Presentation is loading. Please wait.

Presentation is loading. Please wait.

THE TENTH NATIONAL HIPPA SUMMIT ELECTRONIC HEALTH RECORDS NATIONAL HEALTH INFORMATION INFRASTRUCTURE LEGAL ISSUES APRIL 7, 2005 Paul T. Smith, Esq. Partner,

Published byVernon Tyler Modified over 8 years ago

Similar presentations

Presentation on theme: "THE TENTH NATIONAL HIPPA SUMMIT ELECTRONIC HEALTH RECORDS NATIONAL HEALTH INFORMATION INFRASTRUCTURE LEGAL ISSUES APRIL 7, 2005 Paul T. Smith, Esq. Partner,"— Presentation transcript:

1 THE TENTH NATIONAL HIPPA SUMMIT ELECTRONIC HEALTH RECORDS NATIONAL HEALTH INFORMATION INFRASTRUCTURE LEGAL ISSUES APRIL 7, 2005 Paul T. Smith, Esq. Partner, Davis Wright Tremaine LLP One Embarcadero Center, Suite 600 San Francisco, CA 94111 415.276.6532 paulsmith@dwt.com

2 National Health Information Infrastructure v Executive Order 1335, April, 2004—  Called for widespread adoption of interoperable EHRs within 10 years  Created position of National Coordinator for Health Information Technology  ONCHIT issued a Framework for Strategic Action issued July 21, 2004  Consists of 4 goals, each with 3 strategies

3 Goals of the NHII v Informing Clinical Practice  Promoting use of EHRs by Incentivizing EHR adoption Reducing the risk of EHR investment

4 Goals of the NHII v Interconnecting clinicians by creating interoperability through  Regional health information exchanges  National health information infrastructure  Coordinating federal health information systems

5 Goals of the NHII v Personalizing care  Promotion of personal health records  Enhancing consumer choice by providing information about institutions and clinicians  Promoting tele-health in rural and underserved areas

6 Goals of the NHII v Improving population health  Unifying public health surveillance  Streamlining quality of care monitoring  Accelerating research and dissemination of evidence

7 National Health Information Infrastructure v NHII will consist of standards and technology for--  EHR interoperability  Mobile authentication  Web services architecture  Security technologies v Based on standards developed by privately financed consortiums facilitated by HHS

8 National Health Information Infrastructure v Incentives  Regional grants and contracts for EHR collaboratives  Improving access to low-interest loans  Updating anti-kickback and Stark restrictions  Medicare reimbursement for use of EHRs  Medicare pay-for-performance

9 Regional Health Information Organizations v State and local health information exchange projects v Seed funding through  HHS Agency for Health Care Policy and Research (AHCPR)  Foundation for eHealth Initiative’s Connecting Communities for Better Health program

10 Regional Health Information Organization RHIO Provider Health Plan Consumers Public health surveillance Quality accountability Research

11 Consumer Control v NHII—  “Consumer-centric”  Includes a personal health record  Has a strong theme of consumer “ownership” v Consumer consent not required for inclusion in RHIO by provider, as long as there are Appropriate safeguards Restrictions on use and disclosure

12 Consumer Control v Many advocate an “opt-in” model v What rights should the consumer have to—  Control data going into the NHII?  Control access to that data? HIPAA does not differentiate v What are the implications for providers?

13 What is the privacy rule? Covered by HIPAA: v Health care providers v Health plans Not Covered: v Public health authorities v Health care regulatory authorities v Researchers v The RHIO itself Does the NHII need a uniform privacy standard?

14 Policing the RHIO v Not directly regulated v Covered entities disclosing health information are required to obtain & enforce contractual assurances that the RHIO will--  Safeguard the data (security)  Restrict uses and disclosures to those permitted to the covered entity (privacy)  Return or destroy the data on termination, if feasible

15 Policing the RHIO v A covered entity is liable for breaches by business associate if the covered entity--  Learns of a pattern or practice of violations, and  Fails to take reasonable and appropriate remedial measures v Weak standard

16 Regulating Secondary Uses v Health care oversight and regulatory agencies  As permitted by state or federal law v Law enforcement  As permitted by state or federal law  HIPAA allows administrative requests v Researchers  Non-identifying information, or  Identifying information with individual authorization Authorization can be “waived” by IRC or privacy committee

17 Security in a RHIO Covered entities must maintain reasonable and appropriate administrative, technical and physical safeguards— v To ensure confidentiality and integrity of information v To protect against reasonably anticipated-- threats to security or integrity unauthorized uses or disclosures

18 Security in a RHIO v Basic requirements with implementation features v Technology neutral, flexible and scalable v To be implemented in a manner that best suits the entity’s needs, circumstances and resources, taking into account  Size, complexity and capabilities  Technical infrastructure and capabilities  Cost of security measures  Potential risks to health information

19 Security in a RHIO v Standards with implementation features:  Standard: access control  Implementation feature: Unique user identification (password, PIN, biometric)

20 Security in a RHIO Implementation features are either— v Required—must be implemented  e.g., unique user identification v Addressable  Must be implemented if reasonable and appropriate; otherwise alternative measure must be implemented  e.g., encryption

21 Security in a RHIO What is missing? v Clearly defined, uniform security requirements  Access restrictions  Authentication with non-repudiation v Technical restrictions on use v Audit trials v Enforcement

22 E-Prescribing – MMA of 2003 v Federally mandated standards for electronic prescriptions for Medicare enrollees v Would preempt state law v Implementation Schedule:  Proposed standards issued February 4, 2005  Compliance date January 1, 2006  Additional standards by April 1, 2008

23 E-Prescribing – MMA of 2003 E-Prescribing will— v Improve quality by reducing errors resulting from  Bad handwriting  Drug interactions and allergies v Provide current drug information to inform choices v Promote the use of lower-cost alternatives

24 E-Prescribing – MMA of 2003 v Electronic transmittal between prescriber and dispensing pharmacist of information on –  The prescription  Eligibility and benefits  Formulary information, including lower-cost alternatives

25 E-Prescribing – MMA of 2003 v Anti-kickback safe harbor and Stark exception for providing information technology to physicians for e-prescribing

26 Email v It’s here  AMA supports use  Some payers reimburse email consultations  Security issues  Lack of encryption  Impersonation & other problems v Appropriate use v Integration into the health record

Download ppt "THE TENTH NATIONAL HIPPA SUMMIT ELECTRONIC HEALTH RECORDS NATIONAL HEALTH INFORMATION INFRASTRUCTURE LEGAL ISSUES APRIL 7, 2005 Paul T. Smith, Esq. Partner,"

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Health Information Technology Framework for Strategic Action U.S. Department of Health and Human Services Office of the National Coordinator for Health.

Health Information Technology Framework for Strategic Action U.S. Department of Health and Human Services Office of the National Coordinator for Health.
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.

NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.
Massachusetts privacy law and your business  Jonathan Gossels, President, SystemExperts Corporation  Moderator: Illena Armstrong  Actual Topic: Intersecting.

Massachusetts privacy law and your business  Jonathan Gossels, President, SystemExperts Corporation  Moderator: Illena Armstrong  Actual Topic: Intersecting.
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
Confidentiality, Ethics, Privacy, and Access REPORT FROM CONFIDENTIALITY, ETHICS, PRIVACY AND ACCESS Group B.

Confidentiality, Ethics, Privacy, and Access REPORT FROM CONFIDENTIALITY, ETHICS, PRIVACY AND ACCESS Group B.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.

Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.
Lecture 14 Policy, Legal, and Regulatory Issues in HIS (Chapters 18,19,20)

Lecture 14 Policy, Legal, and Regulatory Issues in HIS (Chapters 18,19,20)
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Restrictions on Referrals v Federal law prohibits referrals among providers that have tainted financial relationships v Any arrangement that confers an.

Restrictions on Referrals v Federal law prohibits referrals among providers that have tainted financial relationships v Any arrangement that confers an.
Health Information Technology Nationwide Activities and Issues Roy H. Wyman, Jr. May 7, 2009.

Health Information Technology Nationwide Activities and Issues Roy H. Wyman, Jr. May 7, 2009.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.

Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.

Similar presentations

Ads by Google