HHS Addresses Privacy, Security Concerns in EHR Program
HIPAA privacy and security concerns with the government's EHR certification program are so great that hundreds of practitioners have called for the program's cancellation, the Department of Health & Human Services (HHS) announced in its final rule on meaningful use released Tuesday.
It hasn't happened, of course.
The final rule, issued through the Centers for Medicare & Medicaid Services (CMS), defines "meaningful use" for the first two years (2011 and 2012) of a long-term financial incentive plan through Medicare and Medicaid under the Health Information for Economic and Clinical Health (HITECH) Act, signed into law by President Barack Obama February 17, 2009.
HHS released a second final rule the same day, through the Office of the National Coordinator for Health Information Technology (ONC). It establishes an initial set of standards, implementation specifications, and certification for EHR technology for vendor products.
Through its technology standards final rule, HHS addresses privacy and security concerns by requiring organizations to perform risk analyses and correct security deficiencies and by requiring the EHR technology to include among other security functions:
- Encryption capabilities
- Auditing capabilities including read-only access to patient records
- Automatic log-off capabilities
- File and message integrity checking
- CEO Exchange: Preparing for Population Health
- Advocate, NorthShore Deal Would Create 16-Hospital System
- 3 Strategies for Retaining Millennial Employees
- Better HCAHPS Scores Protect Revenue
- Power of price: In South FL and the nation, healthcare costs often are shrouded in secrecy
- Two NY hospitals to offer free hip and knee replacement surgeries for qualifying patients in December
- CEO Exchange: Pressure is On to Partner, Drive Quality
- Top Reason for Nurse Turnover: Managers
- Hospital mergers may lead to higher prices
- Healthcare data of 1 million NJ patients compromised since 2009