Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Health Care System Is Broken Focus on treatment Sporadic Fragmented Uncoordinated care Inconsistent delivery of evidence-based care Misaligned reimbursement system
Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH)
Creates financial incentives for eligible providers and hospitals to meaningfully use electronic health records (EHRs), including exchanging health information electronically Promotes development of a nationwide health information network to permit the secure exchange of electronic health information among providers.
Electronic Health Records (EHRs) Onsite server, network Cloud based solution Third party Off site server Promoted as Less expensive Simpler
8/15/2012
Models for Electronic Health Information Exchange Directly between providers E.g., Referral from one doctor directly to another Decentralized with a record locator service Centralized data bases Different models raise different privacy concerns
HIPAA Privacy Rule Federal baseline: scope Applies to most health care providers, as well as to health plans and health care clearinghouses (covered entities) Detailed provisions on the use and disclosure of protected health information Treats all health information the same (except separately maintained psychotherapy notes)
HIPAA Security Rule Applies to electronic protected health information Establishes administrative, physical and technical standards for securing ePHI to ensure access only by authorized persons and entities Scalable and flexible to meet requirements of various organizations
8/15/2012
Meaningful Use Incentives Eligible provider must conduct a security risk assessment per HIPAA Security Rule Qualified E H R technology must be able to be encrypted
8/15/2012
HITECH Improvements
Extends HIPAA to directly cover business associates (entities that perform services on behalf of covered entities that need access to PHI on regular basis)
HITECH expressly clarifies that health information exchange organizations are business associates Cloud-based EHRs are business associates
10
Subject to use and disclosure limits of HIPAA Privacy Rule Must comply with substantive provisions of HIPAA Security Rule
Access limitations Authentication Encryption
11
Improve patient access to quality care through Broader health insurance coverage
Health benefit exchanges for individuals and small groups
13
ACOs may be business associates Providers in ACO are eligible to receive Medicare claims data generated by other providers Individuals may opt out of having certain identifiable information shared
14
ACA Performance Measurement ACA requires CMS to make available to third parties (Qualified Entities) Medicare Data to be combined with other claims data for provider performance measurement.
8/15/2012
15
ACA Performance Measurement Final Rule on Availability of Medicare Data for Performance Management
Federal Register, vol. 76, page 76542 (!2/07/11)
8/15/2012
16
Health Insurance Exchange Rule Privacy and Security Establishment of Exchanges and Qualified Health Plans Final Rule Federal Register, vol. 77, page 18310 (03/27/12) State health insurance exchanges must establish and implement privacy and security standards that are consistent with the Fair Information Practice Principles.
45 CFR 155.260
17
Protecting Privacy
18