Senator John Thune (R-S.D.), Chairman of the Senate Republican Conference, and Senator Lamar Alexander (R-Tenn.), Ranking Member of the Health, Education, Labor and Pensions Committee, were joined today by several of their colleagues in sending a letter to Health and Human Services (HHS) Secretary Kathleen Sebelius, calling for a one-year extension for health care providers to complete the second stage of the electronic health records (EHR) incentive program, which is increasing the adoption of health information technology by hospitals and physicians across the country.
According a release, “providers who are ready to attest to Stage 2 in 2014 should be able to do so consistent with current policy, and the senators believe the administration must continue to push for interoperability.”
By the end of 2014, more than 500,000 hospitals and physicians will be required to upgrade their existing technology to demonstrate new standards of “meaningful use” to be eligible for the corresponding incentive payments.
The HIPAA Privacy Rule regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities.”These entities generally include healthcare clearinghouses, employer sponsored health plans, health insurers, and healthcare providers.
PHI is any information held by a covered entity concerning the health status, provision of healthcare, or payment for healthcare that can be linked to an individual.
Covered entities must disclose PHI to the individual within 30 days upon request. They also must disclose PHI when required to do so by law, such as reporting suspected child abuse to state child welfare agencies.
Health and Human Services recently admitted that Secretary Kathleen Sebelius solicited private support for the implementation of Obamacare programs including Enroll America, a nonprofit group devoted to expanding access that a former Obama administration staffer runs. According toPolitico and other sources, HHS says there’s no problem with her actions.
According to the report, Sebelius sought donations from healthcare companies for a group working to encourage more people to enroll in Obamacare programs. Several key leaders, primarily Republicans, say Sebelius is showing disregard for constitutional principles and may violate the Antideficiency Act — the prohibition against augmenting congressional appropriations, and executive branch ethics laws.
In honor of the first ever National Health IT Week, here’s a gem of a story that seems to voraciously support the need for more integration of electronic health records, and technology in general, to find their way into more medical practices.
According to an article published by Referral MD, in a report issued by Health and Human Services (HHS), despite all of the attention surrounding the security of electronic health records, in actuality, between May 17 and June 17, there were 45 security breaches involving paper health records – 42 more than with EHRs.
I shouldn’t be surprised by this, but I guess I am. Perhaps I’m programmed to think about EHRs exclusively, but paper records are still the majority of records kept, at least in the smaller ambulatory practices where EHRs haven’t been implemented, so security breaches in environments like this are quite likely.
According to the report, the following fit the definition of a “breach,” including theft, unauthorized access, improper disposal and loss.
Some of these I understand, to a point. Loss. That’s easy. It’s one of the most common complaints about paper health records. They get shuffled about the office, from room to room. With the library of other records, it’s surprising that more don’t end up getting misplaced. Getting found is another story, though. If they’re found, what happens to them? Are they then stolen? Five-fingered discounted from the crevice in which they’ve been laid? And, truly, if practices are losing copious volumes of paper records – I’d think losing records would be somewhat of an ongoing problem because of internal procedures and record keeping – then I don’t want to patronize the practice.
Improper disposal. Well, that doesn’t take too much imagination, either. In fact, I once remember not too long ago that the state of Oregon disposed of thousands of Medicare patients’ records improperly by simply tossing them in a dumpster behind the state’s office building, in the same dumpster shared by the state’s capitol newspaper, The Statesman Journal.
If an organization as large the state of Oregon improperly destroys paper records, I’m sure countless others do so as well.
Unauthorized access. Okay, sure. Unwanted eyes get their mitts on the occasional (I assume it’s the occasional) record and potential danger ensues. I’m not sure how one goes about getting his mitts on someone else’s records since I’ve never thought of wanting to see someone else’s record, but I assume it has to do something with hurdling the records desk and making a mad dash for the shelves with the millions of cream-colored folders.
I jest. Obviously, info thieves aren’t jumping over counters. Perhaps one of you can set me straight, but I imagine it happens as a passerby passes someone’s record that’s sitting in the pocket outside the exam room door or something similar; just a passing glance at someone’s record as they scurry on by.
The hard one for to understand, though, is record theft. How are these records getting stolen? From a doctor’s car as he runs into the convenience store for a soda? Are they misplaced in some unfortunate public place? Are they scattered to the winds by disgruntled employees?
How on earth do they disappear?
And, perhaps more importantly, could any of these breaches been avoided with the use of an electronic health record?