Cygnus creates wood and metal computer workstation solutions with a focus on the healthcare industry. Wall mounted computer desks, charting stations, articulating arms and medication cabinets are some of our largest sellers. Also visit our Social Media page and connect with us. http://www.cygnusinc.net/get_social_with_cygnus.html
Thursday, October 13, 2011
Lawmakers speak up for healthcare IT | Healthcare IT News
Push for legislation despite ‘tough year’ in Congress
Members of Congress have been absorbed this year in federal budget issues and the economy, but not all of them have forgotten the cause of healthcare IT advancement.
Rep. Michael Burgess, MD (R-Tex.) was slated at press time to give a keynote at this year’s HIMSS Policy Summit in conjunction with National Health IT Week, Sept. 12-16 in Washington, D.C.
“When I came to Congress in 2003, I was not the biggest proponent of health IT,” Burgess told Healthcare IT News in an exclusive interview. But, events after Hurricane Katrina in 2005 changed his mind “in a big way.”
At a field hearing post-Katrina in New Orleans, Burgess said he saw “row after row” of paper records at Charity Hospital turned black from mold. Hazmat protection was required to touch the destroyed documents.
A few days after the hurricane, Burgess assisted other doctors in the Dallas Arena in treating victims of the hurricane. Many were in no condition to remember any of their medical history or the medications they were taking, he said. Walgreens was there with computers loaded on a truck, assisting victims who had used them as a pharmacy. They were able to look up prescription records electronically to get some of a patient’s medical history. “These were powerful images,” Burgess said.
A provision in the proposed Accounting of Disclosures Rulemandated under the HITECH Act that calls for providing patients with an "access report" listing everyone who's electronically accessed their records is stirring up debate.
Many predict regulators will receive an overwhelming number of comments in the coming two months before work begins on a final version of the proposal to modify the HIPAA Privacy Rule, which was unveiled May 27. That's because some observers contend that creating access reports as envisioned under the proposal will prove cumbersome and impractical.
But others say the reports offer a valuable way to identify records snoops and provide patients with a method to monitor who has accessed their information. Access Reports
Under the proposed rule, drafted by the Department of Health and Human Services' Office for Civil Rights, patients could request an access report that lists the names of those who have electronically accessed a "designated record set" for many purposes, including treatment, payment and healthcare operations. These reports would only include the names of those who accessed the information, as well as the date and time of the access, says Adam Greene, a former OCR official who was primary author of the proposal (see Author Describes Disclosures Rule).
The reports would account for electronic access to information by a wide variety of individuals, including those employed by a hospital or clinic, independent physicians with hospital admitting privileges or business associates.
The reports also could include what kind of information was accessed, and whether the user modified the record, but only if the organization has a newer information system that can readily provide that information, says Greene, who's now a partner with the Washington law firm Davis Wright Tremaine LLP.
A designated record set includes medical records, billing records "and other information that may have been used to make decisions about treatment or payment," Greene explains.
The proposed rule contains a second provision on "accounting of disclosures," streamlining what's already required under HIPAA. That provision goes beyond addressing "who" accessed a record to spell out "why" it was disclosed to an outside party for certain limited purposes, such as law enforcement, judicial proceedings and public health.
Greene says it could take OCR six months to a year to complete a final version of the rule after the 60-day comment period ends August 1.
Every act or a statute conveys an objective to be achieved. The objective of HIPAA, which stands for Health Insurance Portability and Accountability Act, is to protect patient security and privacy. An act introduced by the U.S Congress in 1996, and augmented April of 2003, HIPAA was predominantly focused on easy portability of patient health information (PHI) for easy health insurance coverage in spite of shifting jobs and locations.
The concept of “portability” brings an increasing thrust on “accountability.” The portability of health information is beneficial to the patient, the physicians who record and refer back to the patient’s history and the insurance companies which settle the medical claims of the patient. Because HIPAA is used as a resource by three different parties, the risk of information breach is very high. It is a practice-driven policy where extra care needs to be taken during the transfer and storage of information. It is to be noted that for any kind of transfer, the form of the record is vital. The implementation of HIPAA paved the way for electronic versions of the patient health records (PHRs), which required an urgent enforcement of technology based regulations.
Come 2009, the heat was felt and the Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the America Recovery and Reinvestment Act (ARRA), was signed in the month of February by President Obama and was to come into affect by 2010. This emphasized the need and importance of going paperless when it came to PHRs. This brought in a practical way of implementation of HIPAA and gave it more importance to take affect.
All the three acts — HIPAA, HITECH and ARRA — collaboratively focus on tightening the healthcare screws when it comes to patient information, use of technology and its benefits, and the penalties in cases of non-compliance. It is to be noted that prior to the enactment of HITECH, HIPAA was looked at as a mere set of rules and regulations on paper. The proposed requirements under the HIPAA were so stringent that it wasn’t practical enough to implement. For example, HIPAA requires the exchange of information through a secured encrypted email carrier. However, in reality, the healthcare professionals typically preferred the convenience of the act, rather than the security it provided. The professionals were known to use cell phones and personal laptops, which would not only overlook a secured network, but also force other issues like loss of data, attacks and malicious activities by the hackers and other third-party intruders. Previously, saying that one’s record-keeping method was “HIPAA compliant” may not have been strictly true, even though it’s clear that being so is only good option.
As we are into another decade and the legions of law are looming over the healthcare industry, it is only advisable to stay put to non-fraudulent practices and monitor every move. Because the eyes of the healthcare police are on us and they wouldn’t blink in today’s age.
You know, when you think about an EMR purchase, it’s obvious that there’s plenty of technical considerations involved. But the truth is, when it comes down to it, most doctors will never need to know anything about APIs or coding or middleware before they pick out a system. They just want the EMR to work.
The thing is, they’ve already made a big investment in technology before — maybe lots of times — even though they probably know little or nothing about how the gears really mesh. I’m talking about automobile buying, of course. I sort of doubt a single doctor has ever sat through a Webinar on the difference between anti-lock and regular brakes, the advantages of added cargo room or the physics of improved gas mileage. But they still buy cars, don’t they?
No, like everyone else, I’m sure your average doctor takes in commercials, makes a few mental notes as to how the promised benefits fit into their world, digests the information a bit and then goes shopping. At that point, they’re briefed on what features the car has, and tell the salesperson whether that works for them. Ultimately, they buy something that fits their budget, their needs and probably, their self-image too.
Now, an EMR isn’t a fashion statement — while cars most decidedly are — but in other ways, the purchasing process should be similar.
After all, the software they’re choosing should be as utilitarian as an SUV. They should come to the buying process knowing what needs they’re trying to address (in a car, say, the ability to haul big objects, or in an EMR, being able to enter patient notes quickly and clearly). Hopefully, they have a sense of how they’re going to use their EMR on a day-to-day- basis, as they obviously do when they’re car shopping.
And with any luck, they’ll also know what ongoing problems they’re trying to solve, be they managing the flow of laboratory results, making sure they’re reminded to follow up on preventive care, looking at the health of their patient population and so on.
If a practice knows these things, they won’t be blinded by a blizzard of technical terms or worry about whether they’re on version 2.15 of the latest build. They won’t have to spend much time debating over whether a SaaS or client-server solution makes more sense. They’ll just want to get the job done.
Unfortunately, it’s hard to get to that point when a technology comes in looking all scary, complicated and expensive. But as any one who’s ever bought a new car knows, you can always take the damned thing back.
[Original Article at Healthinfosecurity.com] Ron Kloewer, CIO at 25-bed Montgomery County Memorial Hospital, explains why the critical access facility's spending on information security will grow in 2011.
The rural Iowa hospital will spend more on information security because of its efforts to prevent health information breaches and comply with HIPAA and the HITECH Act, Kloewer says.
Why the hospital does not allow patient information to be stored on desktops, mobile devices or thumb drives;
Why the hospital won't hire more IT staff next year, instead focusing on providing technical training to staff members in various departments.
Kloewer wears many hats in his executive role at Montgomery County Memorial Hospital, a critical access facility in Red Oak, Iowa. He serves as CIO, risk manager, privacy and security officer and director of planning and development.
Federal HIPAA privacy and security rule compliance audits of healthcare organizations and their business associates likely will start later this year, says Susan McAndrew, deputy director for privacy in the HHS Office for Civil Rights.
In an exclusive interview, McAndrew says the timing of the start of the HITECH Act's mandated audit program "will really depend on the ultimate selection of what model we use" and how fast that model can be implemented.
McAndrew also said:
The audits likely will be outsourced and not conducted by OCR staff.
Security audits will check that organizations have completed a risk assessment and implemented appropriate administrative, technical and physical safeguards.
Audits for compliance with the privacy rule will focus on organizations' efforts to uphold individuals' rights, such as their right to access their own medical records.
McAndrew made her comments in an interview at the conference: "Safeguarding Health Information: Building Assurance through HIPAA Security," sponsored by OCR and National Institute of Standards and Technology.
Recently released government standards for electronic health record systems show what medical professionals must buy to receive some of the nearly $20 billion in stimulus funding set aside to encourage the development of technology, and Web-based technologies that Google and Microsoft developed may be eligible purchases in the future, IT specialists say.
The Health and Human Services Department issued preliminary guidelines on Dec. 30, 2009. Medical professionals who make "meaningful use" of certified electronic health records, as defined by the department, will be eligible for up to $44,000 in Medicare bonus payments during the next five years.
One preliminary rule dictates the types of technologies providers must use to be eligible for the incentives, setting initial standards and criteria for certifying the systems. A separate proposed rule defines meaningful use as complying with specific procedures -- including the reliance on certified technologies -- in ways that enhance the coordination of care, engage patients and families, and ensure privacy. [Continue Reading]
Ran across this great video by the Fox Group. The video runs about 10 minutes and goes into pretty good detail into the operational benefits, financial incentives, and potential pitfalls of migrating a medical practice to an electronic health record system.
Yesterday, there was a press conference at Mt Sinai Hospital in Chicago with VP Joe Biden, HHS Sec. Kathleen Sebelius and ONC head David Blumenthal to announce the first major release of ARRA funds for HIT. The total amount, $1.16B will be distributed in 201o to address two priorities, setting up extension centers and helping states create RHIOs. The official announcement from Biden’s office provides a few more details. The HHS HIT site has a good letter from Blumenthal that further outlines the purpose if this funding.
HIMSS in Chicago was another great show featuring some of the best the healthcare informatics industry has to offer. While the attendance appeared to be down from last year, it was evident that health care facilities had sent their best people.
The weather was "classic" Chicago, offering plenty of wind and a generous portion of cold. The walk to food venues throughout Chicago proved to be quite a task if unprepared.
The major dissappointment was in the sessions about the economic stimulus package. Because the stimulus is still somewhat shrouded by details that have yet to be outlined, there were no concrete details about what to expect.
We really enjoyed demonstrating our network lock which is now available in our charting stations, computing stationsandmedication boxes. For many, the show really revealed all the great features that this security system has to offer. If you missed the demo, look at the video on our website OR wait a few weeks until the lock system video is completed. (I'll post specifically about the lock video as soon as its done.)
Overall, HIMSS09 was a great success and we look forward to exhibiting again at HIMSS10 in Atlanta, GA.
A special thanks to Colin at CMK Development for the use of one of his luxury condo's in downtown Chicago. It was amazing!
The HITECH Act has been thoroughly reviewed and is throwing up some questions, as projected. One interesting word used in the act is the word "meaningful". Kind of a hard word to measure isn't it?
A company called Chilmark Research has read all 1,000 pages of the HITECH Act and have been posting findings on their blog. Very interesting. READ MORE >>
From HIPAA.com Ed Jones, Author & Healthcare Authority The Senate joined the House on Friday evening, February 13, 2009, in passing the American Recovery and Reinvestment Act, which includes provisions relating to Health Information Technology. Title XIII of Division A and Title IV of Division B together are known as the “Health Information Technology for Economic and Clinical Health Act” or the “HITECH Act.” We will be highlighting attributes of the HITECH Act through the end of February. READ MORE>>
