The HITECH Act became law a little over a year ago, as part of the Obama Administration’s American Recovery and Reinvestment Act of 2009. We know that it set aside stimulus money for hospitals and medical practices to implement electronic medical records systems, and we know that it extends the reach of the Health Insurance Portability and Accountability Act compliance requirements to business associates of organizations that are directly subject to HIPAA.
Going through a year’s worth of blog posts and interviews on the subject, Lora Bentley unearthed answers to five common questions regarding the legislation and the issues it raises from such experts as Patient Privacy Rights executive director Ashley Katz and Goodwin Procter senior counsel Jacqueline Klosek, among others.
Click through to see five key issues on HITECH that Lora has identified in her ongoing coverage of the issue.
In Title XIII of the American Recovery and Reinvestment Act, aka the HITECH Act, Congress reserved $22 billion to “advance the use of health information technology” in the United States.
An electronic health record (EHR) is the cumulative health information on one patient aggregated from several health care facilities, while an electronic medical record (EMR) is the electronic health information on one patient maintained at a single health care facility.
At every step in the process, patients, not hospitals or doctor’s offices or pharmacies, should determine what information is included in their cumulative electronic health records and which of their providers should have access to those records, according to Patient Privacy Rights.
Companies that do business with health care facilities or other entities subject to HIPAA are also now subject to the HIPAA privacy and security requirements. Moreover, according to Goodwin Procter’s Jacqueline Klosek, data breaches occurring after Feb. 22, 2010, at health care facilities or at business associates must be reported under the HITECH Act’s data breach notification requirement.
In order to qualify for federal incentives for electronic records systems, hospitals and other covered entities must demonstrate that they have implemented and are making “meaningful use” of such systems. According to Dr. David Blumenthal, the national health IT coordinator, “meaningful use” is more about improving patient care than it is about the technology itself.