CHIME Weighs in on Proposed HIPAA Disclosure Rules
Proposed federal rules requiring providers and payers to let patients know when anyone accesses their electronic medical records would be difficult to meet and should be scaled back, says a comment letter filed by the College of Healthcare Information Management Executives.
Ann Arbor-based CHIME contends that the federal government's rules rely too much on technical capabilities that aren't widely available and fail to acknowledge the amount of human intervention necessary to achieve compliance.
The group's primary concern is a requirement that would extend responsibility for protected health information contained within a designated record set to include a new right to a consolidated access report. CHIME contends that DRSs are "too broadly defined and too variable in today's health IT environment," and that the ability to aggregate hundreds or thousands of access events in any automated fashion "is not realistic for most covered entities."
The reports would identify who has accessed a patient's protected health information so a patient would know if a specific person had looked at it.
CHIME, which represents more than 1,400 CIO members as well as healthcare IT vendors and professional services firms, wants the access report requirement dropped. But if the requirement remains in the rule, then CHIME suggests that only data gathered through certified electronic health records, not the full array of designated record sets, should populate the access reports.
- mHealth Tackles Readmissions
- 'Kafkaesque' Value System Unfairly Penalizes Doctor Pay
- CNO Leads $1M Charge for New Scrubs, Uniforms
- Targeting Self-Insured Populations
- MA an Insurance Proving Ground for Providers
- Sharp HealthCare Leaves Pioneer ACO Program
- Some Cancer Hospitals' Quality Data Will Soon Be Public
- Proton Beam Therapy Poised for Growth in US
- Docs Fret as HHS Addresses Malpractice Reporting 'Loopholes'
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013