The secure exchange of health information is dependent on both the practice and EHR vendors facilitating the secure electronic transactions and extracting data for reporting quality measures. Even early adopters of EHR systems must ask vendors if they will be ready for meaningful use reporting. The vendor’s response will impact cost, implementation timeline, workflow processes, reporting, and patient safety. A sampling of questions to ask include: Of my current health information exchange partners (labs, hospitals, pharmacies, imaging centers) where have you already built bi-direction interfaces with your EHR system? Does your system send e-prescribing alerts based on the content in the patient’s medication history? Does your system identify whether the…
Tag: vendors
Facility Access Controls: Access Control and Validation Procedures-What to Do and How to Do It
In our series on the HIPAA Administrative Simplification Security Rule, this is the third implementation specification for the Physical Safeguard Standard, Facility Access Controls. This implementation specification is addressable. Remember, addressable does not mean “optional.” Rather, an addressable implementation specification means that a covered entity must use reasonable and appropriate measures to meet the standard. As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act ARRA, signed by President Obama on February 17, 2009. What…