This is the seventh article in our series on the effect of a “slow repeal” of the ACA. This week’s discussion focuses on the potential impact on healthcare technology.

Industry experts are predicting that a slow repeal of the ACA will have very little, if any, negative impact on healthcare technology. Healthcare technology grew at an unprecedented pace under the ACA, in part because the ACA contains provisions which provide healthcare technology with incentives to develop and implement new systems aimed at increasing efficiency. Despite the significant amount of uncertainty with a slow repeal of the ACA for many players in the healthcare industry, healthcare technology appears to be poised for continued growth through value-based care, telemedicine, and the increased need for interoperability.Continue Reading Slow Repeal of the ACA and Its Effect on Healthcare Technology

Backing up electronic health record data may become an important aspect of complying with and mitigating risk under the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) if the U.S. Health and Human Services Office of Civil Rights (OCR) heeds legislators’ recommendations.
Continue Reading Congress’ suggestions for ransomware treatment under HIPAA

The Anthem breach sent alarm waves through the health care industry and the employer health plan community. With 78.8 million affected individuals for Anthem and 11 million for the companion breach of Premera Blue Cross, the combined size ranks among the largest data breaches in history.

The Anthem and Premera breaches signal a sea change in the threat environment for health plans, a new reality that requires a fresh look at data security. Prudent employers with group health plans should take that fresh look now, by strengthening the data security provisions in their business associate agreements (BAAs) with third-party plan administrators, and also by updating their HIPAA-required security risk assessments.
Continue Reading Data Security for Employer Health Plans Post-Anthem

Seemingly picking up where we left off in our recent white paper and Advisory Board article, the Obama administration released a 166-page draft plan January 30th intended to drive providers and patients toward a common set of electronic clinical information and a commitment to more fully connected EHR systems by the end of 2017.
Continue Reading Interoperability 2017 – Will the latest government plan be the golden spike that connects the EHR rails?

In the Electronic Health Records (EHR) space, unconnected and competing systems carry the potential for organizational train wrecks.

Until robust, efficient, and mandatory interoperability standards emerge, providers should consider linking systems through other means, as failure to do so may lead to malpractice and regulatory compliance issues.

A new White Paper, Driving the Golden Spike:

Marketing Involving PHI

The HIPAA Omnibus Rule made changes to the rules related to marketing involving PHI.  A marketing communication, as defined by HIPAA, is a communication about a product or service that encourages the recipient to purchase that product or service.  Previously, PHI could not be used or disclosed for a marketing communication without authorization unless

Are healthcare providers at your facility texting patient information to each other?  This type of communication is becoming more and more common, but such text messages are often in violation of HIPAA.  To address this issue, Sprint announced last week that it is now offering two texting products that provide the proper security for PHI

On Thursday, March 7, 2013, the Office of the National Coordinator for Health Information Technology and the Centers for Medicare and Medicaid Services (CMS) released a notice and request for information concerning using additional policy levers to accelerate the adoption of electronic health record systems (EHRs). In part, the agencies are looking to increase the number of provider practices satisfying the core requirements for Meaningful Use under the Health Information Technology for Clinical and Economic Health (HITECH) Act.

In the notice, the agencies state that they are looking to accomplish this acceleration by “engaging other policy areas” within the jurisdiction of the U.S. Department of Health & Human Services (HHS), and may include a combination of incentives, payment adjustments, and new requirements. The agencies have identified three main areas in which to use the policy levers:

On January 17, 2013, the Office for Civil Rights of the U.S. Department of Health & Human Services issued its final rule modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy, security, enforcement, and breach notification rules under the Health Information Technology for Economic and Clinical Health (HITECH) Act. The final rule