OCR Reports 107 Breaches Affecting Over 4 Million Individuals (I)

As of the July 4th holiday weekend, the Office for Civil Rights (OCR) has updated again its Web site listing of breaches affecting 500 or more individuals.  As of July 2, 2010, there were 107 breaches listed that were reported to have occurred between September 22, 2009 and June 11, 2010. Individuals affected by these publicly listed breaches totaled 4,086,980.  Six of the 107 breaches, or 5.6% of the total, affected 3,353,627 individuals, or 82% of the total.  This is the first of three postings that analyzes the data from these 107 breaches.  This posting (I) covers electronic breaches, the next posting (II) covers hard copy (paper) breaches, and the…

READ MORE

Vendors and Physicians Partners in Meaningful Use?

The secure exchange of health information is dependent on both the practice and EHR vendors facilitating the secure electronic transactions and extracting data for reporting quality measures. Even early adopters of EHR systems must ask vendors if they will be ready for meaningful use reporting. The vendor’s response will impact cost, implementation timeline, workflow processes, reporting, and patient safety. A sampling of questions to ask include: Of my current health information exchange partners (labs, hospitals, pharmacies, imaging centers) where have you already built bi-direction interfaces with your EHR system? Does your system send e-prescribing alerts based on the content in the patient’s medication history? Does your system identify whether the…

READ MORE

Are You Subject to HIPAA Privacy Rules when Publishing Confidential Health Information on a Social Network?

It’s unlikely the social networking sites are health care providers, so HIPAA’s privacy rule doesn’t apply; but other privacy business practices are likely to affect you. First, tackle the HIPAA Privacy question by responding to the following questions. » Are you a healthcare provider that conducts transactions electronically? » Are you a healthcare clearinghouse? (Do you process healthcare claims?) » Are you a health plan? (insurance payer) If you answered no to these questions, you are not a covered entity under HIPAA’s Privacy Rule. That said, you probably are more concerned about users sharing health information online that if stolen, could be used in identity theft. Consumers (patients) often use…

READ MORE

What Should I Know About Interfaces?

A key quality of care benefit of an EHR is its ability to create, send out and track the provider’s orders and then electronically review and route the results of those orders into the patient’s record. Due to many national efforts, HL7 standard language is used to create these interfaces. When the interfaces communicate back and forth with your EMR, results can be provided to the clinician for review prior to posting into the patient record. Some specialties receive as much as 70 percent of health care information from outside sources, including information from hospitals, labs, diagnostic imaging centers, payers, referring physicians, patients and pharmacies. The most common interfaces to…

READ MORE

What EMR System is Best for My Practice?

Your most important question in purchasing an EMR is to ask the vendor how many specialties your size and using your practice management system have purchased this software. EMR vendors know who would be a good customer. Some vendors, for example, are better suited for a practice of 25 to 75 physicians. Others specialize in the 3 to 8 physician groups, while others provide a solution for just one specialty. You can quickly learn whether the vendor is a good fit for you by asking them to respond to a one-page Request for Information (RFI). Send the RFI to your top five vendors and ask them to respond within 30…

READ MORE

Should Our Practice Hire an IT Person to Assist With our HIT Transition?

Vendors will provide you with a list of implementation activities for which you are responsible to complete on time. During the next 24 months as more physicians participate in reimbursement incentives, it will be critical for you to stay on schedule, or even ahead of schedule and keep your go-live date in the queue. The rule of thumb is based on the principle of threes. If there are three or fewer physicians in your practice, you should hire a part time consultant to coach an internal person through the implementation process. After your implementation, the consultant can hand off the day-to-day IT management to an internal person who also should…

READ MORE