March 30, 2012 - Advocacy Corner
Industry Awaits HIPAA Updates
Several pieces of HIPAA – many of which stem from the 2009 HITECH Act – are likely to come together soon, observers in Washington note. Four long-awaited final rules have been sent from HHS to the Office of Management and Budget as a “HIPAA Omnibus Rule.” According to one news article, the final rules include:
OCR also will release guidance to help entities implement the changes, including an updated business associate agreement, FierceHealthIT reports. Some of the major changes expected in the rule could include eliminating or amending the controversial “harm threshold” provision that currently enables covered entities to not report on breaches determined to not be harmful, making business associates and subcontractors liable for breaches as covered entities are, and requiring some degree of data encryption.
- Changes to HIPAA's privacy and security rules mandated by the HITECH Act;
- New enforcement requirements and higher penalty requirements;
- Final regulations of HITECH's breach notification rule; and
- Changes to HIPAA to incorporate the Genetic Information Nondiscrimination Act (GINA).
And for anyone out there asking themselves how they’re going to handle all the new HIPAA changes,
NIST has developed a HIPAA Security Toolkit Application that is meant to “help organizations better
understand the requirements of the HIPAA Security Rule, implement those requirements, and assess
those implementations in their operational environment.”
Legislation & Politics
SCOTUS Comes and Goes – What’s Next?
If you’ve been listening to the gurus and talking heads of Washington this week, you were
probably shocked to learn the Supreme Court struck down the individual mandate. Or, if you were
paying attention, you learned that not much has really changed since last Friday.
The Supreme Court did hear oral arguments this week on the Anti-Injunction Act, the individual mandate,
severability and Medicaid expansion, but nothing will be known about the Justices’ decision until June.
In the mean time, States, insurance companies, employers and providers are moving ahead as they have been
since the Affordable Care Acts passage in 2010. According to a story in Politico, states that have been
dragging their feet to implement exchanges and other parts of the ACA are still dragging and states that
are moving aggressively to implement key pieces of the law aren’t showing any signs of slowing.
However, this is not to say that the health IT world has nothing to fear. Depending on if the Justices
strike the mandate, and depending on how they decide what parts of the law stay, several programs using
health IT to guide new healthcare delivery reforms would be subject to the same uncertainty. As reported
in last week’s Advocacy Corner, two areas that we’ll be watching closely include the Medicare Shared Savings
Program, which created the regulatory guidelines for Accountable Care Organizations, and the CMS Innovation
Center, which oversees multiple initiatives ranging from Bundled Payments to Patient Centered Medical Homes.
StateNet Community Talks Advocacy at the Statehouse in Latest Meeting
During its bi-monthly meeting this week, CHIME members joined a broader group of health IT stakeholders for the year’s second StateNet Community Meeting & Webinar. Attendees heard from four health IT advocacy pros who talked about their experiences working with state legislatures in Colorado, Maryland and Virginia. The range of issues facing these three states included a Medicaid payment reform program, all-payer claims database legislation and telemedicine reimbursement.
The presentations were timely as National Coordinator Farzad Mostashari and CMS Acting Administrator Marilyn Tavenner this week published a blog on the subject of state-level policies having an impact on health IT. They noted correctly that several states have already set ambitious targets, mentioning states like Ohio, Washington, California and New York who have set targets for having providers receive EHR incentive payments in 2012.
By working with local HIMSS and AHIMA chapters stakeholders in all three states convened for a HIT Advocacy Day in their state capitols that included CIO Panels (Virginia) joint panels with legislators and health IT practitioners (Colorado) and a panel of HIT experts focused on the consumer experience (Maryland).
The states also shared “lessons learned” in making sure a HIT Advocacy Day is successful. Among those was the idea that Advocacy is a year-round effort and that health IT experts need to volunteer with state boards and commissions whenever possible. Nearly all the states said there’s a need to get started early and keep a watchful eye on legislation. Colorado suggested that states even consider hiring a consultant to organize and do press outreach.
For an archive and slides of the presentation, please click here.
CHIME News & Notes
Other News Items CHIME Is Reading:
Effort To Pay Hospitals Based On Quality Didn’t Cut Death Rates, Study Finds, Kaiser Health News, March 29, 2012
Groups Urge CMS To Re-Evaluate 'Imminent Storm' of Regulations, Modern Healthcare, March 30, 2012
New U.S. Research Will Aim at Flood of Digital Data, New York Times, March 29, 2012
CHIME Policy Docs & Calendar
CHIME Advocacy Documents
CHIME Advocacy Calendar
- CHIME Advocacy Leadership Team Meeting – Stage 2 Standards & Certification Criteria, presented by Steve Posnack
Interested in learning more about what’s in proposed rules for Stage 2? Know anything worth sharing with fellow CIOs? Please contact Sharon Canner or Jeffery Smith.