If you've read the American Recovery and Reinvestment Act (ARRA) of 2009, you know that the money is in EHRs. But are hospitals really focused on implementation these days, and what are some of the major barriers?
A quick Google search for this information reveals a barrage of articles, many of which yield somewhat conflicting statistics. Consider the March 25 online report published by the New England Journal of Medicine that indicates hospitals are definitely behind the eight ball when it comes to EHRs. Only 1.5% of the 3,049 U.S. hospitals surveyed had a comprehensive system (i.e., it includes hospital-wide clinical documentation of cases, test results, prescription and test ordering, plus support for decision-making that includes treatment guidelines).
"This is mostly because physicians are resistant to adopt EHR technology that changes their work patterns," says Kelly McLendon, RHIA, president of Health Information Xperts, LLC, in Titusville, FL.
"The very low levels of adoption of electronic health records in U.S. hospitals suggest that policymakers face substantial obstacles to the achievement of health care performance goals that depend on health information technology," states the report.
Of the 304 respondents—many of whom responded prior to President Obama's February 17 signing of ARRA—31% said the primary focus would be ensuring their organization has a full EMR. Seventeen percent said the primary focus would be the installation of a CPOE. To assess the impact that the ARRA will have on HIT spending, HIMSS is gathering additional information from survey respondents, according to the press release.
At NorthShore University HealthSystem in Evanston, IL, EHR adoption and CPOE have been top priorities since 2001 when the system began its implementation process. Physicians were on board with the technology because they were simply told "this is the way we were going to be doing business," says Terri Bunsen, chief privacy officer for the four-hospital and 70 plus physician office health system.
NorthShore is one of two recipients of the HIMSS Stage 7 award that recognizes hospitals for achieving a paperless advanced patient record environment. The award is part of a larger EMR adoption model that HIMSS Analytics uses to track the progression of hospital EMR adoption nationwide.
ARRA specifically references physician order entry and clinical decision support as prerequisites, although the specifics of these requirements remain unknown. And there may continue to be a big question mark until December 31—the date by which the HHS Secretary will adopt an initial set of standards, implementation specifics, and certification criteria.
The available incentives should definitely help to spark widespread adoption, McLendon says, although he admits that CPOE may be the most challenging aspect of implementation. "It [ARRA] gives hospitals millions of dollars worth of reasons to procure good EHR software and mandate adoption," he says. "But the hospital has to have the political will to mandate full use of CPOE and other decision-support tools across the entire clinical and medical staff."
Lisa Eramo, CPC is a senior managing editor in the health information management division of HCPro, Inc.She is located in Rhode Island and writes content for the company's flagship newsletter, Medical Records Briefing. Contact her atleramo@hcpro.com.
New federal HIPAA laws are here. Anxiety at hospitals is not.
That wasn’t the case in 2003, when providers scrambled for answers to comply with the new privacy and security rules of HIPAA.
Then, many even had trouble even getting the acronym right (admit it, we’ve all written "HIPPA" at one time or another).
Here we are today, six years later, and with a Congress eager to move the industry to EHRs by 2014—and even more eager to protect patients’ privacy in the process.
Now that Congress (finally) strengthened HIPAA enforcement and toughened compliance requirements through breach notification processes and accounting of disclosures on EHRs, what’s the reaction in the industry?
Well, picture this. It’s kind of like the Boston Celtics just signed Larry Bird. Not Larry Bird, the NBA Hall of Famer, three-time NBA champion and three-time NBA Most Valuable Player of the 1980s.
We’re talking about Larry Bird today—the 52-year-old, out-of-shape president of Basketball Operations for the Indiana Pacers.
If you’re the rest of the league, you’re not really sweating it.
Analysis: HITECH Gives HIPAA New Teeth
HITECH Act will impose stricter HIPAA requirements and stiffer penalties for violations. But at this point, the changes aren't worth losing a lot of sleep over. —Elyas Bakhtiari
"I'm afraid that at this time we are not moving too quickly with any changes in our practices," one privacy officer told us. "The corporate direction we have been given does not have us moving immediately to revise applicable policies/procedures. As we both know, once a bill is signed there are timetables by which compliance will be required and that, generally, allows organizations sufficient time to bring their practices up-to-date. We are, merely, digesting all the material that is coming out with respect to this Act."
That’s the Cliff’s Notes version of our research at this point. The key phrase here is reluctance—not ignorance.
Hospitals certainly plan to do something in light of security provisions in the HITECH Act. In fact, 98% of respondents in our HITECH survey of 300 privacy and security officers said they plan to revisit their HIPAA compliance and training programs.
"One thing I do see is people taking their policies off the shelf and revisiting them to see how they will need to be amended to accommodate those requirements and definitions which are soon to be established by those governmental entities as identified within the HITECH Act," says Frank Ruelas, MBA, the creator of www.hipaabootcamp.com who is based out of Scottsdale, AZ. "Sometimes it takes an event such as the passage of new legislation to serve as the tipping point to get folks to take action."
So why the reluctance now?
Our feedback tells us hospitals don’t want to move too much with regulations that have yet to be defined. And there are a host of them, including:
The definition of "unsecured protected health information"
What must be included in an accounting of disclosures in EHRs
When the Secretary of HHS will conduct audits of organizations
What "meaningful user" means on EHR
And in a shocker, hospitals said they just can’t invest money right now.
Furthermore, some providers told us they’re more worried about the Red Flags Rule deadline—May 1. Hospitals considered to be creditors must set up a policy and procedure that helps them identify "red flags" on identity theft, prevents them and corrects them through self-audits (the FTC last week came out with some nice guidance to help comply).
So where is your organization on the HITECH Act? Is the panic button a 2 or 3, or is it up to a 9 or even a 10?
If you’re like most of the industry it’s probably the former. And essentially, those hospitals with a strong HIPAA compliance and training program in place should be fine with the new regs. If you are confident your facility won’t have a breach, then you need not worry about federal auditors or breach notification requirements.
But for those who don’t have a policy in place—and perhaps those who have suffered a breach of privacy at one point (see: CVS)—then, well, maybe your panic level should be a 10.
Because after all, federal law is federal law. Just like Larry Bird is Larry Bird.
The state of the economy has many boards wondering about the capabilities of their executive teams. Experts say it will benefit organizations to take a close look at its productivity and processes, questioning cash flow and liquidity, strategies and action plans, and risk profiles. Boards should also be determining whether the right executive leadership team is in place to guide the organization into the future.
Provena Covenant Medical Center, a non-profit hospital in Champaign, IL, lost its tax-exempt status five years ago when local officials determined it was not providing enough charity care for needy patients. In 2008, the state Supreme Court agreed to review an August state Appellate Court ruling that dealt a huge setback to non-profit hospitals. Provena's attorneys argued that free care should not be the sole criteria when deciding whether a hospital is a charitable institution, but the appeals court rejected that position. The decision sent shock waves through Illinois non-profit hospitals, which account for roughly three out of every four hospitals in the state and more than half of all hospitals in the country.
Over the past six months, 18 mothers and 19 newborns have become sick with a dangerous bacterial infection soon after being released from Beth Israel Deaconess Medical Center in Boston, triggering a state investigation that uncovered serious problems with the hospital's infection control practices. Ten of the infected patients became so ill that they required hospitalization, and two of those had serious complications.
Los Angeles County supervisors have agreed to pay $3 million to settle a lawsuit brought by the children of Edith Rodriguez, the woman who died after writhing in pain for 45 minutes on the waiting-room floor of Martin Luther King Jr.-Harbor Medical Center in Los Angeles. Rodriguez's death helped to precipitate the closure of the long-troubled hospital after federal regulators determined that staffers had failed to deliver a minimum standard of care.