Federal HIT News

The growing computerization, exchange and analysis of patient data offer the potential to improve the quality of care and reduce costs and medical errors, but those benefits won’t be fully realized until privacy concerns are effectively addressed, HHS Secretary Mike Leavitt said today.

In a keynote address to the Nationwide Health Information Network Forum, Secretary Leavitt announced key privacy principles and a toolkit to guide efforts to harness the potential of new technology and more effective data analysis, while protecting privacy. Secretary Leavitt emphasized that appropriate privacy and security measures will be an essential sociological enabler of groundbreaking technology.

“Finding the balance between increased access to information and privacy is very important. If we don’t have it, we won’t succeed,” Secretary Leavitt said. “Consumers shouldn’t be in a position to have to accept privacy risks they don’t want. Each consumer should be able to choose products and services that best fit their health needs and privacy preferences.”

“Consumers need an easy-to-read, standard notice about how their personal health information is protected, confidence that those who misuse information will be held accountable, and the ability to choose the degree to which they want to participate in information sharing,” Secretary Leavitt said. “Over time, consumer confidence in the handling of health information is likely to grow just as consumer confidence in online banking has grown, but that won’t happen without similar protections and transparency about the use of their information.”

Individual Access – Consumers should be provided with a simple and timely means to access and obtain their personal health information in a readable form and format.

Correction – Consumers should be provided with a timely means to dispute the accuracy or integrity of their personal identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied. Consumers also should be able to add to and amend personal health information in products controlled by them such as personal health records (PHRs).

Openness and Transparency -- Consumers should have information about the policies and practices related to the collection, use and disclosure of their personal information. This can be accomplished through an easy-to-read, standard notice about how their personal health information is protected. This notice should indicate with whom their information can or cannot be shared, under what conditions and how they can exercise choice over such collections, uses and disclosures. In addition, consumers should have reasonable opportunities to review who has accessed their personal identifiable health information and to whom it has been disclosed.

Individual Choice -- Consumers should be empowered to make decisions about with whom, when, and how their personal health information is shared (or not shared).

Collection, Use, and Disclosure Limitation – It is important to limit the collection, use and disclosure of personal health information to the extent necessary to accomplish a specified purpose. The ability to collect and analyze health care data as part of a public good serves the American people and it should be encouraged. But every precaution must be taken to ensure that this personal health information is secured, deidentified when appropriate, limited in scope and protected wherever possible.

Data Integrity – Those who hold records must take reasonable steps to ensure that information is accurate and up-to-date and has not been altered or destroyed in an unauthorized manner. This principle is tightly linked to the correction principle. A process must exist in which, if consumers perceive a part of their record is inaccurate, they can notify their provider. Of course the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule provides consumers that right, but this principle should be applied even where the information is not covered by the Rule.

Safeguards – Personal identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.

Accountability – Compliance with these principles is strongly encouraged so that Americans can realize the benefit of electronic health information exchange. Those who break rules and put consumers’ personal health information at risk must not be tolerated. Consumers need to be confident that violators will be held accountable.

In addition, Secretary Leavitt announced several tools to help consumers and health information exchanges advance toward privacy protection and consumer access to their information. For example, the “Leavitt Label,” modeled after the nutritional labels on food packaging, would allow consumers to quickly compare personal health record products.

New OCR Guidance on the HIPAA Privacy Rule and the Electronic Exchange of Health Information

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has published new HIPAA Privacy Rule guidance as part of the Department’s Privacy and Security Toolkit to implement The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information (Privacy and Security Framework). The Privacy and Security Framework and Toolkit is designed to establish privacy and security principles for health care stakeholders engaged in the electronic exchange of health information and includes tangible tools to facilitate implementation of these principles. The new HIPAA Privacy Rule guidance in the Toolkit discusses how the Privacy Rule supports and can facilitate electronic health information exchange in a networked environment. In addition, the guidance includes documents that address electronic access by an individual to his or her protected health information and how the Privacy Rule may apply to and supports the use of Personal Health Records.

CDC is calling for the adoption of an electronic system for reporting adverse effects of vaccines. The current system is 80% paper-based, but a pilot project found that IT could help expedite data processing and produce more sophisticated reports. Government Health IT.

Congress had asked the Department of Defense and the Veterans Affairs Department to use a common electronic health record (EHR) system because their respective systems, AHLTA and VistA, were not interoperable. The Military Health System (MHS) was expected to make an announcement by August 1, but thus far no decision has been made known. Medsphere, whose OpenVista is an ehanced commercial application of VistA, is advocating for the preservation of VistA.

A number of state RFPs are asking for an open source requirement, Doyle pointed out. Every public hospital in West Virginia is on open source. Young said that deploying open source as a good and responsible use of public funding is resonating not only with states but with countries. Approximately 30 to 35 percent of Medsphere’s revenues over the next three to four years is in the international market. “Systems integrators want open source,” he said.

The bottom line, Doyle said, “Open source will transform healthcare IT.”

CMS will test Medicare data in commercial PHRs
A project in Arizona and Utah will test personal health record systems holding data from Medicare claims, lab results and monitoring devices.

The Centers for Medicare and Medicaid Services is undertaking a third pilot program to test the use of online personal health records by Medicare beneficiaries. In the new pilot, CMS will populate commercial PHRs with Medicare claims data.

The agency plans to select as many as four commercial PHR vendors and give users a choice. As in the other tests, CMS will be examining what works and what doesn’t as it tries to encourage Medicare beneficiaries to use PHRs.

The one-year pilot, which begins Jan. 2, will include Medicare recipients in only Utah and Arizona. The PHR vendors will partner with Noridian Administrative Services, the CMS contractor that processes claims data for those two states.

Nordian will be populating the PHRs with as much as two years’ worth of claims data.

Noridian issued a request for proposals today. Would-be suppliers of PHRs for the project must notify Noridian by Aug. 18, and the winning vendors will be announced Oct. 20, according to a schedule in the RFP.

A Senate health IT bill (S 1693) was hotlined so it could be brought to the floor by unanimous consent, but Senate Health, Education, Labor and Pensions Committee ranking member Mike Enzi (R-Wyo.) acknowledged that action likely will have to wait until September because of concerns by several senators, CongressDaily reports...

HHS Takes New Steps to Accelerate Adoption of Electronic Prescribing
Medicare Payments for Successful Electronic Prescribers, Reporting Quality Data are Important Steps Toward a Value-Driven Health Care System

Medicare is starting a new program to encourage physicians to adopt e-prescribing systems. Incentive payments will be available beginning in 2009 for physicians who meet the requirements of the program. The initiative is part of the Administration’s broader efforts to accelerate the adoption of health IT and the establishment of a health care system based on value.

Beginning in 2009, and during the next four years, Medicare will provide incentive payments to eligible professionals who are successful electronic prescribers. Eligible professionals will receive a 2 percent incentive payment in 2009 and 2010; a 1 percent incentive payment in 2011 and 2012; and a one half percent incentive payment in 2013.

Beginning in 2012, eligible professionals who are not successful electronic prescribers will receive a reduction in payment. Eligible professionals may be exempted from the reduction in payment, on a case-by-case basis if it is determined that compliance with requirement for being a successful prescriber would result in significant hardship.

Some lawmakers and stakeholders say a modified version of a health IT bill (HR 6357) passed by the House Energy and Commerce Committee yesterday does not go far enough to alleviate concerns, CongressDaily reports (Noyes, CongressDaily, 7/23).

The bill, called the Protecting Records, Optimizing Treatment and Easing Communication Through Healthcare Technology Act, would provide more than $560 million in grants and loans to help health care providers adopt electronic health records and other health IT systems. The legislation also is intended to strengthen federal patient security and privacy laws (DoBias, Modern Healthcare, 7/23)...

House Leaders Debate Privacy Provisions of Bill To Boost EHRs

Privacy is a central point in negotiations for a bill (HR 6357) that would create a national electronic health record system, according to House Energy and Commerce Committee ranking member Joe Barton (R-Texas), CongressDaily reports.

Speaking at a privacy conference on Thursday, Barton said committee leaders hope to vote on the bill before the August recess. Barton introduced the bill with committee Chair John Dingell (D-Mich.).

Barton said that while discussions in the committee are focused on privacy protections, "the problem is determining what privacy is" in the legislative sense. Barton said that he and Dingell have been "going round and round" with House Health Subcommittee Chair Frank Pallone (D-N.J.) and ranking member Nathan Deal (R-Ga.) to determine what language to include.

Senate Bill

A similar bill (S 1693), introduced in 2007 by Senate Health, Education, Labor and Pensions Committee Chair Edward Kennedy (D-Mass.) and ranking member Mike Enzi (R-Wyo.), also could progress soon, according to Democratic and Republican aides.

However, a Kennedy spokesperson said a few outstanding concerns with the bill need to be addressed.

Sen. Tom Coburn (R-Okla.) and other GOP lawmakers object to the $137 million authorization level.

In addition, Sen. Olympia Snowe (R-Maine) has said the bill should include provisions that require individuals who use or maintain the EHR system to alert authorities about patient data leaks and fine those who mishandle the data. Snowe also wants to increase the number of consumer representatives on the 18-member American Health Information Community advisory board from one to three.

The Bush administration has voiced opposition to changing the board's composition (Noyes, CongressDaily, 7/11).

On Wednesday, the House Energy and Commerce Subcommittee on Health by voice vote approved a bill (HR 6357) that aims to encourage nationwide adoption of an electronic health record system, but it could face obstacles in winning passage in the larger committee, Government Health IT reports (Ferris, Government Health IT, 6/25).

The bill would authorize $575 million annually through fiscal year 2013 to provide grants and loans for health care providers to purchase health ITsystems. The measure also would codify the office of the National Coordinator for Health IT at HHS, and it would establish a process for developing technical standards for health IT.

In addition, the bill would require health care providers and other authorities to inform patients within 60 days if the security of their personal health data has been breached (Gruenwald, CongressDaily, 6/26).

Federal health offices and divisions would be required to begin using EHRs as soon as the standards have been established (Wayne, CQ Today, 6/25).

According to CongressDaily, patient privacy protections "were the subject of the most heated debate" during the subcommittee meeting, "with some Democrats arguing that the bill does not provide enough protection" and "some GOP critics contending that it would go too far and discourage use of health IT."

House Committee on Oversight and Government Reform Chair Henry Waxman (D-Calif.) and Rep. Jan Schakowsky (D-Ill.) called for a provision that would allow patients and state attorneys to sue those who improperly use or distribute patient health data (CongressDaily, 6/26).

Rep. Mike Rogers (R-Mich.) said that while he supported the legislation, it also could deter physicians, hospitals, pharmacies and other medical facilities and professionals from using EHRs because it lacks provisions for legal liability protections that would create opportunities for lawsuits (CQ Today, 6/25).

Rep. Michael Burgess (R-Texas) said the bill's provisions should be flexible to facilitate advancements in technology because "the large private companies that are working on this are likely to come up with solutions that we never thought possible." Burgess said there should be a uniform definition of privacy (CongressDaily, 6/25).

Subcommittee Chair Frank Pallone (D-N.J.) said he hopes the House Energy and Commerce Committee approves the $575 million measure before the congressional recess in August, and committee Chair John Dingell (D-Mich.), who introduced the bill along with committee ranking member Joe Barton (R-Texas), said he hopes for final approval in the fall (CongressDaily, 6/25).

The Office of the National Coordinator for Health Information Technology has just released a four-year plan for advancing HIT. The plan identifies two areas of emphasis: patient-focused healthcare and population health.

Members of the House Committee on Energy and Commerce proposed a bill to help doctors pay for healthcare IT and improve patient privacy protection.
Source: Healthcare IT News

Health Information Technology (HIT) News

HIT News Florida Press Releases Federal News HIT Funding by State Archived HIT News

Federal News

Secretary Leavitt Announces New Principles, Tools to Protect Privacy, Encourage More Effective Use of Patient Information to Improve Care

	Florida Agency for Health Care Administration © 2009 \| Privacy Policy		Home Doing Business with AHCA Disclaimer Contact Webmaster Press Releases		Consumers Prescribers Articles Resources