| HIPAAdvisory > HIPAAnews > Archives |  |
|
February 2006 News ArchivesFebruary 28, 2006 AHRQ Releases Learning Resources to Help Providers Adopt Health IT The Department of Health and Human Services' (HHS) Agency for Healthcare Research and Quality (AHRQ) recently launched a new suite of learning resources at http://www.healthit.ahrq.gov February 28, 2006 Report Identifies Hurdles to EHR Implementation The Healthcare Financial Management Association (HFMA) recently released a report that identifies the top barriers to electronic health record (EHR) implementation and recommends strategies for the federal government to help providers overcome those hurdles, reports iHealthBeat. HFMA in January conducted a survey of 176 senior healthcare finance executives at hospitals and health systems nationwide and asked them to identify barriers to EHR adoption and actions they feel the government should take to encourage adoption. The survey finds a high degree of variation in hospitals' and health systems' adoption rates of different EHR components. February 28, 2006 Four Lose Jobs After Data Breach at Oregon Healthcare Facility One employee was fired and three others resigned in connection with the theft in late December of backup computer tapes and disks containing personal information and medical records on about 365,000 hospice and home healthcare patients from a parked car in Portland, OR, reports Computerworld. In an announcement late last week, Providence Home Services, a division of Seattle-based Providence Health System, said the four workers left the company after "a confidential and thorough internal review process of the data storage procedures that led to the theft." A Providence spokesman confirmed that three of the workers resigned, while one was fired. The spokesman could not confirm the job titles of the workers, but said that all four had jobs related to the data-theft incident. February 27, 2006 Experts Discuss Progress of NHIN Prototypes Dr. John Loonsk, director of interoperability standards for the Office of the National Coordinator for Health IT, moderated a discussion among representatives from the four companies chosen by the Department of Health and Human Services (HHS) to create prototypes for a nationwide health information network (NHIN), reports iHealthBeat. The discussion, which took place February 14 at the Healthcare Information and Management Systems Society (HIMSS) Conference and Exhibition in San Diego, CA, included no major announcements, but it did offer insight into the approaches that each of the companies - Accenture, Computer Sciences Corporation, IBM and Northrop Grumman - is taking to develop a viable data exchange model for the US. February 24, 2006 CCHIT Hosts "Town Call" on EHR Certification The Certification Commission for Healthcare Information Technology (CCHIT) will hold a a special teleconference Thursday, March 9, 4 – 5 PM (Eastern) to discuss published materials related to commercial certification of ambulatory electronic health record (EHR) products. The 60-minute Town Call will be done via conference call, with a PowerPoint presentation available at the CCHIT web site at www.cchit.org CCHIT is now preparing to launch commercial certification of ambulatory EHR products in late April with the goal of announcing the first certified products in June 2006. A final month-long public comment period on its criteria, inspection process, pilot test results, and draft handbook for commercial certification of ambulatory EHR products will be open March 3-31. CCHIT will also accept comments on proposed focus areas for the second phase of its work – the certification of inpatient EHRs. All materials will be published on CCHIT's web site. February 23, 2006 State CIOs Need To Play Bigger Role In Health IT Plans At a press briefing yesterday, the National Association of State Chief Information Officers (NASCIO), an organization representing CIOs in 50 states and six US territories, suggested state CIOs need to have a hand in the health IT activities taking place in their states as the push for a national healthcare IT infrastructure evolves, reports Information Week. Because states are large payers of healthcare services through programs like Medicaid, as well as large purchasers of health benefits for state employees, state CIOs need to promote efforts and remove barriers hindering healthcare IT efforts in their states, said NASCIO leaders. February 16, 2006 CMS & SHARP Host Free NPI Teleconference February 22 The Southern Healthcare Administrative Regional Process (SHARP) Workgroup presents a free audio conference, on Wednesday, February 22, 2006, from 1:00 to 2:00 PM, ET, sponsored by Atlanta and Dallas Centers for Medicare and Medicaid Services (CMS) Regions IV and VI, regarding HIPAA National Provider Identifiers (NPI). The audio conference, "NPI: Beyond the Tip of the Iceberg," will deal specifically with NPI questions to ask as an organization’s subparts enumeration and crosswalks are accomplished. A CMS representative will be available to answer questions following the presentation. Please call 877-203-0044 fifteen minutes prior to call start time and provide the conference ID number - 4199233. View the PowerPoint Presentation for the teleconference at www.sharpworkgroup.com February 16, 2006 HHS Publishes Final Rule on HIPAA Enforcement Today, the Department of Health and Human Services (HHS) published in the Federal Register the Final Rule on HIPAA Enforcement. The Final Rule adopts the complete regulatory structure for implementing the civil money penalty authority of the Administrative Simplification part of HIPAA, completing the structure begun when the Privacy Rule was issued in 2000 and expanded by the interim final procedural enforcement rules issued in 2003. The Final Rule covers the enforcement process from its beginning, which will usually be a complaint or a compliance review, through its conclusion. A complaint or compliance review may result in informal resolution, a finding of no violation, or a finding of violation. If a finding of violation is made, a civil money penalty will be sought for the violation, which can be challenged by the covered entity through a formal hearing and appellate review process. These rules apply to covered entities that violate any of the rules implementing the Administrative Simplification provisions of HIPAA. Read the full text of the Final Rule on HIPAA Enforcement (PDF). February 16, 2006 Survey: Public Unsure of EHRs Although recent studies show that medical practitioners are warming to the idea of electronic health records, a survey indicates that a campaign may be necessary to change the public's negative perceptions of EHRs, reports Federal Computer Week. The survey, conducted late last year by IDC's Health Industry Insights, shows that a majority of the public may not even know about EHRs. And there's a general fear that privacy and security protections are too weak to guarantee the proper use of personal health information. February 14, 2006 Feds to Study RHIOs The federal government will begin a research effort to support the evolution and maturation of regional health information organizations (RHIOs), reports Healthcare IT News. The initiative was announced by David Brailer, MD, national coordinator for health information technology, at the opening keynote address Monday at the 2006 HIMSS annual conference and exhibition in San Diego. The research will ensure that RHIOs have a minimum set of functional capabilities, discern best practices among these organizations and help organizations benefit from those best practices. February 14, 2006 CMS Posts New FAQs on Non-Standard Electronic Transactions & Organization NPIs Two new HIPAA questions were recently added to the frequently asked questions (FAQ) section of the new Centers for Medicare and Medicaid (CMS) web site at http://questions.cms.hhs.gov/ February 13, 2006 HIPAA Moving Towards Achievement of Long-Term Benefits A decade after its passage, the focus of HIPAA is evolving from patient privacy and security to the achievement of long-term benefits, such as lower healthcare costs, reduction of medical errors, and the development of wide area healthcare information networks, according to the recent results of the twice-yearly US Healthcare Industry HIPAA Survey. Sponsored by the Healthcare Information and Management Systems Society (HIMSS) and Phoenix Health Systems, the Winter 2006 survey marks the seventh consecutive year of tracking and reporting on the status of HIPAA compliance within the healthcare industry. The survey results were released today at the 2006 Annual HIMSS Conference & Exhibition. February 10, 2006 Three RHIOs Successfully Exchange Data Connecting for Health announced this week that its three-state prototype succeeded in exchanging thousands of records among independent regional health information organizations (RHIOs) in Boston, Indianapolis, and Mendocino County, CA. Members of Connecting for Health will discuss this successful prototype at a meeting of the Healthcare Information and Management Systems Society (HIMSS) in San Diego on Monday, February 13. They will explain how the prototype linked information using a specially developed Record Locator Service (RLS) rather than a single patient identifier, and how it exchanged anonymized electronic health information during its first tests. The prototype exchanged real prescription records and laboratory test results, but the identifying information was changed to protect patients' privacy. Nonetheless, Dr. David Brailer, the National Coordinator for Health IT, said the results were encouraging in an interview with Government Health IT. "This shows that we're ready to go," he said. Read Government Health IT's article, "A Success for Health Info Exchange." February 10, 2006 Provider Organizations Form Coalition to Tackle the 835 Transaction Standard A group of provider organizations, partners, and subject matter experts has formed the 835 Coalition to identify common problems and issues surrounding the 835 electronic transaction standard. The HIPAA administrative simplification savings in the use of the electronic remittance standard have not been fully realized. The coalition is seeking to identify and overcome the barriers and operational issues that are preventing effective use of this transaction. The coalition established six subcommittees that will focus their attention on specific areas: Financial Issues, Codes, Technical, Policy, Return on Investment (ROI), and Education. Initially, these committees will analyze current methods, data content, and collaboration strategies. After this initial phase, the coalition will initiate discussions with health plans in order to coordinate findings and harmonize implementation strategies to improve the usage of the 835 transaction standard. Visit the 835coalition.org. February 9, 2006 NIST Issues Guidelines for Data Removal The Computer Security Division of the National Institute of Standards and Technology (NIST) has completed the initial public draft of Special Publication 800-88, "Guidelines for Media Sanitization." This guide is intended to assist organizations and system owners in making practical sanitization decisions based on the level of sensitivity of their information. It does not specifically address all known types of media, however, the described draft sanitization decision process can be applied universally to all forms of media and categorizations of information. NIST invites public comments on the draft guideline until 5 PM EDT on March 31, 2006. Written comments on Special Publication 800-88 may be sent to Chief, Computer Security Division, Information Technology Laboratory, Attn: Comments on Draft Special Publication 800-88, NIST, 100 Bureau Dr., Stop 8930, Gaithersburg, Md. 20899-8930. Comments also may be submitted electronically to media-sanitize@nist.gov Read Special Publication 800-88, "Guidelines for Media Sanitization" (PDF). February 9, 2006 Confidential Patient Data Sent to Wrong Companies for Months A small Lockport, Manitoba-based distributor of herbal remedies has for the past 15 months been mistakenly receiving faxes containing confidential information belonging to hundreds of patients with Prudential Financial Inc.’s insurance group, reports Computerworld. The data exposed in the breach -- and faxed to the company by doctors and clinics across the US -- included the patients' Social Security numbers, bank details and healthcare information. So far, at least, efforts to deal with the issue appear to have failed, said Jody Baxmeyer, vice president of marketing at North Regent RX, the company that’s been receiving the faxes. Meanwhile, Brigham and Women's Hospital has been mistakenly faxing confidential patient information - including the results of tests for sexually transmitted diseases - to a Boston investment bank despite repeated attempts by the bank to stop it, reports the Boston Herald. Nearly every week for the past six months, the bank has received the personal medical records of three to four women who had just given birth, sent by fax from the hospital. The private data of nearly 30 patients has been faxed to the bank, which has asked not to be identified. Read Computerworld's article, "Confidential Patient Data Sent to Wrong Company – for 15 Months." Read the Boston Globe's article, "Brigham Sent Bank New Moms' Records." February 8, 2006 CMS Releases New Information on NPI Electronic File Interchange The Centers for Medicare and Medicaid Services (CMS) released several documents on the Electronic File Interchange (EFI) process this week. EFI, also referred to as "bulk enumeration," is a process by which a healthcare provider or group of providers can have a particular organization (the "EFIO") apply for National Provider Identifiers (NPI) on their behalf. EFI documents posted to CMS' web site include a summary, user's guide, and technical companion manual. A new NPI Fact Sheet for healthcare providers who are individuals is also now available. View the NPI Fact Sheet for individual healthcare providers (PDF). February 3, 2006 Public Health Agencies Encouraged to Sit at RHIO Table A new grant program from the Princeton, NJ-based Robert Wood Johnson Foundation is designed to jumpstart public health involvement in developing regional health information organizations, reports Health Data Management. In December, the foundation awarded 12-month grants of up to $100,000 to 21 public health agencies to help them get involved with RHIOs. The goal is to determine if RHIOs can facilitate not just data transmitted from providers to health agencies, but to get pertinent public health information from the agencies to physicians. February 3, 2006 E-Health Group Releases RHIO Toolkits The e-Health Initiative has released an experimental set of toolkits for building statewide, local, or regional health information exchanges, reports Government Health IT. The toolkits are organized into seven modules that cover the stages of development and important issues that arise in creating health information exchanges, also known as regional health information organizations (RHIOs). The modules are titled:
February 3, 2006 CMS Posts 2006 Updates to ICD-10 Procedure Coding System The Centers for Medicare & Medicaid Services (CMS) has posted 2006 updates to the International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10 PCS) to its web site, reports the American Hospital Association (AHA) News. In addition to code set changes and new draft coding guidelines, the updates include a new map for converting ICD-9-Clinical Modification (CM) procedure codes to ICD-10 procedure codes, and an updated map for converting ICD-10 codes to ICD-9-CM codes. View CMS' "ICD-10-PCS Coding System and Training Manual." February 2, 2006 Doctors Want Payment Boost for Using E-Health Records The American College of Physicians (ACP) is calling for Medicare to reimburse primary care physicians for using electronic health records and communicating with patients via email and telephone, reports Government Health IT. ACP released the proposals January 30 in the organization’s annual report on the state of the country's healthcare. The organization highlighted an impending shortage of primary care physicians that the industry could avert, at least in part, by recognizing those doctors' contributions to controlling healthcare costs, it said. February 2, 2006 Orlando is Ahead of Curve on Medical File Sharing Last month, the Central Florida Regional Health Information Organization (RHIO), which has been on the drawing board since February 2003, received a state grant for $108,000, an amount to be matched by the Winter Park Health Foundation, reports the Orlando Sentinel. The grant will pay for a full-time project director along with research and development that will allow the local RHIO to start operating on a limited basis sometime early next year. When the Central Florida RHIO activates in the first quarter of 2007, it will include the region's two biggest healthcare heavyweights, Florida Hospital and Orlando Regional Healthcare, plus one of the largest doctors' groups, Physician Associates of Florida. February 2, 2006 Connecticut to Launch E-Health Program Connecticut Governor M. Jodi Rell and US Representative Nancy Johnson on Monday joined a coalition of healthcare professionals to announce the launch of eHealth Connecticut, an initiative to store and share medical records over an electronic network in place of today's paper-based methods, reports the Associated Press. Coalition officials said they expect the statewide electronic record-sharing system to start operating within the next two years if all remains on schedule. Rell and Johnson, both Republicans, joined dozens of representatives from hospitals, insurers, physicians' associations and other groups Monday at New Britain General Hospital to announce the program's launch. February 1, 2006 HIPAA Ineffective, Says IT Research Group With only a single conviction since its inception in 1996, HIPAA is failing to meet its own mandate, says IT research firm Info-Tech Research Group. "HIPAA is a toothless tiger," says Info-Tech analyst Ross Armstrong. "The first problem is that HIPAA is complaint-driven, and complaint-driven enforcement doesn't work. The second problem is that in the one HIPAA-related conviction that has occurred, only the individual was charged, not the organization itself. If HIPAA is to be truly protective and useful, healthcare entities and their executives must be held accountable in the same way that Sarbanes-Oxley holds CEOs and CFOs responsible." Armstrong also points out that US agencies' commitment to enforcing HIPAA is shaky. A report from the Government Accountability Office (GAO) says that the FBI could not account for all of the $379 million it was given from 2000 to 2003 in order to investigate HIPAA-related frauds. Some of the money was shifted to counter-terrorism efforts, but no one could verify that the remaining HIPAA funds were properly spent. "One conviction that netted $9,000 in penalties hardly seems worth an investment of over a third of a billion dollars," says Armstrong. "Without proper government agency oversight, it comes as little surprise that there has been only one HIPAA conviction." Armstrong says that the enforcement of HIPAA is weak compared to other privacy laws such as the Fair Credit Reporting Act which earlier this month fined data broker ChoicePoint $10 million for a security breach that resulted in the theft of 160,000 consumer records. The bottom line is that for HIPAA to be effective, it needs to be enforced with the same vigor that's dedicated to other laws. February 1, 2006 CO-based RHIO Aims to Solve Physician Access Problem for Underserved Patients Funded by participating physicians, Integrated Physician Network Avista (iPN Avista), a regional health information organization (RHIO) in the Denver, CO, area, links physicians to patients who are uninsured or have Medicare and Medicaid. The network ties a hospital, three community health center sites, a county health department and 108 primary care and specialist providers together so that they can provide seamless patient care while reducing paperwork and reducing the risk of charting errors. It is one of the first in the nation to build an electronic patient information network linking a community health center and its low-income patients with the private practice community.
|
to help healthcare providers adopt health information technologies, reports AHA News. Part of the agency’s National Resource Center for Health Information Technology, the tools include descriptions of AHRQ-funded research projects and emerging lessons from the field, a knowledge library with links to more than 5,000 health IT information resources, and an evaluation toolkit to help those implementing health IT projects.