HiTech ACT - January 2009

In February of 2009, President Obama signed into law the Health Information Technology for Economic and Clinical Health Act.

With this the application of the Health Insurance Portability and Accountability Act was extended to health vendors, more providers and every healthcare organization and facility.  The Health Information Technology for Economic and Clinical Health Act, under the Americans for Reimbursement and Recovery act funds the Office of the National Coordinator’s office with 19 Billion Dollars to provide subsidies and payments for providers to implement electronic health record systems. The program pays these incentives under Medicare and Medicaid to qualified health care organizations and providers. The Stated goal of the Office of the National Coordinator is that each person in the United States will use an Electronic Health Record.

The Act also rises the security and privacy responsibilities and levees fines to so many providers.  This Office is also held responsible with implementing strategies, assessing the impact and evaluating the benefits of the Electronic Health Record Exchange.

The goal of this legislation is to protect the sensitive health records of so many patients using the health system.  The Government has provided incentives under this new Hitech Act to encourage adoption of use of Health Information Technology (HIT).  The program will develop regional centers of Technical Assistance in order to facilitate adoption of Health Information Technology.

The National Science Foundation is commissioned with the task of developing higher education so that our health care organizations and providers understand, implement and even help to design the technology architecture, systems and implementation.

The loans and grants, totaling 19 Billion will be used by qualified providers to purchase and implement Electronic Health Record Information Systems.

Another significant component of the plan is that covered entities and business associates are now required to notify individuals and the Health Human Services if an individual’s unsecured or unencrypted protected health information has been or is reasonably believed to have been accessed, or somehow disclosed as the result of a breach.  If the breach affects more than 500 individuals, the notification can be through media outlets.  Further, personal health record vendors must notify the individual and the Federal Trade Commission  of a breach.  The Federal requirements are more stringent than state requirements, which only required notifying the person in the event there was reason to suspect identity theft.

Privacy and Security Requirements in HiTech include:

Covered entities must honor  a patient’s request to withhold Personal Health Information from a health plan if the patient paid for the medical care

Covered entities must limit the use for disclosure of PHI to a limited data set.

When requested, covered entities must provide patients with an audit trail of all disclosures of Personal Health Information made within the past three years.

Covered entities may not receive payment for communicating with patients for marketing purposes

employees of covered entities or other individuals who knowingly access , use or disclose the personal health information for improper purposes will be subject to criminal penalties

civil penalties for violations under HIPAA are increase depending on the conduct.

The federal government must impose penalties if the violation of the conduct was willful.

Entities, including hospitals and healthcare providers should implement the following to comply with the HITech act.

Develop and Implement a Red Flag Rules compliance program

develop and implement a breach notification compliance program

review and amend existing business associate agreements and determine if new business associate agreements are needed.

strategize and position yourself to obtain loan and grant funding

ensure your tech is CCHIT certified.

And, finally, make sure that your medical malpractice insurance policy contains electronic health record liability insurance with it, and that you have the opportunity to ‘buy up’ to higher limits of insurance.

Comments

Got something to say? Join the discussion ยป

Leave a Reply

 [Quick Submit with Ctrl+Enter]

Remember my details
Notify me of followup comments via e-mail

  1. Re: Telemedicine and Medical Malpractice Insurance

    Google

    -- Hayley Laffer

  2. Re: Clinical Research Liability

    I am starting a Clinical Research site in Philadelphia and am interested in learning more about a policy...

    -- Takoda Roland

  3. Re: When you might need another one or two medical malpractice insurance policies.

    My colleagues were searching for NC SF 521 several days ago and learned about an online platform that...

    -- pauletta walker

  4. Re: Clinical Research Liability

    Hello. I am establishing a new human clinical trial site in New York State and would like a quote for...

    -- Lisa

  5. Re: Who Can Perform Liposuction Surgery?

    It is meaningful information. Thank for your posting. I hope to see more than that. http://www.liposuctionguru...

    -- liposuction surgery

  6. Re: Did you know: That There is a Medical Expert Witness Directory?

    Infections of a new strain (genotype) of CMV, EBV that caused skin burning pain on lower body, buttocks...

    -- Rocky

  7. Re: Medical Director responsible for more than intended by the office work.

    My business partners were requiring a form several days ago and saw a great service that has a ton of...

    -- Dee

  8. Re: Employment practices liability insurance explained:

    Hi TATYANA ILES. my work colleague filled in a sample MA DoR 1 form at this place

    -- Jennefer Haak

  9. Re: Employment practices liability insurance explained:

    Helpful commentary . I learned a lot from the facts . Does anyone know if my company could possibly acquire...

    -- TATYANA ILES

  10. Re: Employment practices liability insurance explained:

    Helpful commentary . I learned a lot from the facts . Does anyone know if my company could possibly acquire...

    -- TATYANA ILES