HIPAAdvisory > HIPAAnews > Archives Phoenix Health Systems


April 2004 News Archives

April 29, 2004 Hospitals Worried Amendment Would Add to Privacy Regs Beyond HIPAA Sen. Hillary Clinton (D-NY) has attached an amendment (S. 1232) to the foreign sales corporation/extraterritorial income bill called the Safeguarding Americans From Exporting Identification Data Act (SAFE-ID). The bill has been referred to the Senate Committee on Commerce, Science and Transportation. According to the American Hospital Association, the amendment would increase the privacy regulations hospitals face. In addition to rules already imposed by HIPAA, the SAFE-ID Act calls for:

  • requiring foreign nations to attain privacy certification from the Federal Trade Commission before businesses in those countries can handle medical information from US healthcare providers;
  • requiring hospitals to obtain written consent from patients if the nation isn't FTC certified;
  • and allowing patients a private right of action to sue a hospital if there is a breach of privacy.

Medical transcription work being sent offshore is one of the privacy concerns driving interest in such legislation, reports ComputerWorld.

Read more.

April 27, 2004 HL7 EHR Draft Standard Passes, Heads for ANSI The Health Level Seven-developed electronic medical record standard has passed, garnering the support of more than two-thirds of all who weighed in on the proposal, reports Health-IT World News. HL7 will submit the standard to the American National Standards Institute (ANSI) as a so-called draft standard for trial use. Once approved as a draft, the standard will be refined over the next two years and then be re-balloted as a fully accredited standard. 

Read more. [external link]

View HL7's EHR Functional Model and Standard Home Page. [external link]

April 27, 2004 President Bush Unveils Major Healthcare IT Initiatives President Bush unveiled several major healthcare tech initiatives at the American Association of Community Colleges Annual Convention in Minneapolis yesterday. In his speech, Bush said that innovations in electronic medical records and the secure exchange of medical information will help transform healthcare in America - improving healthcare quality, reducing healthcare costs, preventing medical errors, improving administrative efficiencies, reducing paperwork, and increasing access to affordable healthcare. To achieve the President's goal of assuring that most Americans have electronic health records (EHR) within 10 years, the federal government is taking the following steps to urge coordinated public and private sector efforts that will accelerate broader adoption of health information technologies (HIT):

  • The Department of Health and Human Services will try to finish the uniform standards for electronic health records by the end of this year.
  • Money has been set aside to encourage demonstration projects that will show healthcare providers the need to modernize their systems.
  • The position of National Health Information Technology Coordinator has been created within the Department of Health and Human Services to coordinate these efforts with hospitals and medical groups.
  • The federal government will take the lead and create the incentives for healthcare providers involved with the government to use medical records.

Bush also appeared at the Department of Veterans Affairs Medical Center today in Baltimore to "talk about how to make sure the government helps the healthcare industry become modern in order to enhance the quality of service, in order to reduce the cost of medicine, in order to make sure the patients, the customer is the center of the healthcare decision-making process."

Read HHS' Fact Sheet, "Harnessing Information Technology to Improve Healthcare."

Read the report, "Transforming Health Care: The President’s Health Information Technology Plan." [external link]

April 23, 2004 Vendors Agree on HIPAA TCS Compliance Less Than Half the Time The nation’s leading HIPAA translation and validation vendors agree in their interpretation of HIPAA transactions compliance an average of 43% of the time, according to the Common Compliance Assessment Process (CCAP) of the HIPAA Conformance Certification Organization (HCCO). Mark Lott, Chairman of HCCO, stated, “A very important result of the CCAP testing effort is that while differences of interpretation are present in the beginning of the testing process, all vendors have the same interpretation upon completion of the program."

Read more.

April 16, 2004 HIPAA Privacy Rule Examined One Year Later This week, on the first anniversary of the HIPAA Privacy Rule, groups such as the Health Privacy Project and American Hospital Association (AHA) issued statements examining the first federal law aimed at protecting the privacy of people’s health information. While AHA thanked Department of Health and Human Services' (HHS) Secretary Thompson for ensuring the medical privacy rule's workability for both patients and providers, the Health Privacy Project gave the Bush administration a failing grade for making good on its promise to safeguard people's medical privacy. Both groups made recommendations for changes to the rule.

Read more from the Health Privacy Project.

Read more from AHA.

April 13, 2004 Hackers Strike Advanced Research Computing Networks Hackers recently infiltrated supercomputers at universities and research institutions, disrupting one of the nation's largest online research networks for several days and raising concerns among computer security experts, reports the Washington Post. One research project affected by the attack was TeraGrid, a network of computers funded by the National Science Foundation and used to conduct intensive data-crunching projects such as genome sequencing. Security breaches on TeraGrid and other supercomputers could result in hackers getting hold of confidential data, said a security analyst, though no adverse results from the attacks have been reported.

Read more. [external link]

April 13, 2004 Report Urges CEOs to Include Information Security in Corporate Governance A report issued yesterday by the National Cyber Security Partnership (NCSP) charges CEOs and boards of directors in all businesses, educational institutions, and non-profit organizations to assume responsibility for securing their computer networks from attacks. The group stopped short of urging legislation to require chief executives to certify their companies' cybersecurity measures, as they are now required to do for financial statements. Although information security is often viewed as a technical issue, it is also a governance challenge that involves risk management, reporting and accountability. To better secure its information systems and strengthen America’s homeland security, the private sector should incorporate information security into its corporate governance efforts.

Read more.

April 9, 2004 Limbaugh's Medical Privacy Debated in Appeals Court Rush Limbaugh's attorney argued Wednesday that investigators violated the conservative commentator's privacy rights when they seized his medical records from his doctor's office. Limbaugh attorney Roy Black is seeking to keep the records sealed from prosecutors who accuse the radio host of illegally buying prescription drugs. He said investigators, instead of using search warrants, should have provided some notice they were going to seize records containing private information. Joining in the legal battle is the American Civil Liberties Union, which argues that the outcome of the case could affect the privacy of medical records and doctor-patient confidentiality.

April 7, 2004 OCR Posts New FAQ on Compliance Dates for Small Health Plans & Certain BA Agreements Yesterday, the Department of Health & Human Services' (HHS) Office for Civil Rights (OCR), in charge of overseeing HIPAA Privacy Rule compliance, posted new questions and answers regarding the compliance dates for small health plans and certain business associate (BA) agreements. The new questions ask:

  • Are there Privacy Rule compliance deadlines in 2004?
  • I sponsor a group health plan for my employees. Am I a covered entity under HIPAA?
  • Is a fully insured group health plan subject to all of the Privacy Rule provisions?
  • Must all small health plans comply with the Privacy Rule?
  • Does the April 14, 2004, small health plan compliance date impose any new requirements on health plans?
  • Is this the first time small health plans are required to comply with HIPAA?

Read the answers to the FAQs. [external link]

April 1, 2004 NCVHS Hears Medicare TCS Plan Unfair, Recommends Changes to Privacy & Claims Attachment Rules A coalition of healthcare providers, clearinghouses, and vendors, including the American Hospital Association (AHA), yesterday urged the Centers for Medicare & Medicaid Services (CMS) to develop a rational plan for achieving administrative simplification under HIPAA, reports AHANews. In a statement to the National Committee on Vital and Health Statistics (NCVHS), the HIPAA Implementation Working Group urged that all payers maintain contingency plans for HIPAA claims processing during the transition to full compliance with the Transactions and Code Sets (TCS) standards and not reject or delay claims because data not needed for adjudication is missing. Meanwhile, NCVHS has issued recommendations for changes in the HIPAA privacy rule and forthcoming claims attachment rule.

Read the statement.

Read NCVHS' March 5 recommendations.

News Archives

Go to TOP
HIPAAdvisory.com
Phoenix Health Systems
Copyright 2000-2006. All rights reserved.

Current News

Recent News

News Archives

Conference Calendar

Schedule for Reg Publication/
Compliance Calendar