State Health Information Architecture 

Interagency data sharing standards for agencies providing health and social services

Pursuant to House Bill 921 (80R), the Texas Health Care Policy Council has developed the following interagency data sharing standards.

Section 1 – Purpose

The purpose of these interagency data sharing standards is to facilitate the secure exchange of health information among participating state agencies to support the quality, continuity, and efficiency of health care delivered to clients of multiple programs.

Section 2 – Agency responsibilities

In developing, procuring, and maintaining electronic and information resource systems, participating agencies shall conform to these data sharing standards whenever possible and practicable. Conformance to these standards is not intended to require a participating agency to make significant custom modifications to the agency's information system or to incur significant expense, but rather to guide new development, procurement, and modification of existing systems. Information gathered or shared by agencies through the implementation of these standards or subsequent interagency data sharing systems may not be used to enforce Title 8 of the United States Code [Aliens and Nationality]. These standards should apply to projects with a start date of September 1, 2008 or later.

Section 3 – Data security

Each participating agency must comply with all federal and state laws relating to the security and confidentiality of personally identifiable information, including personally identifiable health information and protected health information (PHI) maintained or received by the agency to prevent inappropriate release.

Section 4 – Data standards

Each participating agency shall use the Health Information Technology Standards Panel (HITSP) C-32 interoperability component for transfer of clinical patient summary information. The C-32 component was developed to facilitate the communication of patient summary information from one electronic system to another, is built on one of the most common health information messaging standards (Health Level 7 [HL7]), and leverages another standard (Continuity of Care Document [CCD]) which represents a convergence of two of the most widely used clinical document standards (Continuity of Care Record [CCR] and Clinical Data Architecture [CDA].)

Extensions to the C-32 standard in a fashion consistent with the HL7 CCD may be utilized when agencies participating in the exchange of data mutually agree that this modification will improve coordination of care and/or administrative activities. Any extensions to the C-32 standard identified by agencies should continue to support broad compatibility.

The data standards identified above should not be considered in isolation from other applicable data and security standards. Participating agencies should closely consider individual agency infrastructure, applications, and information security capabilities such that they conform to base standards.

Section 5 – Exchange protocols

Each participating agency shall establish its own authorization and authentication protocols for the electronic exchange of health care information to authorized providers , agencies, or partners. Each agency's authorization protocol should describe how another agency (state or local) may become authorized to query the agency's electronic health information for the existence of patient records and for the records themselves. When applicable, each agency should ensure that its employed and contracted providers and partners are aware of the potential opportunity to become authorized to exchange patient information electronically. Each agency's authorization protocol should implement the relevant laws and policies regarding data sharing such that only entities (providers or agencies) which would be allowed to access the data under the law would pass the authorization protocol. Each agency's authentication protocol would then verify the identity and authorization of any agency or provider attempting to query the system. Agency authentication and authorization protocols should reflect the particular security requirements for the data under consideration.

Section 6 – Ongoing activities

A standing interagency workgroup composed of representatives of the participating agencies and co-chaired by the representatives of the Health and Human Services Commission and Department of Information Resources shall meet at least annually to review the standards promulgated by the federal HITSP for possible inclusion in the State Health Information Architecture. The workgroup shall identify options for managing the continued development and maintenance of the State Health Information Architecture within one or more of the participating agencies’ administrative structures and for incorporating the State Health Information Architecture into the participating agencies’ planning and systems development processes. The Department of Information Resources shall maintain records of the workgroup’s activities and shall post the interagency data sharing standards on its website.