New Jersey HIPAA Health Law Lawyer & Attorney : Fox Rothschild LLP Law Firm : Serving Newark, Jersey City, Paterson, Princeton, Mercer County

At the end of June, Investor's Business Daily reported that Google, Microsoft, Aetna, Blue Cross/ and 27 other private organizations "agreed on" ground rules for protecting the privacy of the sensitive information" contained in personal health records (PHRs). Their Report indicated that the group has been working together for the past 18 months, and on Wednesday, June 26th, released the "hundreds of pages long" framework, which "starts with the idea that the information in a PHR is the user's to control -- and spells out how to guard it." 

The "best practices" agreed upon by this private workgroup are posted online. Among them is a policy that audit trails should be conducted so that consumers can see who is looking at their records.  In addition, the workgroup recommended that insurers, employers, and others be prohibited from seeing the information without the individual's prior authorization.  

• Email This
• Print
• Comments
• Trackbacks

• Email This
• Print
• Comments
• Trackbacks

In a June 10 HHS News Release, Secretary Mike Leavitt named the 12 communities that will participate in a 5-year national Medicare demonstration project that provides incentive payments to physicians for using certified electronic health records (EHR) to improve the quality of patient care (the "EHR Demo Project").  The communities selected to work with the CMS on the EHR Demo Project are:

• Alabama
• Delaware
• Jacksonville, FL (multi-county)
• Georgia
• Maine
• Louisiana
• Maryland/Washington, DC
• Oklahoma
• Pittsburgh, PA (multi-county)
• South Dakota (multi-state)
• Virginia
• Madison, WI (multi-county)

Over the five-year span of the project, total financial incentives and bonus payments provided to participating physician practices may be up to $58,000 per physician or $290,000 per practice.  Secretary Leavitt states:

"The use of electronic health records, and of health information technology as a whole, has the ability to transform the way health care is delivered in our nation [and] we believe that EHRs can help physicians deliver better, more efficient care for their patients, in part by reducing medical errors. This project is designed to demonstrate these benefits and help increase the use of this technology in practices where adoption has been the slowest at the individual physician and small practice level."

Although in some respects it is disappointing that New Jersey was not among the communities selected to be a part of the EHR Demo Project, perhaps it is an indication that physicians in this state are ahead of the curve with EHR adoption.  If this is indeed the case, New Jersey may already be well on its way to improving patient care and reducing health care delivery costs through the use of technology ..... making it a "winner" too. 

• Email This
• Print
• Comments (1)
• Trackbacks

In its May 28th Advisory Opinion, the Centers for Medicare & Medicaid Services (CMS) found that a hospital system's proposal to pay for customized software to facilitate communication between its electronic health record (EHR) system and EHR software used by physicians affiliated with the hospital would not constitute a prohibited compensation arrangement under the Stark Law.  CMS explained that since the software would be used solely to order or communicate results of tests and procedures furnished by the hospital, the arrangement would not be a prohibitive arrangement.  CMS also emphasized the relevance of the fact that the software could not be modified to perform an alternate function and could not be resold, transferred or assigned by an affiliated physician practice.  Since CMS found that the arrangement fell outside of the Stark Law's prohibition with respect to a "compensation arrangement," it did not address whether the arrangement complies with any of the physician self-referral exceptions, including the 2006 EHR Exception for arrangements involving donated EHR technology.

• Email This
• Print
• Comments
• Trackbacks

The Centers for Medicare & Medicaid Services (CMS) announced in a Press Release dated May 7, 2008 its new pilot test project in South Carolina that will use an on-line tool called a Personal Health Record (PHR) to give Medicare beneficiaries the ability to collect and then access information about their health or health care services, and collect information about their health.   CMS states that it is ensuring that strict privacy and security safeguards are in place to protect all beneficiary data.    

The CMS Press Release explains that one feature of the test pilot PHR allows individuals to look up information specific to their own personal health status and health conditions.  The PHR tool used in the pilot also provides convenient links to carefully selected Web sites with educational material on health topics.  This makes it easier for the beneficiary or other authorized users to do research that will help them understand their health issues and better manage their own care.  The beneficiary also will control who is able to see the information in the PHR, and will decide whether and with whom the information can be shared – from health care providers to caregivers and family members.  

The pilot, which began on April 4, 2008, is expected to run for 12 months and CMS will use information gathered from the pilot to determine future steps with respect to PHRs. 

• Email This
• Print
• Comments
• Trackbacks

On October 30, 2007, Secretary Mike Leavitt  of the Centers for Medicare and Medicaid Services announced on HHS.gov a five-year demonstration project that will encourage small to medium-sized physician practices to adopt electronic health records (EHRs).   In the federal government's Press Release, Secretary Leavitt stated: 

“This demonstration is designed to show that streamlining health care management with electronic health records will reduce medical errors and improve quality of care for 3.6 million Americans.  By linking higher payment to use of EHRs to meet quality measures, we will encourage adoption of health information technology at the community level, where 60 percent of patients receive care . . . We also anticipate that EHRs will produce significant savings for Medicare over time by improving quality of care.  This is another step in our ongoing effort to become a smart purchaser of health care -- paying for better, rather than simply paying for more.”

CMS will recruit about 100 physician practices of three to five physicians for each of 12 demonstration programs.  Under the programs, Medicare will pay bonuses for practices that use EHRs to report on and manage quality.  The level of bonuses has not yet been determined. 

Questions that will be asked specifically about EHRs will include: 

(1) What are the costs and savings from maximum use of EHRs?

(2) What affect does EHR use have on quality?

(3) What are other incentives for adoption?

(4) How does implementation of EHRs effect the work flow of practices?

(5) What is the degree of EHR functionality that practices actually use?  

The findings of the demonstration study could offer physicians proof that investing the time and money to covert their paper practices to EHRs is worth while . . . or not.  Many proponents of EHR maintain that implementation increases a practice's efficiency, quality of care, and has financial benefits over time.  If the demonstration project provides hard support to this effect, providers could be encouraged to implement electronic health record systems for their practices. 

• Email This
• Print
• Comments
• Trackbacks

Yesterday, the New York Times reported that Microsoft Corp. launched "HealthVault," a website designed to allow patients to store and manage their medical and health information, and which is described by Microsoft as "part filing cabinet, part library, and part fax machine for an individual's or a family's medical records and notes." 

Microsoft's HealthVault attempts to implement a "centralized model" of storing health information where patients arrange to have information downloaded to a centralized web-based data repository.  This model differs from the "decentralized model" where information remains in its original locations (e.g., the hospital, physician's office, laboratory), but is linked through a network of connections among participating providers who have agreed to "share" information when needed to treat a patient.   Which model will prevail remains to be seen, but some interesting points should be noted. 

From a HIPAA standpoint, HealthVault, and similar models that are popping up (e.g., goggle is working on a similar "vault"), are not directly subject to the requirements set forth in the Privacy and Security rules because they are not "health care providers," "health plans" or "health care clearinghouses."  Furthermore, such "vaults" may not even be "HIPAA Business Associates" because, as I currently understand these models to be, the agreement to store the information is between the patient and HealthVault, and so the services provided will typically not be "on behalf of" the health care provider. 

One question that is being asked by some is whether health care providers should, upon request by a patient, download all records in their possession to the vault without written assurance this information will be maintained private and secure?  But even if, as proponents argue, this sort of "information download" is analogous to a provider faxing the information to a destination requested by the patient, it raises other issues such as "is the provider required to download new information about the patient when it is received, or should providers wait for the patient to request each download?"  Then, if providers only download new information when their patients make the request on a case-by-case basis, and the patient fails to do so, does that create an incomplete picture of the patient and diminish the clinical value of such vaults?  Other issues include: who will pay for the administrative cost of providers taking the time to download information to such vaults, and will providers current software be compatible and allow for easy transmission? 

Similar patient-controlled Personal Health Record (PHR) have failed miserably in the past, which has led many to try alternate models such as decentralized direct provider-linked RHIOs.  Yet, it will be interesting to see whether HealthVault can make PHRs work.

• Email This
• Print
• Comments
• Trackbacks

Concerns continue to mount regarding the recent IRS memorandum declaring that nonprofit hospitals can share their e-health record software and support with physicians without losing their tax-exempt status. A recent report from Leerink Swann & Company contends that a heightened competitive environment in urban areas will be the result of the memorandum declaration, as hospitals vie to attract surgery and other hospital-based procedures. The report predicts that under the relaxed Stark Law, physician practices might delay an EMR purchase in hopes of local hospitals picking up the tab. In addition, hospitals may choose to only work with larger EMR vendors, potentially locking smaller vendors out of the marketplace. The report also notes that increased price competition and discounting among EMR vendors overall has resulted in lower profits.

• Email This
• Print
• Comments
• Trackbacks

According to a study published in the Journal of the American College of Surgeons (JACS), electronic health record (EHR) systems can potentially imbue enough cost reduction to pay for the cost of the system in under two years' time!   Despite growing enthusiasm and awareness of the benefits to patients, physicians have been slow to adopt EHRs often citing cost as an major obstacle to implementing an EHR.  Therefore, studies like this one which demonstrate that a positive return on investment is possible will be key to convincing skeptical physicians to part with their paper record systems.  

To find out more about the study design and findings, read on . . .

• Email This
• Print
• Comments
• Trackbacks

Do we really need more rules to protect health information?  Certain health experts seem to think so.   Dr. Deborah Peel, a psychiatrist and founder of Patient Privacy Rights Foundation, believes that "thousands" of electronic databases that contain patients' health records exist, and that those patients don't have any way to keep their personal information from being shared with third parties. 

• Email This
• Print
• Comments
• Trackbacks

Hartford Business Journal recently reported that privacy groups are sounding alarms as the nation’s largest insurance companies finalize plans to allow millions more customers to post their health records on the Internet.  Insurers like Hartford-based Aetna Inc. say Web-based tools help patients and physicians keep track of medical information while potentially holding down spiraling medical costs.  The articles stated that about 100 million insurance customers in the U.S. have access to Web-based tools, but companies don’t have an estimate of how widely they are used. Insurers hope to at least double the technology’s reach by the end of next year . . .

• Email This
• Print
• Comments
• Trackbacks