As federal support for EHR implementation ebbs, other HIT projects are crowding in to keep spending strong. Aging financial management systems will need to be replaced as pay-for-performance ramps up as a result of the Patient Protection and Affordable Care Act. The mandated switch to the ICD-10 diagnostic and procedural code set, requiring updates in IT systems, as well as more advanced coding systems to handle the vastly increased code granularity, not to mention the new technical complexities felt by state Medicaids and CMS itself, is already making good business for firms like Cognosante, a brain trust of some of the most talented healthcare IT people in the country.
BCC Research recently predicted that total spending on clinical health IT would soar to $26.1 billion a year in five years, up from $9.5 billion in 2011 and $11.2 billion in 2012. CarePrecise builds provider databases targeting various applications within the healthcare industry, including EHR, HIE, HIX and Sunshine Law (Open Payments) applications.
Joseph Conn has an excellent article in Modern Healthcare will more details.
May 21, 2013
January 18, 2013
When the HIPAA privacy rule first went into effect, business associates of hospitals, physicians, etc. didn't have to worry about getting in trouble for releasing data in ways that violate patients' privacy.
In light of several years of clumsy handling of patient data by contractors and employees, it's perhaps not surprising that HHS is changing the rules to extend the strict HIPAA privacy rules -- and penalties for violations -- to external vendors and IT communities.
If you work in any way with patients' medical data -- whether as a data processor, consultant, IT contractor, EHR installer, whatever -- you'd better get familiar with the new rule that goes into effect March 26. It clarifies when breaches need to be reported to the Office for Civil Rights, scraps the old standards for the use of patient-identifiable data for marketing and fundraising purposes, and expands direct liability under the law to so-called “business associates” of HIPAA-covered entities.
Perhaps equally interesting is that patients once again will have the right to limit release of treatment records to insurance companies if they paid out-of-pocket on that treatment. Look out for problems and potential fines related to goof-ups related to granting access to the wrong business partners on the wrong data. Greatly increased penalties for privacy and security violations under the ARRA are explained in the new ruling.
Read the HHS news release.
Read the rule in the federal register (you've still got time to comment).