The Adoption of Standard Policies for Authentication and Audit Collaborative was formed to develop an approach and process to identify and reconcile the variation in how organizational security policies are implemented across different electronic health information exchange models. To reach their goal, states in this collaborative developed and tested a common set of model policy requirements for authentication and audit to bridge the policy gap between different electronic health information exchange models (e.g., variants of public and private federated, hybrid, and health record banking).

Through their work, the Adoption of Standard Policies for Authentication and Audit Collaborative demonstrated that common policies can promote trust and facilitate secure electronic health information exchange between differing health information exchange models.

The Collaborative created the following documents to assist in implementing minimum, uniform security policies related to authentication and audit.

• Guide to Adoption of Uniform Security Policies
  A guide to adopting the security policies recommended by the Adoption of Standard Policies Collaborative

• ASP Collaborative Final Report
  Explains how the policies were created and includes templates and working papers, as well as a description of the state business models. Describes entire process and includes uniform policy and glossary from Adoption Guide
  • Appendix F: Use Case Template [PDF] [DOC]
  • Appendix G: Individual Requirements Review [PDF] [XLS]
  • Appendix I: Legal Review [DOC]