By Megan Williams, contributing writer
Your clients may hear more about HIPAA, but chances are, the Health Information Technology for Economic and Clinical Health (HITECH) Act impacts them just as much — if not more — than the more commonly known legislation around patient privacy. The HITECH Act includes some twists for solutions providers, so familiarity with its base guidelines, as well as some recent developments, is an important part of keeping your business healthy.
The Act
The HITECH Act was enacted in 2009 with the intent of expanding the scope of the privacy and security provisions of HIPAA, as well as giving its regulations some teeth.
For healthcare providers this meant a number of things:
- Their business associates faced new privacy and security provisions and penalties.
- PHI (protected health information) breaches became attached to new notification requirements.
- Disclosure requirements became stricter. The disclosure of PHI by a provider (by patient request), for purposes other than treatment, or if the item has been paid out-of-pocket, became restricted; the limitation of PHI was restricted to a “minimum necessary” data set; and providers were required to make available an accounting of certain disclosures of PHI within a three year time frame at the patient’s request.
- Enforcement procedures and penalties were strengthened.
For solutions providers, the act expanded breach notification requirements to providers of personal health records and other non-HIPAA covered entities.
Impact On EHRs
These changes resonated to the world of EHR (electronic health records) implementation. Since the enactment of HITECH, the implementation of EHRs has seen a dramatic jump, from 21 percent of medical practices replacing EHR systems immediately after the act was passed, to 31.2 percent doing so in Q1 of 2013, as reported by SoftwareAdvice.com. That same period also revealed a slight rise in providers replacing EHR systems because of dissatisfaction with their current technology, and a doubling of replacement because of compliance and meaningful use standards.
The study also reflected that a desire to “qualify for stimulus funds” was a primary factor in some providers’ motivations to replace their paper charts. While the exact impact of the act specifically is unclear from the findings, it is quite obvious that a desire not only to comply with regulations, but also to receive the additional financial incentives provided by the act is a key motivator in client decision making around EHR systems.
Beyond HITECH
Just as some providers (and patients) are beginning to understand the healthcare environment as impacted by the HITECH act, things are beginning to change. National Coordinator of the Office of the National Coordinator for Health Information Technology (ONC), Karen DeSalvo, MD, MPH, MSc, announced that the office is currently preparing itself to move beyond an era of health IT driven by financial incentives, and into one focused around interoperability. As stated in her message to the ONC: “As we have discussed in prior meetings, the HITECH Act’s health IT infrastructure and program investments are ending, and it is our responsibility to take this opportunity to reshape our agency to be as efficient and effective as possible, never losing sight of our primary accountability — the people of America.”
This change will mean a focus on data and data solutions, an emphasis on Meaningful Use, patient information access, partnerships, and coordination with insurance companies and a range of other emerging tech developments in healthcare.
