President Obama to Sign ARRA’s HITECH provisions Tuesday, February 17, 2009, in Denver, CO

The Senate joined the House on Friday evening, February 13, 2009, in passing the American Recovery and Reinvestment Act, which includes provisions relating to Health Information Technology. Title XIII of Division A and Title IV of Division B together are known as the “Health Information Technology for Economic and Clinical Health Act” or the “HITECH Act.”  We will be highlighting attributes of the HITECH Act through the end of February. Contrary to the political blather, this legislation is a significant step forward in providing funding and incentives to accelerate adoption of standardized and interoperable electronic business and clinical technologies in healthcare and in strengthening privacy safeguards for patients’ protected health…

READ MORE

Security Management Process: Risk Analysis-What to Do and How to Do It

Security Management Process is the first administrative standard of the Security Rule, and Risk Analysis is the implementation specification.  Each covered entity is required to conduct a risk analysis or assessment to determine vulnerabilities and threats and to identify and put in place risk mitigation measures for safeguarding electronic protected health information.  Electronic protected health information is the content of the HIPAA Administrative Simplification Standard Transactions and of the expected growing adoption of clinically-based electronic health record systems. What to do:  Conduct an accurate and thorough assessment of potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity. How to…

READ MORE

Time to Review Your Security Risk Assessment

With the March 17, 2009 effective dates for the new 5010 Version of HIPAA Administrative Simplification Transaction Standards and the move to the ICD-10 Code Set Standard rules, and the expected enactment of the HITECH provisions of the American Recovery and Reinvestment Act as early as next week, it is a good time now to begin reviewing your HIPAA Administrative Simplification Security safeguards. As mentioned earlier this week, creating and periodically reviewing your risk assessment or analysis is the foundation of achieving compliance with the HIPAA Administrative Simplification Security Rule and a key factor in having a successful business. Over the next week, HIPAA.com will review the Security Rule administrative,…

READ MORE

Are You Subject to HIPAA Privacy Rules when Publishing Confidential Health Information on a Social Network?

It’s unlikely the social networking sites are health care providers, so HIPAA’s privacy rule doesn’t apply; but other privacy business practices are likely to affect you. First, tackle the HIPAA Privacy question by responding to the following questions. » Are you a healthcare provider that conducts transactions electronically? » Are you a healthcare clearinghouse? (Do you process healthcare claims?) » Are you a health plan? (insurance payer) If you answered no to these questions, you are not a covered entity under HIPAA’s Privacy Rule. That said, you probably are more concerned about users sharing health information online that if stolen, could be used in identity theft. Consumers (patients) often use…

READ MORE

House and Senate Agree on ARRA Provisions

On Wednesday, February 11, 2009, House and Senate conferees reconciled the House and Senate versions of the American Recovery and Reinvestment (ARRA) plan, or so-called Stimulus bill. The House and Senate are expected to approve the final version this week and send it to President Obama for his signature. The total of the stimulus is just over $789 billion. The Wall Street Journal reported this morning that “$19 billion is set aside for health information technology. Physicians would get bonuses of between $44,000 and $64,000—and hospitals would get as much as $11 million—if they show they have computerized their medical-records systems. On the stick side of the equation, the measure…

READ MORE

Senate Passes American Recovery and Reinvestment Act of 2009 (ARRA)

Tuesday afternoon the Senate passed the American Recovery and Reinvestment Act, the so-called Economic Stimulus bill. Previously, the House of Representatives passed its version, H.R. 1. Now, the joint House-Senate conference committee will resolve funding and language differences in the House and Senate versions of ARRA. As we have noted earlier, each of these versions contains incentives for adoption of health information technologies, which are described in the so-called HITECH provisions of the House and Senate versions. President Obama is expected to sign a reconciled bill in the near future, assuming that the Democrats in the Senate can achieve at least 60 votes in a procedural motion to move the…

READ MORE

What Does the HITECH Act Mean to You?

Even though the US Senate is likely to pass the stimulus package in the next day or two, the House and Senate still have to come to an agreement on their funding differences. The HITECH Act is still holding its own with some possible additions to the $20 billion agreed upon by the House. Key words used by both House and Senate are “meaningful use” and “shovel ready”. In other words, everything is set in place ready to go, but just needs money to get it off the ground.  You’ve made a decision on your health IT system, you’ve completed your readiness assessments, and you’ve built a strategy to move…

READ MORE

What Should I Know About Interfaces?

A key quality of care benefit of an EHR is its ability to create, send out and track the provider’s orders and then electronically review and route the results of those orders into the patient’s record. Due to many national efforts, HL7 standard language is used to create these interfaces. When the interfaces communicate back and forth with your EMR, results can be provided to the clinician for review prior to posting into the patient record. Some specialties receive as much as 70 percent of health care information from outside sources, including information from hospitals, labs, diagnostic imaging centers, payers, referring physicians, patients and pharmacies. The most common interfaces to…

READ MORE

How Should We Run Background Checks on Our Staff?

Clearance and Background Checks is an addressable standard under HIPAA’s Security Rule, which means that your organization may authorize a background check for any new employee or existing workforce member who engages in activities that cause the Security Official to question clearances. As part of your compliance activities, you already determined the risks your workforce presents to your practice, and you assigned one person to own/manage this risk As part of your clearance procedures, determine which of the following you will do: » Require a written application for employment. » Require written proof of citizenship or resident alien status. » Confirm prior employment history. » Request professional/personal references and contact…

READ MORE

US House of Representatives Passes SCHIP

After earlier Senate passage, the US House of Representatives passed the State Children’s Health Insurance Program (SCHIP) Wednesday afternoon, and President Obama signed a reauthorized SCHIP into law a few hours later. SCHIP is expected to cover additional millions of uninsured children in coming years, funded by an increase in tobacco taxes. This law provides an opportunity to spur implementation of health information technology in pediatric practices by tying a requirement in the HITECH legislation presently before the Senate that pediatricians begin at a date in the near future (say January 2011) to electronically upload clinical records for newborn and infant SCHIP beneficiaries to a secure centralized database in each…

READ MORE