Electronic Health Records

Don’t Forget to Protect your Paper Health Records!

Margaret Young Levi Electronic Health Records, Health Information Technology, Privacy & Security , ,

191563_blog_medical%20RecordsEven as health care providers have moved to convert from paper to electronic health records, it remains just as important to continue to protect paper health information records.  While the majority of data breaches involve mobile devices such as laptops and flash drives, a significant number of large data breaches (those affecting 500 or more individuals) Continue reading

November 30th Meaningful Use Deadline for Hospitals

Margaret Young Levi Electronic Health Records, Health Information Technology, HITECH Law, Hospital EHR Incentives, Meaningful Use , , , , , , ,

clip_image002Saturday, November 30, 2013, is the last day for hospitals and critical access hospitals (CAHs) to register and attest to receive an incentive payment for FY2013 under the Medicare Electronic Health Record (EHR) Incentive Program.  In the flurry of Thanksgiving activities, holiday travel and Black Friday shopping, don’t forget to take advantage of this deal.  The Centers for Medicare and Medicaid Services (CMS) has posted a reminder of these deadlines on its Medicare & Medicaid EHR Incentive Program Registration & Attestation System webpage.
Continue reading

Retention of Paper Medical Records After Converting to Electronic Health Records

Margaret Young Levi Electronic Health Records, Federal Law Resources, HITECH Law, Meaningful Use, Privacy & Security , , , , , ,
191563_blog_medical%20Records

NOTE: On February 18, 2010, we posted an article about what to do with paper medical records when converting to an electronic health record (EHR). To date, this has been the most popular article on the HITECH Law Blog. We decided to re-review the topic, update it, and repost it. Actually, not much has changed in the way of the law applicable to this topic. So, the article below reiterates most of the tips from our original article with a few refinements, including additional information about retention periods. This article also is relevant to deciding on the retention period for legacy EHR records when converting to another EHR.

Many hospitals have electronic health records (EHRs) that are hybrid digital records. While the hospital may be using electronic data entry in the emergency department, inpatient nursing care, pharmacy, lab, and pre-op anesthesia, oftentimes, these EHRs are not integrated and, thus, are not merged into a single EHR. The short-term solution may have been to scan printed records from some department, like lab or pharmacy, into the patient’s on-line digital record. As a result, the hospital’s “electronic health record” contains information that is not captured in a “coded format.” For one, this will not meet the “meaningful use” criteria under the HITECH Act.

But let’s assume that the hospital can overcome this hurdle by working with vendors to integrate these records in a way that will meet HITECH EHR certification standards. If the hospital has been maintaining certain portions of patient records in a paper format, what does it do with those paper records after converting to an EHR? If the hospital scans all the paper patient records into its EHR, how long should the hospital retain the paper record after it is scanned into their EHR?

Continue reading

EHR Meaningful Use Audits – Coming Soon to an Office Near You!

Ann Feldkamp Triebsch Electronic Health Records, Health Information Technology, HITECH Law, Meaningful Use , , , , , ,

by Ann F. Triebsch

businessman looking over his glasses with clipboard on hand - frAs we indicated in a posting last October and in a more recent August post , audits are now underway to verify that providers who received incentive monies from the Centers for Medicare and Medicaid Services (CMS) under the Health Information Technology for Economic and Clinical Health (HITECH) Act for implementation of a certified electronic health record (EHR) have indeed met the “meaningful use” (MU) criteria. The Office of the National Coordinator for Health Information Technology (ONC) has contracted with Garden City, NY-based Fagliozzi and Company to conduct these audits.  The audits are designed to verify that providers receiving incentive payments are using certified EHR technology in a meaningful way. These audits can be a hassle, and there are risks if you cannot promptly provide what is requested—even if you are complying with the MU criteria.

Continue reading

Privacy Breaches – They’re FTC Territory, Too!

Ann Feldkamp Triebsch Electronic Health Records, Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security ,

by Ann F. Triebsch

Lock and KeyWe’ve all heard about HIPAA privacy breaches until we think there couldn’t be anything else to worry about. Think again—the Federal Trade Commission (FTC) is prosecuting privacy breaches in the health care industry as a violation of Section 5 of the FTC Act. The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) is charged with enforcing HIPAA, but some of those same privacy breaches can be scrutinized by the FTC to determine if they are “unfair or deceptive acts or practices in or affecting commerce”, which the FTC Act prohibits. On August 29, 2013, the FTC filed suit in Federal District Court in Atlanta against LabMD, a medical testing laboratory, and its president, to compel it to comply with an investigative demand for information on whether it failed to properly protect private information of about 9,000 consumers (FTC v. LabMD, U.S.D.C. N.D. Ga., Case No. 1:12-CV-3005) .

Continue reading