Commercial provider HealthLink has refused to sign a new agreement between telcos to interconnect their secure health networks, citing security concerns.
Telecom and TelstraClear have agreed to interconnect their health networks, based on a neutral switch between the respective secure VPNs. The solution will be available from July.
The agreement was initiated by the Health Information Strategy Action Committee (HISAC) and Datacom has been chosen to run the switch.
HISAC says in a press release that health professionals will have access to all possible health systems and applications without needing to know which network those systems run on.
It says, however, that while HealthLink had taken part in defining an industry solution and the agreement, it had chosen not to join.
“HealthLink has been actively engaged throughout the development of the interconnection agreement but has decided not to be a foundation signatory,” says Graeme Osborne, chairman of HISAC’s infrastructure sub-committee.
“HealthLink raised a number of issues which they suggested precluded them from joining. While HISAC acknowledged these issues, they were in themselves not material to the interconnection agreement.
“Over time HealthLink customers will not be able to access health applications which are available exclusively through accredited networks and the neutral interconnection switch. We have made it clear to HealthLink that it is welcome to join the interconnection agreement at any time. However, we were not prepared to further delay the implementation of the interconnection switch.”
HealthLink CEO Tom Bowden says the sole reason preventing it from signing is that HISAC has not made it clear what constitutes a secure network.
“We have no problem with the concept of interconnection,” he says.
“In November, we stated that as a condition to signing the network agreement we wanted to see some simple guidelines, approval processes and rules for users connecting to the network. We were concerned that HISAC was giving no guidance to intending users and that healthcare provider organisations should simply manage their own risks without any clear guidance.
“We wanted to know that if our customers were connecting to a secure network what that actually meant. Was the secure network something our customers could rely upon?
“HISAC told us this information would be forthcoming and that we would have an opportunity to contribute to it. Neither of these things has happened.”
Bowden says HealthLink asked again in March. Again, nothing.
“The nature of the situation became clear last week when one HISAC representative told us that healthcare providers using the secure network should be able to modify their firewall rules; another one said they should not do so. There is simply no clarity.
“How can you have a secure health network without basic security rules in place?”
HISAC says that existing Health Ministry applications such as the National Health Index look-up and Pharmac Special Authorities will be progressively moved to delivery via the new interconnection point.
A range of new applications is signalled for exclusive delivery via the switch and to customers of accredited network services. These include: online pharmacy claims; e-referrals and discharges; electronic prescribing; health practitioner index look-up; general practice patient notes transfer; B4 school checks; secure email; and laboratory test orders and results transfer.
Osborne describes it as a major step forward for the NZ health network.
“It provides health professionals with choice and certainty and ensures information exchanged between health care providers is secure,” he says.