| HIPAAdvisory > HIPAAnews > Archives |  |
|
|
April 2002 News ArchivesApril 25, 2002 Secret Service Expands Electronic Crimes Task Force Aimed at helping small and large businesses combat cybercrimes, the US Secret Service is setting up its Electronic Crimes Task Forces in eight cities: Boston, Charlotte, Chicago, Las Vegas, Los Angeles, Miami, San Francisco and Washington, DC. In response to the growing threat of cyberattacks and the Patriot Act of 2001, which was passed by Congress in October, the task force that was started in New York City under the auspices of the US Secret Service some 12 years ago is being taken national. April 25, 2002 Major Hospitals Say Privacy Proposal will Reduce Philanthropic Support Three members of the Association for Healthcare Philanthropy -- New York's Mount Sinai Hospital, Tennessee's Baptist Health System Foundation, and the California Pacific Medical Center Foundation -- have written letters saying a Bush Administration/HHS proposal to change the HIPAA patient Privacy Rule will significantly reduce the flow of philanthropic support in America. Since the 1960s, nonprofit fund-raising entities have had access to demographic information including "department of service" which describes only the area of the hospital where the patient receives treatment and does not include any other specific information related to treatment or diagnosis. Department of service information is used to reach grateful patients for philanthropic support. The Bush/HHS proposal would deny access to this critically needed information, forcing a generic, rather than targeted approach to fund-raising efforts and campaigns. April 25, 2002 CHCF Survey Finds Industry Progress Towards Compliance Varies With the Department of Health and Human Services (HHS) in the midst of a 30-day comment period on proposed clarifications and modifications to the federal privacy rule and Senator Edward M. Kennedy (D-MA) chairing an April 16 hearing on the rule, a survey released this month by the California HealthCare Foundation (CHCF) shows that most health care organizations in California have developed plans for meeting the April 2003 compliance deadline. However, implementation progress varies across hospitals, health plans, physician groups, and other types of health care organizations. CHCF presented the results of the survey before the Senate Health, Education, Labor, and Pensions Committee, which Senator Kennedy chairs, on April 16. April 24, 2002 New HIMSS Survey: HIPAA Security is Top Priority The top priority for healthcare IT vendors, suppliers, and consultants over the next two years are implementing security upgrades on IT systems in provider organizations to meet HIPAA requirements (56% currently; 59% over the next two years). Respondents to the 13th Annual HIMSS Leadership Survey reported that integration of multiple-vendor IT systems in provider organizations was the second most important current IT priority (52%), followed by the implementation of technology to reduce medical errors and promote patient safety (46%). April 19, 2002 HHS to Kennedy: HIPAA Changes Strike Balance Between Privacy & Care HHS' privacy change proposals under HIPAA strike the appropriate balance between patient privacy and access to care, HHS Deputy Secretary Claude Allen told a Senate panel April 16, as reported by AHANews. Patients' primary reason for seeing a physician was health care, not privacy, Allen told Senate Health, Education, Labor and Pensions (HELP) Committee Chair Ted Kennedy, D-MA. Kennedy suggested that written consent could be narrowly tailored to remove barriers to care. However, John Clough, M.D. and director of Health Affairs for the Cleveland Clinic Foundation, in his testimony called Kennedy's suggestion "unworkable." He said HIPAA allows privacy modifications only once per year and that patients would "suffer through disruptions and delays" in care before such modifications could be made. Read participants' statements in the Oversight Hearing on Medical Privacy. April 19, 2002 AHA HIPAA Survey: Most Say Written Consent Unnecessary Burden In a recent AHA survey, 86% of respondents said asking a patient to sign a 10-page legal document when they see a doctor or nurse, or pick up a prescription is an "unnecessary burden." AHANews reports AHA released the results in a written statement to the Senate Health, Education, Labor and Pensions (HELP) Committee on April 16. The survey polled more than 900 consumers on proposed privacy changes to HIPAA. Other results showed that 85% think elderly Americans will be hurt the most due to their seeing many different physicians and often having someone else pick up their prescriptions. Some 84% believe that time in a doctor's office should be spent on patient care, not paperwork, and 77% agree that government should not make hospitals wait to schedule tests until patients' written consent is received. April 19, 2002 Gartner Survey: Industry Still Not Ready for HIPAA Health Data Management reports health care organizations have made progress in recent months to become HIPAA compliant, but many providers and payers won't meet existing deadlines, according to a new survey. Gartner Inc., Stamford, Conn., surveys a consistent group of providers and payers quarterly to track their HIPAA compliance status. In a survey taken during the fourth quarter of 2001, less than 30% of providers have assessed their status with the final transactions and code sets rule. Apparently, many providers believe clearinghouses and other vendors will make them compliant. April 18, 2002 Congress Eyeing Uniform Driver's License Standards Sen. Richard J. Durbin (D-IL) outlined legislation this week that would set national standards for state-issued driver's licenses, permitting rapid data-sharing among certain government agencies, reports ComputerWorld. Durbin, the chair of the Senate Subcommittee on Oversight of Government Management, announced his plan at a hearing April 16 on driver's licenses and other forms of state-issued identification cards. The issue has raised numerous privacy concerns among those who fear driver's licenses are about to become de facto national ID cards. Meanwhile, a recent report from the National Academy of Sciences
says serious privacy and security concerns about a national identification
system should be addressed before such a system is created. The
report will be delivered to the Office of Homeland Security and
to Congress. A final report is expected near year-end. Read the full text of the National Academy of Sciences' report,
April 16, 2002 Electronic Submission of Model Compliance Extension Form Now Available The Centers for Medicare and Medicaid (CMS) recently published the HIPAA Model Compliance Extension Form of 26 questions, which can be used by covered entities to request a one-year extension to the October 16, 2002 compliance date for standard transactions and code sets. The electronic submission option of the form is now available and can be accessed at CMS' Electronic Health Care TCS Standards Model Compliance Plan page. All covered entities who intend to submit the plan are urged to
do so electronically. Each electronic submission will receive an
online confirmation number, which will serve as acknowledgment of
the extension. CMS will not acknowledge receipt of paper submissions.
Covered entities must submit an electronic compliance plan for an extension by October 15, 2002. A covered entity does not have to file a compliance plan if it will be compliant with the transactions rule by October 16, 2002, even if its trading partners are not compliant. April 15, 2002 Health Care Leaders Urge Congress to Support Privacy Revisions on De-Identified Data AHANews reports in a letter sent to Congress Friday, AHA and 68 other health care organizations -- including 19 state hospital associations - expressed strong support for HHS' proposed revisions to the final privacy rule. The revisions would permit a limited set of "facially de-identified" data to be disclosed for research purposes. "Under the final rule, 18 characteristics would need to be removed from data to render it 'de-identified', including name, address, telephone number, email address, social security number, vehicle identifiers and vehicle serial numbers, and other characteristics which directly identify individuals," the letter explains. However, some of the characteristics -- admission, discharge and service dates, date of death, age, zip code, one or more geographic units smaller than a state -- do not directly identify an individual, but are key for conducting medical research and tracking symptoms associated with a bioterrorist attack, the letter adds. April 15, 2002 Computer Security Expert Warns Of Troublesome Threat Trends New Technology Week reports attacks on worldwide computer systems are growing in their number, complexity, and in the damage they cause, according to a respected expert in the field of computer security. While those attacks launched by computer hackers have not yet killed anyone, they have occasionally come close, he said. Hackers broke into the computer systems belonging to a clinic in the United Kingdom and penetrated into the medical records of a half-dozen patients who had just been screened for cancer, said Richard Pethia, the manager of the Networked Systems Survivability Program at the Software Engineering Institute (SEI). April 15, 2002 WEDI Urges Thompson to Expedite Pending HIPAA Standards The Workgroup for Electronic Data Interchange (WEDI) sent a letter March 21, 2002, to HHS Secretary Tommy Thompson requesting that he help expedite the publication of addenda to the Transaction Standards and NDC/J Code Usage. The letter states that, "The delayed issuance of final rules and potential inconsistencies in these rules are creating inefficiences with respect to achieving compliance and budgeting for compliance. An increasing number of key healthcare stakeholders believe that these financial resources are being wasted, due to standards not being published, and systems and procedures being put in place today that will need to be replaced tomorrow." WEDI, in its role as a designated advisor to HHS on Administrative Simplification, has requested a meeting with Sec. Thompson to discuss strategies for accelerating the standards development, review, and approval process. April 12, 2002 Privacy Rule Changes Disappoint AMA The Bush administration proposes to drop the privacy rule's prior consent requirement, but keep its "business associates" provisions -- disappointing the American Medical Association (AMA) on two counts, reports AMNews. The suggested rule revisions are wide-ranging and address several areas of top concern to the AMA, although not in the way it had hoped. In the AMA's view, simply providing a written notice of privacy practices does not offer patients a real choice in how their medical information may be used or disclosed. The AMA had urged HHS to retain prior consent, but make it more flexible so that a patient lying sick in the hospital would not be denied medical treatment because he or she hadn't yet signed a consent form that allows use of personal health information. When Congress reopens debate over the records privacy rule, the AMA hopes the issue of "business associates" will also get more attention. The Bush administration has proposed changes in the rule's business associates provisions, but they do not go far enough to satisfy most medical groups, which had called for their elimination. In other areas of the regulation, the AMA commended the administration for proposing stronger restrictions on how patients' medical information can be used for marketing and for clarifying that only the "minimum necessary" information about a patient's health should be disclosed. But these changes do not go far enough, said Donald J. Palmisano, MD, the Association's secretary-treasurer. "Patient privacy will not be fully protected until Congress passes legislation that extends privacy requirements to all entities that use medical information, including employers, marketers, life insurers and others," he said. More on reactions to the Privacy Rule NPRM. April 12, 2002 Practitioner Orgs Rebuff Kennedy, Support HIPAA Changes AHANews reports numerous practitioner organizations yesterday voiced their support of proposed changes to the HIPAA privacy provisions in a letter to Sen. Edward Kennedy (D-MA), rebuffing his stance on the matter. Organizations including the American Academy of Family Physicians, the American Academy of Nurse Practitioners, the American Academy of Physician Assistants and others said the proposed changes produce "the proper balance of protecting the rights and autonomy of patients, while removing unnecessary barriers that interfere with patient care the efficient delivery of health care." Kennedy has said the proposed changes "gut medical records privacy regulation" and is part of an "unfortunate pattern of putting the interests of corporate America first and the interests of American families second." April 11, 2002 Survey: Patients Want Online Communication A new Harris Interactive survey suggests about 90% of US adults who use the Internet say they would like to communicate with their physicians online, according to AHANews. Seventy-seven percent of those said they would like to be able to ask their physician a question if no visit is necessary, 71% said they would like to be able to schedule appointments online and refill prescriptions and 70% said they would like to receive the results of medical tests. Thirty-seven percent of adults said they would be willing to pay put-of-pocket to communicate with their physicians online. And, 56% said that ability to communicate with their physician online would help influence their choice of physician. Read more on electronic communication policies and security guidelines. April
11, 2002 New FBI Survey Finds Increase in Cybersecurity Breaches
April 11, 2002 NIST Releases New Security Guides on Email & Software Patches The National Institute of Standards and Technology released new draft guidance April 3 for dealing with two of the most common sources of security breaches: poorly configured email servers and the failure to apply software patches. The two draft guides are part of a series of guidance developed by NIST's Computer Security Division.
April 10, 2002 More Support for Proposed Privacy Changes The American Hospital Association has written a letter to 163 members of Congress asking them to support the Bush Administration’s proposed modifications to the privacy rule. The Association of American Medical Colleges (AAMC) supports proposed changes to the health privacy regulations, but requests further modifications to protect patient care and research. At an April 4 news conference, Healthcare Leadership Council President Mary Grealy said the changes would "balance" medical privacy with the demands of timely medical care and research. "These regulations, as modified, will provide patient guarantees that their medical information will be protected," she said. Pharmacy and provider representatives also said they were pleased the proposal would eliminate the need for patients to pick up their own prescriptions, though they said the administration could "go further" in making data available to researchers. Read the text of AHA's letter. Read HLC's & AAMC's endorsements of the privacy rule modifications. April 10, 2002 Audioconference to Explore Proposed Privacy Changes The HIPAA Summit, organizer of the annual National HIPAA Summit, will host an audioconference on Friday, April 19 to examine the Bush administration's proposed changes to the privacy rule. The conference, entitled "Implications & Challenges Presented by the HIPAA Privacy NPRM, & Strategies in Completing the CMS Model Compliance Extension Form," will be held from 10:00 AM - 11:30 AM PDT (1:00 PM - 2:30 PM EDT). The featured faculty are Dr. Bill Braithwaite, Alan Goldberg, Esq., Dr. Steven Lazarus, and Karen Trudel. April 10, 2002 Survey: Banks Unprepared for HIPAA A new survey indicates banks are not ready to comply with HIPAA provisions, reports Health Data Management. Many banks, in fact, do not understand the law directly affects their services to health care providers, according to survey results. The project, which educates the banking community on its responsibilities under HIPAA and the opportunities the law offers, recently sent surveys to 53 of the nation’s largest commercial banks, receiving 18 replies. The Medical Banking Project has conducted three HIPAA Policy Roundtable telephone and Web-based seminars in recent months, and will hold a fourth on April 30. April 9, 2002 Kennedy to Conduct Hearings on Privacy Rule Sen. Edward M. Kennedy announced that his Senate Health, Education, Labor and Pension (HELP) Committee will hold a hearing April 16 to consider the Bush administration's proposed changes to the medical privacy rule. The committee will meet at 10 AM Eastern in Room 430 of the Dirksen Senate Office Building. The senator has vowed to restore the provision that requires patients to provide consent before their health information can be used for treatment, payment, or healthcare operations. April 9, 2002 DNC Makes Medical Privacy Top Campaign Issue The Democratic National Committee (DNC) has named medical privacy a "top campaign policy issue" and is mounting a major media and email campaign to call attention to the proposed elimination of written patient consent. DNC spokesperson Bill Buck said, "President Bush made this issue political by stripping Americans of their medical privacy rights. We will urge Democrats to challenge opponents to make a decision about whether they are with individual rights for medical privacy or whether they are with the Bush administration." Technology Daily/PM also reports medical privacy has become a "popular
polling issue" over the past several years, although "secondary"
to "broader domestic issues." A number of candidates,
including Bush, campaigned on the issue in the 2000 elections. Electronic
Privacy Information Center (EPIC) Executive Director Marc Rotenberg,
an advocate of medical privacy, predicted that the issue "certainly
will resonate with voters" in the 2002 elections, "particularly
because April 2, 2002 More Mixed Reactions to the Privacy NPRM HHS' summary of proposed changes to the privacy rule touted the closure of a loophole that permitted use of identifiable information without patient consent for marketing purposes. However, the Health Privacy Project and former HHS Secretary Donna Shalala contend that the proposed changes actually loosen restrictions on marketing. Those supporting the proposed changes include the American Medical Assocation (AMA) and Healthcare Information and Management Systems Society (HIMSS). The AMA is urging specific modifications to the rule's prior consent requirement and "business associates" provisions. HIMSS believes that the changes create a privacy rule that improves conditions for healthcare providers and vendors alike. Submit comments
electronically on the proposed changes to the privacy rule by April
26, 2002. News ArchivesGo to TOP |
|
Schedule for Reg Publication/
|
