More

    Five Things You Need to Know About the HITECH Act

    BentleyThe HITECH Act became law a little over a year ago, as part of the Obama Administration’s American Recovery and Reinvestment Act of 2009. We know that it set aside stimulus money for hospitals and medical practices to implement electronic medical records systems, and we know that it extends the reach of the Health Insurance Portability and Accountability Act compliance requirements to business associates of organizations that are directly subject to HIPAA.

    Going through a year’s worth of blog posts and interviews on the subject, Lora Bentley unearthed answers to five common questions regarding the legislation and the issues it raises from such experts as Patient Privacy Rights executive director Ashley Katz and Goodwin Procter senior counsel Jacqueline Klosek, among others.

    Five Things You Need to Know About the HITECH Act - slide 1

    Click through to see five key issues on HITECH that Lora has identified in her ongoing coverage of the issue.

    Five Things You Need to Know About the HITECH Act - slide 2

    In Title XIII of the American Recovery and Reinvestment Act, aka the HITECH Act, Congress reserved $22 billion to “advance the use of health information technology” in the United States.

    Five Things You Need to Know About the HITECH Act - slide 3

    An electronic health record (EHR) is the cumulative health information on one patient aggregated from several health care facilities, while an electronic medical record (EMR) is the electronic health information on one patient maintained at a single health care facility.

    Five Things You Need to Know About the HITECH Act - slide 4

    At every step in the process, patients, not hospitals or doctor’s offices or pharmacies, should determine what information is included in their cumulative electronic health records and which of their providers should have access to those records, according to Patient Privacy Rights.

    Five Things You Need to Know About the HITECH Act - slide 5

    Companies that do business with health care facilities or other entities subject to HIPAA are also now subject to the HIPAA privacy and security requirements. Moreover, according to Goodwin Procter’s Jacqueline Klosek, data breaches occurring after Feb. 22, 2010, at health care facilities or at business associates must be reported under the HITECH Act’s data breach notification requirement.

    Five Things You Need to Know About the HITECH Act - slide 6

    In order to qualify for federal incentives for electronic records systems, hospitals and other covered entities must demonstrate that they have implemented and are making “meaningful use” of such systems. According to Dr. David Blumenthal, the national health IT coordinator, “meaningful use” is more about improving patient care than it is about the technology itself.

    Latest Articles