Federal Stimulus Bill Clarifies Regulation Of Health Care Industry
If you have followed the news lately it would appear that the media and President Obama feel the economy is firmly entrenched somewhere between disaster and Armageddon, which has framed much of the debate surrounding the stimulus bills that are in both houses of Congress. When the Senate passed their version of the bill on February 9th, it promised $838 Billon dollars for spending projects designed to jump start the economy. But like most things in government there is a lot more in the details than the headlines. Now that the stimulus bill is out in the open, DCIG has a more clear view of where health care regulation is going and how IT will be affected.
It is no secret that President Obama is making a huge push into the Electronic Medical Record so it is important to understand what the government deems an Electronic Health Record (EHR). The government defines this term as an "electronic record of individually identifiable health information on an individual that can be drawn from multiple sources and that is managed, shared, and controlled by or for the individual."
Until now it has not been known for sure how the government will regulate this Electronic Medical Record initiative but recently released documents provide some clarity as to where we are headed with regulation in the near-term and a road map to future regulation. There are several areas that can be pointed to for guidance:
- The Creation of a National Coordinator for Health Information Technology. This post will monitor electronic health records to the federal government and ensure treatments are within what the government approves.
- Business Associates working on behalf of a Covered Entity. A Business Associate is anybody who isn't an employee who, on behalf of the covered entity, participates in a function or activity involving the use or disclosure of individually identifiable health information. A Covered Entity is defined as a health care provider who transmits health information in electronic form. Both of these will now be subject to the same privacy and security rules and regulations that previously only covered entities such as hospitals and health care providers. An example of this is online personal health records which did not exist when the original regulation was written. This bill closes that gap.
- Provides Transparency. Patients can request an audit trail showing all disclosures of their information made through an electronic record. This will be a huge undertaking for health care as auditing, logging and work flow will need to become much more robust than it is now to ensure that this can occur.
- National Data Breach Notification Law. Data breach laws have expanded greatly on a state level since
This stimulus bill does some other things as well. It increases penalties for non-compliance, State Attorney Generals can pursue investigations as well as federal investigators and a major overhaul of HIPAA privacy legislation is assured to pass (think HIPAA II) now that the electronic medical records and funding are cemented into the nation's economic recovery plan.
These electronic records become protected health information based on HIPAA and the identifiers set out by the HIPAA statute. Needless to say, these are broad and far reaching descriptions and identifiers that ensure most everything pertaining to health records falls under this classification and is thus subject to disclosure if a breach occurs.
Although healthcare has been making a private push into Electronic Health Records for some time, it is now a certainty EHR will become a central focus for healthcare across the
Leave a comment