CHIME Weighs in on Proposed HIPAA Disclosure Rules
Proposed federal rules requiring providers and payers to let patients know when anyone accesses their electronic medical records would be difficult to meet and should be scaled back, says a comment letter filed by the College of Healthcare Information Management Executives.
Ann Arbor-based CHIME contends that the federal government's rules rely too much on technical capabilities that aren't widely available and fail to acknowledge the amount of human intervention necessary to achieve compliance.
The group's primary concern is a requirement that would extend responsibility for protected health information contained within a designated record set to include a new right to a consolidated access report. CHIME contends that DRSs are "too broadly defined and too variable in today's health IT environment," and that the ability to aggregate hundreds or thousands of access events in any automated fashion "is not realistic for most covered entities."
The reports would identify who has accessed a patient's protected health information so a patient would know if a specific person had looked at it.
CHIME, which represents more than 1,400 CIO members as well as healthcare IT vendors and professional services firms, wants the access report requirement dropped. But if the requirement remains in the rule, then CHIME suggests that only data gathered through certified electronic health records, not the full array of designated record sets, should populate the access reports.
- Two-Midnight Rule Must be Fixed or Replaced, Say Providers
- Don't Underestimate Emotional Intelligence
- The Secret to Physician Engagement? It's Not Better Pay
- Care Coordination Tough to Define, Measure
- SCOTUS Review of NC Board Case 'A Very Big Deal' to Providers
- Yale New Haven Health Partners with Tenet Healthcare in CT
- CDC Warns of Antibiotic Overuse in Hospitals
- Physicians Take SGR Repeal Message to Washington
- Size Matters in Antibiotic Overuse
- Excluded Benefits Lists Spark Debate