| HIPAAdvisory > HIPAAnews > Archives |  |
|
July 2004 News ArchivesJuly 28, 2004 New Privacy Rule Guidance for Law Enforcement, Alcohol/Substance Abuse Progams The Substance Abuse and Mental Health Services Administration of the Department of Health and Human Services (HHS) published a report last month comparing "The Confidentiality Of Alcohol and Drug Abuse Patient Records Regulation and the HIPAA Privacy Rule: Implications For Alcohol and Substance Abuse Programs." The report examines programs to which the Privacy Rule applies, information that is protected, and when protections begin for someone seeking substance abuse treatment, as well as how the Privacy Rule affects disclosures of information, and other changes required by the Privacy Rule. In its most recent posted FAQ, the Office for Civil Rights responded to the question of whether the Privacy Rule allows covered entities to disclose protected health information (PHI) to law enforcement officials. Its answer is that the Rule permits covered entities to disclose PHI to law enforcement officials, without the individual’s written authorization, under specific circumstances which it summarizes in its response. Read
OCR's FAQ on disclosing PHI to law enforcement. July 28, 2004 FDA to Look at Privacy of RFID Chips in US Hospitals VeriChip, the company that makes radio frequency identification (RFID) tags for humans, has moved one step closer to getting its technology into hospitals. The Federal Drug Administration (FDA) issued a ruling Tuesday that essentially begins a final review process that will determine whether hospitals can use RFID systems from the Palm Beach, FL.-based company to identify patients and/or permit relevant hospital staff to access medical records, reports CNET News. July 27, 2004 Medical Records Institute Releases EHR Survey Results; Groups Form Physicians EHR Coalition Results from the Medical Records Institute sixth-annual survey of electronic health record (EHR) trends show that the major motivating factors in a company’s decision to implement the EHR are the need to improve workflow efficiency, and the need to improve the quality of care, reports Healthcare IT News. The survey included a total of 808 responses from CEOs, CIOs, VPs, medical directors and others. The fact that for the past two years the motivator for EHR implementation ha been workflow efficiencies compared to previous years when it had been sharing information is an indication of the greater sophistication of the healthcare industry, said Jeff Blair, vice president of the Medical Records Institute. Meanwhile, fourteen medical organizations, representing more than 500,000 US physicians, have formed the Physicians Electronic Health Record Coalition (PEHRC). The coalition will assist physicians, particularly those in small- and medium-size ambulatory care medical practice, to acquire and use affordable, standards-based EHRs and other health information technology to improve quality, enhance patient safety, and increase efficiency. The PEHRC will also work to participate in the development of the EHR certification process. July 27, 2004 VA Offering Its EHR System to Healthcare Providers One of the world's most sophisticated systems for keeping electronic health records (EHRs) will soon be easily available to doctors, hospitals and clinics around the country, courtesy of the Department of Veterans Affairs (VA) and the federal Center for Medicare and Medicaid Services (CMS). "VA is proud to lead the healthcare industry in the use of information technology. The expertise we have gained, however, belongs to the American public," said Dr. Jonathan Perlin, VA's Acting Under Secretary for Health. "With our federal partners, we're making it easier for the private-sector healthcare industry to make use of this electronic system for healthcare records." Under the plan announced last week, private-sector healthcare providers can obtain a version of the VA-developed system, VistA, at nominal cost. Distribution of the software is expected to begin in late 2005. VistA offers healthcare providers a complete electronic record covering all aspects of patient care, including reminders for preventive health care, electronic entry of pharmaceutical orders, display of laboratory results, consultation requests, x-rays and pathology slides. July 27, 2004 Health IT Bills Introduced in House & Senate Sen. Judd Gregg, Chairman of the Senate Committee on Health, Education, Labor and Pensions (HELP), introduced legislation July 21, establishing the federal government’s leadership role in promoting the use of health information technology. The proposal closely tracks Administration efforts and is consistent with the roadmap outlined by the Department of Health and Human Services (HHS) at its National Health Information Infrastructure conference. Gregg’s National Health Information Technology Adoption Act establishes federal leadership, promotes data standards development and implementation, funds incentives, and creates standardized measures of quality care. That same day, Rep. Patrick Kennedy (D-RI) officially introduced the “Josie King Act” (also known as the “QUEST Act”), named for an 18-month old infant who died as a result of preventable medical errors. The bill would transform the technological backbone of the American healthcare industry by 2015, enabling higher quality, better patient safety, and increased efficiency. Both Gregg and Kennedy believe the current state of healthcare technology costs lives and money, and agree that, "We must do better." Read more about Kennedy's bill. July 26, 2004 Canada Raises Privacy Concerns Over Outsourcing to US British Columbia will introduce rules this fall to forbid Canadian subsidiaries of American companies from handing over private information to American law enforcement agencies under the US Patriot Act. Canadian civil liberty and privacy activists are warning that processing of medical information about BC residents should not be outsourced to US companies because of the Patriot Act's weak privacy protections.The province is currently negotiating seven different contracts where private information could be exposed under the act, including financial and medical records. July 21, 2004 HHS Issues Report Outlining Steps to Build Health Information Infrastructure HHS Secretary Tommy G. Thompson today released the first outline of a 10-year plan to transform the delivery of health care by building a new health information infrastructure, including electronic health records and a new network to link health records nationwide. At the same time, he announced a number of new action steps to help advance health information technology immediately. Read more, including the strategic framework report. July 20, 2004 Report Recommends Actions for Accelerating HIT Adoption Connecting for Health, a public-private collaborative, recently released a report that details specific actions the public and private sectors can take to accelerate the adoption of IT in healthcare. Key recommendations of the "Preliminary Roadmap for Achieving Electronic Connectivity in Healthcare" fall into three broad categories: creating a technical framework for connectivity, addressing financial barriers, and engaging the American public. A final version of the Roadmap will be released by September, providing additional detailed recommendations for action. July 20, 2004 WebMD Urges HHS To Adopt 'Rational Roll-Out Plan' For HIPAA WebMD Corporation yesterday released a white paper that concludes HIPAA's Administrative Simplification provisions are increasing complexity and costs for healthcare providers and payers across the country. The paper, entitled "HIPAA Implementation: The Case for a Rational Roll- Out Plan," which is the result of WebMD's analysis of HIPAA implementation nationwide, identifies steps that the Department of Health & Human Services (HHS) can take to steer the implementation back on course, through a "rational roll-out plan." According to the paper, the law – as implemented – has not advanced HIPAA's promise of simplification, standardization and reduced cost, but rather has had the reverse effect. July 19, 2004 HL7 Specs Receive ANSI Approval Several Health Level Seven (HL7) Version 3 (V3) specifications have been approved by the American National Standards Institute (ANSI), including:
July 16, 2004 HPP Calls for Medical Privacy Standard for Political Candidates In response to a New York Times editorial calling on both Vice Presidential and Presidential candidates to release their entire medical records, Health Privacy Project (HPP) Director Janlori Goldman wrote, in a letter published by the New York Times yesterday, "Public figures do not have the same expectation of medical privacy as others. But even the president, the vice president and candidates for those offices should be able to hold back some medical details if they do not bear on their ability to serve. A summary of general health should be enough; if we insist on more, we will drive political aspirants underground to seek care for sensitive and stigmatizing conditions. Hubert Humphrey chose to forgo treatment for bladder cancer until after the Democratic nomination. Some doctors believe he might have survived if he had been treated earlier. A standard is needed that weighs the public's right to know against a candidate's privacy interest in withholding certain medical details." Earlier this year, HPP made a more extended case for establishing a medical privacy standard for Presidential candidates. Read
HPP's April 1, 2004, op-ed on iHealthBeat, "Presidential Health:
Do We Have a Right to Know?" July 16, 2004 Depositions Tell How Lilly Sent Unsolicited Prozac Samples to Patients A Fort Lauderdale physician gave his fishing buddy -- a drug company representative -- a list of patients suffering from depression and the salesman arranged to send trial packages of Prozac Weekly to their homes without the patients' knowledge, according to sworn testimony filed this week in court. The testimony is part of a privacy lawsuit brought on behalf of some of the patients, reports the South Florida Sun-Sentinel. July 15, 2004 NCVHS: Schools, Law Enforcement & Banks Affected by Privacy Rule The National Committee on Vital and Health Statistics (NCVHS), an advisory group to the Department of Health and Human Services (HHS), sent recommendations last month to HHS Secretary Tommy Thompson on the Privacy Rule's effect on schools, law enforcement, and banks. The recommendations were gathered from hearings the NCVHS Subcommittee on Privacy and Confidentiality held in Washington, DC, February 18 - 19, 2004. The NCVHS found the Privacy Rule has an effect on schools in that it controls the disclosure of health information by covered entities (such as family physicians) to schools in situations where such information is needed in the school setting. As for law enforcement, NCVHS believes it did not hear testimony from a sufficiently broad range of witnesses about the effect of the Privacy Rule and thus limited its recommendation to drug diversion activities. A critical issue regarding banks is whether other privacy laws adequately protect health information held by financial institutions exempt from HIPAA under Section 1179. Also, HHS should consider whether encryption should be required for PHI moving through the banking system’s automated clearing house network, to ensure that it is available only to final recipients. Read NCVHS' recommendation letters regarding: July 15, 2004 Government Examining Healthcare Reform House and Senate members have been examining healthcare reform this week. Earlier this week, Senate Majority Leader Bill Frist, M.D. (R-TN), delivered a luncheon address at the National Press Club on his long-term vision for healthcare. Yesterday, the House Government Reform Technology Subcommittee heard from officials that Implementing government data standards would speed adoption of electronic health records (EHRs), reports iHealthBeat. Karen Evans, the e-government and IT administrator at the Office of Management and Budget, said a standard is needed to support government-wide access to health records, and that President Bush's health IT plan includes an initiative to develop such a standard. At the hearing, former House Speaker Newt Gingrich (R-GA) warned that "paper kills" and called on the government to accelerate its EHR effort. July 9, 2004 FCC: Phone Relay Services Do Not Violate HIPAA Privacy The Federal Communications Commission published a notice in yesterday's Federal Register clarifying that the use of Telecommunications Relay Services (TRS) programs to facilitate telephone calls between healthcare professionals and patients does not violate the HIPAA Privacy Rule. This document also clarifies that, consistent with HIPAA, a covered entity, such as a doctor or other healthcare professional, can contact a patient using TRS without requiring the TRS facility or individual communications assistants (CAs) to sign a disclosure agreement [what HIPAA generally refers to a "business associate (BA) contract"]. Some health professionals have been concerned that contacting patients and discussing health-related information via TRS poses a possible violation of the Privacy Rule because a "third party," the TRS CA, hears the information being discussed as the call is relayed. Some state TRS facilities have informed the FCC that health professionals are requiring all of the facility's CAs to sign disclosure forms before they will use TRS to contact patients with hearing or speech disabilities. The FCC therefore emphasizes that all forms of TRS, including "traditional" TTY-based relay, Internet Protocol (IP) Relay, Video Relay Service (VRS), and Speech-to-Speech (STS), can be used to facilitate calls between healthcare professionals and patients without violating HIPPA's Privacy Rule. Read
HHS' FAQ regarding whether a covered entity needs a BA contract
to use a certified TRS. July 1, 2004 Payment Delays Begin July 6 for Non-Compliant Claims The Centers for Medicare and Medicaid Services (CMS) reminded Medicare providers that it will begin delaying payments on non-HIPAA compliant claims beginning Tuesday, July 6. Now that nearly 90 percent have reached compliance, a two-week payment delay will serve as an "incentive to get to 100 percent," said Mark McClellan, administrator of CMS. Under a modification to its HIPAA contingency plan announced in February, non-compliant electronic claims will still be accepted by Medicare, but their payment will take 13 additional days. HIPAA requires that health care claims submitted electronically be in a format that complies with the applicable electronic transaction standard adopted for national use. While the HIPAA electronic transaction standards that were adopted apply to all covered transactions by covered entities, this modification to the CMS compliance plan will only affect covered entities submitting Medicare claims to a Medicare contractor.
|
