WASHINGTON – HHS this week awarded contracts to 22 states and territories to examine state privacy laws and security practices as they relate to health information exchange.

Thus far, Alaska, Arkansas, Colorado, Iowa, Illinois, Indiana, Kentucky, Massachusetts, Maine, Michigan, Minnesota, Mississippi, North Carolina, New York, Ohio, Oklahoma, Rhode Island, Utah, Washington, Wisconsin, West Virginia, and Wyoming are participating in the project. More states are expected to sign subcontracts with RTI International to join the project in the coming weeks.

RTI International, which last September won a contract with the Agency for Healthcare Research and Quality to examine privacy and security laws, was awarded an additional $5.73 million for the contract, brining the total contract amount to $17.23 million.

The states will work with the healthcare community, patients and others to examine privacy and security issues, examine variations in state laws and propose solutions to address any lack of uniformity. Disparate state laws on privacy and various business practices for security are often seen as a hindrance to clinical data exchange across states. The states will also work to develop implementation plans for health information exchange.

“One of the strongest early lessons we’re learning from our research on electronic health information is that some of the main challenges for adoption are not technical issues.  Rather, they’re issues of inclusion and trust,” AHRQ Director Carolyn Clancy said.

HHS’ Office of the National Coordinator for Health Information Technology and AHRW jointly manage and fund AHRQ’s contract with RTI. RTI International plans to work in partnership with the National Governors Association on the contract.

Meanwhile, a bill before Congress that passed a key subcommittee Wednesday calls for HHS to examine the variation in state privacy laws. The bill, H.R. 4157, is sponsored by Reps. Nancy Johnson (R-Conn.) and Nathan Deal (R-Ga.).