a signed authorization, except for protected data.

In addition, patient information in KeyHIE will be available to participating healthcare providers who are connected to the Pennsylvania Patient & Provider Network (P3N) (PDF).

Strict confidentiality
Access to patient information is only granted to organizations that consent to follow to our Regional Health Information Exchange (RHIO) agreement. KeyHIE's Security and Audit Committee routinely audits system access and reviews authentication logs.

 

Mission & vision
Sustainable exchange built for the future of healthcare
Read more

KeyHIE Governance
Guiding principles and ethics process
Read more