HIPAA Breaches in the News Again!

August 21, 2013March 12, 2014 Margaret Young Levi Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security breach

It has been widely reported that WellPoint Inc. recently agreed to pay a $1.7 million fine to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. The U.S. Department for Health & Human Services’ (“HHS”) press release asserts that WellPoint failed to “implement appropriate administrative and technical safeguards” required by HIPAA when it left an online application database unsecured and exposed the electronic protected health information (“PHI”) of more than 600,000 individuals. WellPoint self reported this issue when it submitted a breach notification required under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. This breach highlights the importance of ensuring that PHI is secured when system updates are performed.

Continue reading →

ONC Announces New Certified HIT Mark

July 15, 2013March 12, 2014 Margaret Young Levi EHR Certification Standards, Health Information Technology, Meaningful Use

Last week, the Department of Health and Human Service’s (HHS) Office of the National Coordinator for Health Information Technology (ONC) announced its new Certified HIT Mark, similar to the Good Housekeeping Seal of Approval. The Certified HIT Mark provides a way for consumers to feel confident at a glance that “the HIT meets all applicable requirements under the ONC HIT Certification Program.”

The ONC Certification Program ensures that electronic health record technologies meet the standards and certification criteria adopted by HHS to help providers and hospitals achieve Meaningful Use objectives and measures under the Health Information Technology for Economic and Clinical Health (HITECH) Act. Additional information from the ONC about the standards and certification criteria, certified health IT product list, and the health IT certification program may be found here.

Technical Corrections to HIPAA Omnibus Rule Released

June 6, 2013March 12, 2014 Kathie McDonald-McClure Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security HIPAA Omnibus Rule, HITECH Act

The U.S. Department for Health & Human Services (HHS) announced it is releasing technical corrections to the HIPAA Omnibus Rule tomorrow. These technical corrections are “to address public comment received on the interim final Breach Notification Rule, and to make certain other modifications to the HIPAA Rules to improve their workability and effectiveness and to increase flexibility for and decrease burden on the regulated entities.” HHS “determined that the corrections in this final rule are minor, routine determinations in which the public would not be particularly interested, or about which the public has already been put on notice, given the context of the errors or omissions to be corrected.”

These technical corrections are scheduled to be published on June 7, 2013, but until then, you can download the pre-publication, PDF version here.

HHS Announces Dramatic Increase in Adoption of Electronic Health Records

May 23, 2013March 12, 2014 Kathie McDonald-McClure Electronic Health Records, Eligible Professional Incentives, Health care reform, Health Information Technology, HITECH Law, Hospital EHR Incentives, Meaningful Use, Physician EMR Stimulus ARRA, Electronic Health Records, Health Information Technology, HITECH Act, linkedin, meaningful use of certified EHR, ONC

On May 22, 2013, Kathleen Sebelius, Secretary of the United States Health & Human Services Department, announced that over 50 percent of doctors and over 80 percent of hospitals are making a “meaningful use” of electronic health records (EHRs) and have received incentives for such use. By comparison, in 2008, just nine percent had adopted EHRs. Secretary Sebelius credits the “dramatic increase” in adoption of EHRs to the Health Information Technology for Economic and Clinical Health Act (HITECH Act) that was passed as part of the American Recovery and Reinvestment Act of 2009 (ARRA). The HITECH Act awards incentives to eligible professionals (physicians) and hospitals who make a “meaningful use” of EHR technology that has been certified by the HHS Office of National Coordinator of Health Information Technology (ONC). The HHS press release with further information is available here.

CMS-ONC Listening Session on Coding and Billing

May 3, 2013December 2, 2013 Kathie McDonald-McClure EHR Certification Standards, Electronic Health Records, Fraud and Abuse, Health Information Technology, HITECH Law EHR and fraudulent documentation, EHRs and cloning, EHRs and cut and paste, EHRs and macros, Electronic Health Records, emr compliance, Health Information Technology, HITECH Act, impact of EHR documentation on billing and coding, linkedin

On Friday, May 3, 2013, the Centers for Medicare and Medicaid Services (CMS) and the Office of National Coordinator of Health Information Technology (ONC) jointly hosted a listen and learn webcast about the impact of EHRs on coding and billing. Look for HITECHMcClure on Twitter for comments from the panelists. Materials used during the session can be accessed here. CMS plans to post an audio recording of the session on its Educational Resources webpage at a later date.