HITECH Act

Health Information Technology and Economic Clinical Health Act of 2009 was passed as part of the American Recovery and Revitalization Act of 2009 (ARRA) that President Obama signed on February 17, 2009.

Final Rules for Stage 2 EHR Incentive Programs Released

Margaret Young Levi EHR Certification Standards, Electronic Health Records, Eligible Professional Incentives, Health Information Technology, HITECH Law, Hospital EHR Stimulus, Meaningful Use , , , , , , , , , ,

First, the Centers for Medicare & Medicaid Services (CMS) released the long-awaited final rule to govern Stage 2 of the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs. The rule specifies the Stage 2 criteria that eligible professionals (EPs), eligible hospitals, and critical access hospitals (CAHs) must meet in order to continue to participate in the EHR Incentive Programs.

  • Click here for the full text of CMS’s final rule.
  • Click here to see the fact sheet on CMS’s final rule.

Second,  the Office of the National Coordinator for Health Information Technology (ONC) also announced a related final rule, which specifies the technical capabilities and related standards and implementation specifications that Certified EHR Technology will need to include to support the achievement of meaningful use by EPs, eligible hospitals, and CAHs under the EHR Incentive Programs.

  • Click here for the full text of the ONC rule.
  • Click here  to read a fact sheet on ONC’s standards and certification criteria final rule.

Stay tuned.  We will be posting more about these final rules in the days to come.

Get Ready for Audits on EHR Incentive Payments

Margaret Young Levi EHR Certification Standards, Electronic Health Records, Eligible Professional Incentives, Federal Law Resources, Health Information Technology, HITECH Law, Hospital EHR Stimulus, Meaningful Use, Privacy & Security , , , , ,

The promised audits have begun for providers receiving electronic health records (EHR) incentives available under the Health Information Technology for Economic and Clinical Health (HITECH) Act. 

In order to receive Medicare EHR incentive payments, providers must attest to CMS that they meet Meaningful Use (MU) criteria using certified EHR technology.  Any provider attesting to receive an EHR incentive payment for either the Medicare EHR Incentive Program or the Medicaid EHR Incentive Program potentially may be subject to an audit.  If an audit finds a provider is not eligible for an EHR incentive payment because it does not meet MU criteria, then the incentive payment will be recouped.   Here’s what providers need to know to prepare for an audit:

Continue reading

OMB Delays Final HIPAA Rule Indefinitely While GAO Urges HHS to Issue Additional HIPAA Security and Privacy Guidance

Kathie McDonald-McClure Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security , , , , ,

On June 22, 2012, the Office of Management and Budget (OMB) announced that it was delaying release of the HIPAA Omnibus Final Rule (HIPAA Rule) under the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) from a projected early July date, to a future unspecified date.  

The much-anticipated HIPAA Rule contains implementing regulations for five aspects of the Act: 1) enforcement (new penalty levels); 2) breach notification; 3) use of genetic information by health plans; 4) application of the HIPAA Security Rule requirements directly to business associates and subcontractors; and 5) use of patient health information (PHI) for marketing.  HHS has said the final Rule will contain “significant modifications” to the current HIPAA Privacy Rule.   

Continue reading

Initial HIPAA Audit Report Provides Some Guidance, Identifies Top Risks

Margaret Young Levi Federal Law Resources, Health Information Technology, HITECH Law, Privacy & Security , , , , , , , , , ,

In our November 2011 blog post, we told you about the launch of HIPAA privacy and security audits mandated by Section 13411 of the Health Information Technology for Economic and Clinical Health Act (HITECH Act). KMPG, Inc. was awarded the contract to develop the audit protocol and conduct these audits last fall and, on March 1, 2012, completed its initial group of 20 audits aimed at testing the audit protocol. The United States Department of Health & Human Services’ (HHS) Office of Civil Rights (OCR) recently issued a preliminary report of the results (click here to see OCR’s slide presentation of the 2012 HIPAA Privacy and Security Audits Report). 

Continue reading

New Guide for Privacy and Security of Health Information in EHRs

Margaret Young Levi Electronic Health Records, Federal Law Resources, Health Information Technology, HITECH Law, Meaningful Use, Privacy & Security , , , , , , ,

Lock and KeyThe Office of the National Coordinator for Health Information Technology (ONCHIT) recently released a 47-page Guide to Privacy and Security of Health Information.  The Guide provides direction to providers on protecting patient privacy and securing their health information in an electronic health record (EHR) for purposes of complying with the Heath Insurance Portability and Accountability Act (HIPAA) as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The Guide also addresses compliance with certain Meaningful Use (MU) standards that have been promulgated pursuant to the HITECH Act’s incentive program for adopting and implementing EHRs.

Continue reading