- Hixny recently became the first health information exchange (HIE) in New York to earn HITRUST CSF certification on Version 9.1 for patient information security to fulfill the aims of the Statewide Health Information Network for New York (SHIN-NY) 2020 roadmap.
Hixny is one of eight qualified entities (QEs) in New York connected by SHIN-NY. SHIN-NY is a network of networks that facilitates health data exchange between healthcare organizations across the state. The network is overseen by the New York State Department of Health.
Last year, SHIN-NY released its 2020 roadmap in support of its goal to leverage health data exchange for more advanced, higher quality patient care delivery. The New York eHealth Collaborative (NYeC) and the New York State Department of Health assisted in developing the roadmap to outline the projected evolution of SHIN-NY under value-based care.
As part of the roadmap, all QEs within SHIN-NY are required to become HITRUST certified by the end of 2018.
“We are pleased to be the first HIE in the state to achieve HITRUST certification and proud to join the elite and growing class of HIEs across the country who have successfully obtained HITRUST certification,” said Hixny CEO Mark McKinney. “We've always taken the privacy and security of our data very seriously and pride ourselves on being ahead of the crowd—and achieving HITRUST was no exception.”
Hixny spent 11 months working to meet HITRUST certification standards and requirements. The HIE demonstrated compliance across 19 security domains and more than 600 different controls, as well as controls that address cybersecurity laws specific to New York State part of Version 9.1 of HITRUST CSF.
By earning HITRUST certification, Hixny demonstrates its ability to meet established security standards set forth by HIPAA and CMS. Hixny worked with third-party firm and specialized management consultant Tevora to earn the certification.
“Achieving HITRUST is a significant accomplishment,” said Tevora Managing Director of Healthcare John Huckeby. “It demonstrates the highest levels of security and Hixny's commitment to safeguarding sensitive patient information. It was a privilege to work with such a passionate group of people all working toward the goal of protecting patient privacy.”
The SHIN-NY 2020 roadmap set forth five strategies to achieve new performance-based contracting, policy changes, and advocacy. In addition to encouraging QEs to earn HITRUST certification, SHIN-NY also aims to achieve 100 percent hospital participation across New York with all hospitals contributing full data by 2020.
“In today's world of cyberattacks and ransomware these measures are crucial and bring a whole new level of preparedness to protect the patients and providers relying on Hixny,” said McKinney. “Having accomplished this significant milestone re-emphasizes our commitment to security and delivers assurances to the providers already using Hixny and those considering connecting to us.”
Hixny recently announced a decision to expand to nine additional counties over an 18-month period.
Medical centers in clinics in Elmsford, Hawthorne, Yorktown, Kingston, Stone Ridge, Saugerties, and Pleasant Valley have already signed participation agreements with the HIE.
New York QE HealthlinkNY recently stated its disapproval for Hixny’s plans to expand its HIE services into the Hudson Valley, Catskills, and the Southern Tier as these territories are already covered by HealthlinkNY.
All 35 hospitals in the Hudson Valley and Catskill regions are HealthlinkNY participants. HealthlinkNY is also making efforts to expand its HIE services by teaming up with HealtheConnections to form a strategic partnership.
The future partnership is intended to boost the value of HIE services for participants of both QEs.