Nebraska Information Technology Commission
Wednesday, March 12, 2003, 9:00 a.m.
Varner Hall, 3835 Holdrege, Lincoln, NE
APPROVED MINUTES
MEMBERS PRESENT:
Brenda Decker, Department of Administrative Services
Christy Horn, University of Nebraska, Compliance Officer
Kirk Langer, Lincoln Public Schools, K-12 Representative
Steve Schafer, Chief Information Officer, State of Nebraska
Walter Weir, University of Nebraska
MEMBERS ABSENT: Mike Beach, Nebraska Educational Telecommunications Commission
PUBLIC COMMENT: No Comments
APPROVAL OF FEBRUARY 12, 2003 MINUTES
Mr. Langer requested that the spelling of his first name be corrected on page one, paragraph four to 'Kirk'. Currently it reads 'Kurt'
Ms. Decker moved to approve the February 12, 2003 minutes with corrections as noted above. Mr. Schafer seconded. Roll call vote: Decker – yes, Horn – yes, Langer – yes, Schafer – abstain, Weir – yes. The motion was carried.
HIPAA PRESENTATION
Yvette Holly, Sharon Welner
University of Nebraska Medical Center
Yvette Holly and Sharon Welner from the University of Nebraska Medical Center provided a presentation covering the impact of HIPAA regulations on the University. Sharon Welner is the Security Officer for the University of Nebraska Medical Center.
HIPAA is the Health Insurance Portability and Accountability Act of 1996, originally intended to address continuation of health insurance coverage beyond employee termination, standardization of codes and security and privacy protection. The process of implementing this legislation has been ongoing since its original passage in 1996. The final security standards were published on February 20, 2003 with the final compliance date set for April 21, 2005.
Under this ruling, health care insurers, providers and clearinghouses must implement procedures to protect the confidentiality, integrity and availability of electronic protected health information. Covered entities must implement administrative, physical and technical safeguards to protect electronic protected health information that they receive, store, or transmit. The security standards are scalable, technologically neutral and designed to protect data at rest and in transit.
Some concern was expressed about whether the State of Nebraska statewide network would need to conform to HIPAA requirements with respect to physical security. The potential use of wireless technology in certain parts of western Nebraska is also an issue of concern. Security measures fall on a continuum and the main question to ask is what constitutes acceptable risk. To limit exposure to the risks of using wireless technology, standard policies and procedures need to be developed.
PROJECT REVIEWS
Information Technology Infrastructure Fund
Public Safety Wireless Project
Mr. Weir moved to recommend approval of the Statewide Public Safety Wireless System Project to the NITC. Ms. Horn seconded the motion. Ms. Decker suggested a section for deliverables be added to the proposal prior to being submitted to the NITC. Mr. Weir and Ms. Horn agreed to amend the motion to recommend approval of the Statewide Public Safety Wireless System Project with the addition of deliverables to the proposal. Roll Call Vote: Decker – abstain, Horn – yes, Langer – yes, Schafer – abstain, Weir – yes. The motion carried by majority vote.
Community Technology Fund
CTF Special Project
Ms. Horn moved to recommend approval of the Community Technology Fund Special Project Proposal to the NITC. Ms. Decker seconded. There was discussion regarding the past success of the project. Roll Call Vote: Decker – yes, Horn – yes, Langer – yes, Schafer – yes, Weir – yes. The motion carried by majority vote.
COMMENTS FROM THE TECHNICAL PANEL TO THE PUBLIC SERVICE COMMISSION ON DISTANCE LEARNING
Mr. Langer moved to adopt and forward the comments from the Technical Panel to the Public Service Commission with minor grammatical corrections. Ms. Horn seconded. Roll Call Vote: Decker – yes, Horn – yes, Langer – yes, Schafer – yes, Weir – yes. The motion carried by majority vote.
UPDATES
Accessiblilty, Christy Horn. The work group continues to work on developing training.
Collaborative Aggregation Partnership (CAP), Brenda Decker. This group is meeting regularly and has a subgroup working on drafting the RFP. The subgroup hopes to have the final draft of the RFP to the larger group today to solicit feedback. The deadline for submitting feedback is noon on Friday to allow the document to be submitted to purchasing on Monday. Purchasing will spend one week reviewing the RFP at which time it will be released.
Statewide Synchronous Video Network Work Group. The SSVNWG has been established with eighteen members and four alternates. There will be a full day meeting on March 26.
Wireless, Brenda Decker. The SCAN board has been meeting regularly.
OTHER BUSINESS
NEXT MEETING DATE AND ADJOURNMENT
The next meeting will be April 9, 2003. Mr. Schafer proposed holding the next meeting in Kearney. Due to the travel time involved, the meeting will begin at 10 A.M.
Meeting minutes were taken by Trish Souliere and reviewed by Rick Becker of the Office of the CIO/NITC.
Meeting Minutes