The Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security
|
|
- Mildred Lambert
- 8 years ago
- Views:
Transcription
1 The Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security NCHICA 11th Academic Medical Center Security & Privacy Conference, June 22-24, 2015 Panel Leader: Panelists: Amy Leopard, JD (Bradley Arant Boult Cummings) Patricia Corn (Wake Forest Baptist Health) Becky Tate (MEDHOST) 1
2 Agenda Overview of uses of Portals and PHRs Review state and federal laws and regulations Consider practical issues providers must manage sharing among patients Allowing API for view, download, transmit Patient managed access Managing patient directed disclosures (third parties) Patients managing information from multiple vendors Authorization process Patients managing proxy access for others Amendment of PHI 2
3 Overview of Portals and PHRs 3
4 Consumer Driven Healthcare Movement Physicians Payer Consumer Hospitals HSA Rx 4
5 Patient empowerment and Consumerism Overblown Trend Real, we're gearing up issues we need to pay attn to 2009 HDM Poll of 137 5
6 Goals of a PHR Patient Perspective Easily manage access Organize health information from disparate providers in a single location Tools that support wellness and self-management Manage data sharing with health care providers Desire ease of use Automation - Manual entry of information is errorprone and time consuming 6
7 Goals of a PHR - Provider Perspective Tools to better manage health Analytics to monitor treatment Continuity of care and accessibility of data for paper-based system Tools promoting patient engagement 7
8 Uses for PHRs: Store health information Health risk assessment profile Targeted educational modules Clinical decision support for patient self-management of health risks Provider interaction for appointment and Rx refills Patient monitoring from medical device interface 8
9 PHR Data Set PHR DATA SET Name, demographics Family History Immunizations Recent encounters Hospitalizations, surgeries, procedures Medication List Lab, Pharmacy, Ancillary Health risk assessment Medical Power of Attorney Claims data and benefit coverage Medical and wellness device results Progress Notes 9
10 Different PHR Models Provider Patient Portal Most common form of personal health record Health Plan Consumer Portal United, Shared Health, AHIP and BCBSA Health Information Trust Custodian ehealth Trust Model Employer consortium for data repository on member employees Dossia Private label PHR for employers and health plans WebMD license 10
11 Patient Risks Risks of View Public computer, logoff Risks of Download Authentication, notice that patient has responsibility to protect Risks of transmitting health information Identity proofing and authentication of patients, personal representatives, other family, friends HIT Policy Committee Privacy and Security Workgroup 11
12 Regulatory Environment and PHRs 12
13 Which Federal Agency Should Enforce Privacy /Security Laws Against Vendors?... 13
14 HITECH and ARRA Drivers Meaningful Use HITECH e-copy Rights View online, download, transmit PHI Any provider or health plan digital format Forward to labor cost HIE Significantly expand access and PHI transmission to PHR Vendors Application Developers Competitors
15 Covered Entity under HIPAA? Providers filing claims electronically. Hospitals, physician groups, nursing homes, labs, pharmacies, doctors, nurses, dentists, psychotherapists Plans or Payors. MMO, Cigna, United Health Care, Anthem, Aetna Employer > 50 with self funding Clearinghouses standardizing PHI for others such as most billing services like WebMD Envoy. Business Associates Who create or receive PHI in order to perform function on behalf of Covered Entity now subject to certain HIPAA Privacy and Security provision under HITECH 15
16 HIPAA Business Associates Definition HITECH definition of BA includes: Vendors contracting with CE to allow CE to offer patients PHR as part of its ehr Organizations transmitting PHI data to a CE or its BA and requiring access to the PHI on routine basis HIE Organization, RHIO, Eprescribing Gateway PHR Vendors are not regulated directly by HIPAA unless BA above: But could be regulated by HITECH... 16
17 Data Flow is a Critical Regulatory Issue PHR = electronic record of individual health information drawn from multiple sources and managed, shared, and controlled by or for individual Tethered? PHR Business Associate: Vendors contracting with CE to allow CE to offer patients a portal or a PHR as part of its EHR PHR Vendor Entity, other than a CE, that offers or maintains a PHR directly with individual Source: {text} 17
18 Personal Health Data Check Data Flow and Covered Entity Status!! Data from Individuals to Covered entities = PHI Permissible uses and disclosures or HIPAA authorization Marketing Rules Sale of PHI PHI may also be regulated by FTC
19 Consumer Directly Supplies Health Information to Non-Covered Entities HIPAA does not apply to PHRs offered by employers or by PHR vendors directly to consumers FTC regulates PHR Vendors as well as compliance with privacy policies of entity offering PHR (See ONC Model PHR Notice)
20 Medicare and Medicaid EHR Meaningful Use To be eligible for Medicare/Medicaid incentives, providers must demonstrate Certified EHR provides for electronic exchange of health information to improve quality of care EHR Measures and Objectives for Meaningful Use enable patients to view, download and transmit their health information ONC being urged to consider connection to PHR NCVHS health plan testimony: QI, disease mgt, and care coordination support portability of data in PHRs to aid transition to meaningful use of EHRs.. 20
21 Meaningful Use Stage 3 NPRM Allowing API for view, download, transmit HIT Policy Committee Privacy and Security Workgroup studying Privacy and Security Issues Related to Increasing Patient Access to Data through either VDT Technologies or open APIs Increasing number of APIs connecting EHR 21
22 HITECH digital rights... Right to Access PHI in Electronic Format patients may request copy of ehr in electronic format maintained by CE instruct CE to forward EHR to any designated person at entity s labor cost only. Significantly expand patient access to electronic formats and increase PHI transmission to others PHR vendors, health record data banks and HIE/RHIOs. Who owns data? More importantly who has right to access and control data? 22
23 FTC Regulation and Exercise of Enforcement Authority Under FTC Act 5 Section 5 of the FTC Act: Unfair and Deceptive Acts or Practices Deceptive: Not implementing stated privacy policies Misrepresenting the extent to which privacy and security of information collected I used, maintained, and protected Unfair: Alleged failure to implement reasonable and appropriate security measures (or to ensure service providers did so) BUT HIPAA MAY NOT BE THE STANDARD!!!!
24 FTC PHR Breach Notice Rule -- for Non-HIPAA CEs and BAs PHR Vendors (200) entity, other than HIPAA-CE or BA of HIPAA-CE that offers or maintains a PHR PHR Related Entities (500) Non-covered entities or BAs that: offer products or services via website of PHR vendor CEs offering PHRs access PHR information or send info o PHR 3rd Party Service Providers to PHR Entities (200) Provides services to above PHR Entities and as a result, Access, maintain, retain, modify, record, store, destroy or otherwise hold, use or disclose unsecured PHR IHI 24
25 Other Legal Considerations Contractual Obligations Contracts Ownership general governed by contract, but legal ownership may be secondary to concerns over uses and disclosures of copies of the data Documentation Consent Enrollment and verification Patient EULA s Terms and Conditions Privacy and Security Ownership of data Uses and disclosures Warnings re: urgent and emergent care Disclaimers and Limits of Liabilities
26 Other Legal Considerations State Laws State Law Issues Personal Data Sensitive information Consumer Protection Laws Consent issues Proxies Minors Malpractice Constitutional Right to Privacy
27 Other Legal Considerations: Secondary Uses Threshold issue: Provide transparency to consumers via disclosure of secondary uses and safeguards De-identified data Authorization from Individual Limited Data Sets for Research, public health or QI Population-based activities to improve health or reduce healthcare costs 27
28 Risks with De-identified Data 28
29 PHRs Practical Considerations 29
30 Practical Considerations Educating patients about their role in protecting their health information Patient managed access Patient education (staff support) Patient identity validation Shared s Proxy access management Release of information Sensitive info Minors and state consent laws 30
31 Practical Considerations Documentation Are existing notices and forms sufficient? (NOPP, Authorization Form, Terms of Use of Patient Portal/PHR) Managing sensitive information Using and managing consumer driven data 31
32 Practical Considerations Addressing amendment requests Encouraging patient use in order to decrease printing of PHI 32
33 QUESTIONS? Amy Leopard Patricia Corn Becky Tate 33
Data Breach, Electronic Health Records and Healthcare Reform
Data Breach, Electronic Health Records and Healthcare Reform (This presentation is for informational purposes only and it is not intended, and should not be relied upon, as legal advice.) Overview of HIPAA
More informationIt s a New Regulatory Landscape: Do You Know Where Your Business Associates are and What They are Doing?
It s a New Regulatory Landscape: Do You Know Where Your Business Associates are and What They are Doing? The AMC Privacy & Security Conference Series Securely Connecting Communities for Improved Health
More informationBusiness Associate Considerations for the HIE Under the Omnibus Final Rule
Business Associate Considerations for the HIE Under the Omnibus Final Rule Joseph R. McClure, Esq. Counsel Siemens Medical Solutions USA, Inc. WEDI Privacy & Security Work Group Co-Chair Agenda Who is
More informationHealth Care - Meaningful Use of HITECH
Planning for the Stimulus - Achieving Meaningful Use of Healthcare IT John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center My Definition of Meaningful Use Processes and
More informationDecember 2014. Federal Employees Health Benefits (FEHB) Program Report on Health Information Technology (HIT) and Transparency
December 2014 Federal Employees Health Benefits (FEHB) Program Report on Health Information Technology (HIT) and Transparency I. Background Federal Employees Health Benefits (FEHB) Program Report on Health
More informationBusiness Associates: HITECH Changes You Need to Know
Business Associates: HITECH Changes You Need to Know Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine LLP beckywilliams@dwt.com 1 Who Is a Business Associate? A
More informationCovered Entities and Business Associates: An Evolving Relationship
Covered Entities and Business Associates: An Evolving Relationship Rebecca L. Williams, RN, JD Partner, Chair of HEALTH/HIPAA Practice Davis Wright Tremaine LLP beckywilliams@dwt.com 1 No health care provider
More informationHow To Prepare For A Patient Care System
Preparing for Online Communication with Your Patients A Guide for Providers This easy-to-use, time-saving guide is designed to help medical practices and community clinics prepare for communicating with
More informationFederal Employees Health Benefits Program Report on Health Information Technology (HIT) and Transparency. September 2007
Federal Employees Health Benefits Program Report on Health Information Technology (HIT) and Transparency Executive Summary September 2007 This report is based on information collected from health participating
More informationJoe Dylewski President, ATMP Solutions
Joe Dylewski President, ATMP Solutions Joe Dylewski President, ATMP Solutions Assistant Professor, Madonna University 20 Years, Technology and Application Implementation Experience Served as Michigan Healthcare
More informationNew HIPAA Rules and EHRs: ARRA & Breach Notification
New HIPAA Rules and EHRs: ARRA & Breach Notification Jim Sheldon-Dean Director of Compliance Services Lewis Creek Systems, LLC www.lewiscreeksystems.com and Raj Goel Chief Technology Officer Brainlink
More informationHITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What?
HITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What? Introduction This material is designed to answer some of the commonly asked questions by business associates and other organizations
More informationA How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1
A How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1 Policy and Procedure Templates Reflects modifications published in the Federal Register
More informationBusiness Associates, HITECH & the Omnibus HIPAA Final Rule
Business Associates, HITECH & the Omnibus HIPAA Final Rule HIPAA Omnibus Final Rule Changes Business Associates Marissa Gordon-Nguyen, JD, MPH Health Information Privacy Specialist Office for Civil Rights/HHS
More informationThe HITECH Act: Implications to HIPAA Covered Entities and Business Associates. Linn F. Freedman, Esq.
The HITECH Act: Implications to HIPAA Covered Entities and Business Associates Linn F. Freedman, Esq. Introduction and Overview On February 17, 2009, President Obama signed P.L. 111-05, the American Recovery
More informationKey HIPAA HITECH Changes. Gina Kastel, Partner, Health and Life Sciences
Key HIPAA HITECH Changes Gina Kastel, Partner, Health and Life Sciences Agenda Business Associates Restrictions on Disclosures Access to PHI Notice of Privacy Practices Fundraising 2 Business Associates
More informationShipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS
Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009
More informationMeaningful Use Crosswalk to the Security Rule
Meaningful Use Crosswalk to the Security Rule Safeguarding Health Information: Building Assurance through HIPAA Security June 7, 2012 Adam H. Greene, J.D., M.P.H. Partner, Davis Wright Tremaine EHR Certification
More informationNATIONAL HEALTH POLICY FORUM. January 2010
NATIONAL HEALTH POLICY FORUM January 2010 TAKE 1: OVERY ACT FUNDING FLOWS Funding Source Program Distribution Agency Funding Use Fund Recipients / Beneficiaries Entitlement Funds Appropriated Funds Medicare
More informationLOOKING FORWARD TO STAGE 2 MEANINGFUL USE. 2012 Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley
LOOKING FORWARD TO STAGE 2 MEANINGFUL USE 2012 Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley Topics of Discussion Stage 2 Eligibility Stage 2 Meaningful Use Clinical Quality Measures Payment
More informationHIPAA and the HITECH Act Privacy and Security of Health Information in 2009
HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:
More informationAdopting an EHR & Meaningful Use
Adopting an EHR & Meaningful Use Learn how to qualify for the EHR Incentive Program The materials in this presentation, or prepared as part of this presentation, are provided for informational purposes
More informationIssue House Bill (H.R.1) Senate Amendments to H.R.1 American Recovery and Reinvestment Act of 2009
An Overview of Major Health Information Technology, Public Health, Medicaid, and COBRA Provisions of the American Recovery and Reinvestment Act of Health Information Technology, Health Care Quality, and
More information1. Introduction - Nevada E-Health Survey
1. Introduction - Nevada E-Health Survey Welcome to the Nevada E-Health Survey for health care professional providers and hospitals. The Office of Health Information Technology (OHIT) for the State of
More informationNew HIPAA regulations require action. Are you in compliance?
New HIPAA regulations require action. Are you in compliance? Mary Harrison, JD Tami Simon, JD May 22, 2013 Discussion topics Introduction Remembering the HIPAA Basics HIPAA Privacy Rules HIPAA Security
More informationHealth Information Privacy Refresher Training. March 2013
Health Information Privacy Refresher Training March 2013 1 Disclosure There are no significant or relevant financial relationships to disclose. 2 Topics for Today State health information privacy law Federal
More informationIsaac Willett April 5, 2011
Current Options for EHR Implementation: Cloud or No Cloud? Regina Sharrow Isaac Willett April 5, 2011 Introduction Health Information Technology for Economic and Clinical Health Act ( HITECH (HITECH Act
More informationCMS-0033-P; Medicare & Medicaid Programs; Electronic Health Record Incentive Program Proposed Rule
Centers for Medicare & Medicaid Services Department of Health and Human Services Room 445-G, Hubert H. Humphrey Building 200 Independence Avenue, SW Washington, DC 20201 Re: CMS-0033-P; Medicare & Medicaid
More informationHealth Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1
Health Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1 1. What is an Electronic Health Record (EHR), an Electronic Medical Record (EMR), a Personal Health Record (PHR) and e-prescribing?
More informationThe basics of Health Information Technology
The basics of Health Information Technology 2012 1 What is Health Information Technology? Health IT, or e-health, is increasingly viewed as the most promising tool for improving the overall quality, safety
More informationRSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS
RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS Security solutions for patient and provider access AT A GLANCE Healthcare organizations of all sizes are responding to the demands of patients, physicians,
More informationPatient-Generated Health Data and its Impact on Health Information Management
WHITE PAPER Patient-Generated Health Data and its Impact on Health Information Management HealthPort. 2015 All Rights Reserved. VN031015 FN3500 www.healthport.com 800.737.2585 Patient engagement is a growing
More informationHIPAA: AN OVERVIEW September 2013
HIPAA: AN OVERVIEW September 2013 Introduction The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was enacted on August 21, 1996. The overall goal was to simplify and streamline
More informationProtecting Patient Information in an Electronic Environment- New HIPAA Requirements
Protecting Patient Information in an Electronic Environment- New HIPAA Requirements SD Dental Association Holly Arends, RHIT Clinical Program Manager Meet the Speaker TRUST OBJECTIVES Overview of HIPAA
More informationMeaningful Use Stage 2 & HIPAA: The Relationship between HIPAA and Meaningful Use Privacy & Security Regulations View the Replay on YouTube
2012 FairWarning, Inc. Meaningful Use Stage 2 & HIPAA: The Relationship between HIPAA and Meaningful Use Privacy & Security Regulations View the Replay on YouTube April 12, 2012 2012 FairWarning, Inc.
More informationTurning Patient Portals into Major EHR Assets Edward Fotsch, M.D. Douglas Gentile, M.D.
Turning Patient Portals into Major EHR Assets Edward Fotsch, M.D. Douglas Gentile, M.D. DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily
More informationEntities Covered by the HIPAA Privacy Rule
Entities Covered by the HIPAA Privacy Rule Who Is A Covered Entity? HIPAA standards apply only to: Health care providers who transmit any health information electronically in connection with certain transactions
More informationSouthern Nevada Medical Industry Coalition
Southern Nevada Medical Industry Coalition EHR Workshop Definitions, Certifications, Mandates Presented by Bill Carns, CMPE, CHBME Who is Bill? President of PracticeMax Founder of ASPenLink Board Member
More informationHIPAA/HITECH and Texas Privacy Laws Comparison Tool Updated 2013
HIPAA/HITECH and Texas Privacy Laws Comparison Tool Updated 2013 Federal and Texas Privacy & Security Requirements Minimizing Your Risk of Violations DISCLAIMER The information contained in this document
More informationPrivacy and Security: Meaningful Use in Healthcare Organizations
Privacy and Security: Meaningful Use in Healthcare Organizations Phyllis A. Patrick, MBA, FACHE, CHC July 20, 2011 Webinar Essentials 1. Session is currently being recorded, and will be available on our
More informationSecurity & Privacy Strategies for Expanded Communities. Deven McGraw Partner Manatt, Phelps & Phillips LLP
Security & Privacy Strategies for Expanded Communities Deven McGraw Partner Manatt, Phelps & Phillips LLP 1 Key Challenges in Community Data Sharing Patient-mediated data sharing Sharing data with companies
More informationAnswering to HIPAA. Who Answers Your Phone? Prepared by Kenneth E. Rhea, MD, FASHRM. Brought to you by. www.duxware.com
Answering to HIPAA Who Answers Your Phone? Prepared by Kenneth E. Rhea, MD, FASHRM Brought to you by www.duxware.com The Event On February 20, 2014 at 8:00 PM an Internal Medicine specialist received a
More informationHealth Information Technology: A Key Component of Health Reform
Health Information Technology: A Key Component of Health Reform When Hurricanes Katrina and Rita ravaged the Gulf Coast in August 2005, most patients evacuated without any record of the treatments they
More informationHealthTECH Workforce Forum Presents: Electronic Health Records Adoption: Driving to 2015 and Beyond
HealthTECH Workforce Forum Presents: Electronic Health Records Adoption: Driving to 2015 and Beyond May 19 th, 2011 EHR Implementation Panel Moderator: Paula J. Magnanti, MT(ASCP) Founder & Managing Principal
More informationWhite Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES
White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES CONTENTS Introduction 3 Brief Overview of HIPPA Final Omnibus Rule 3 Changes to the Definition of Business Associate
More informationBy Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN
Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the
More informationRole of Health Plans It s Time to Get out of the Sandbox Health Record Enablement
National Conference of State Legislatures Health IT Champions New Orleans February 2007 Role of Health Plans It s Time to Get out of the Sandbox Health Record Enablement Blue Cross and Blue Shield of Louisiana
More informationOCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information
OCTOBER 2013 PART 1 Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information Part 1: How HIPAA affects electronic transfer of protected health information It is difficult
More informationPrivacy and Security Challenges of Meaningful Use
Privacy and Security Challenges of Meaningful Use Rich Cohan, MBA, FACHE, CHC, CCEP Adam H. Greene, JD, MPH DISCLAIMER: The views and opinions expressed in this presentation are those of the author and
More informationUnderstanding EHRs: Common Features and Strategic Approaches for Medicaid/SCHIP
Understanding EHRs: Common Features and Strategic Approaches for Medicaid/SCHIP Presented by: Karen M. Bell MD, MMS, Director, HIT Adoption W. David Patterson PhD, Deputy Chief, Health and Demographics
More informationHIPAA for HIT and EHRs. Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals
HIPAA for HIT and EHRs Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals Donald Bechtel, CHP Siemens Health Services Patient Privacy Officer Fair Information Practices
More informationHow To Write A Community Based Care Coordination Program Agreement
Section 4.3 Implement Business Associate and Other Agreements This tool identifies the types of agreements that may be necessary for a community-based care coordination (CCC) program to have in place in
More informationHIPAA Compliance Issues and Mobile App Design
HIPAA Compliance Issues and Mobile App Design Washington, D.C. April 22, 2015 Presenter: Shannon Hartsfield Salimone, Holland & Knight LLP, Tallahassee and Jacksonville, Florida Agenda Whether HIPAA applies
More informationImpact of the Healthcare IT Stimulus Package. Session 2 of 4. Presented by. Mark R. Anderson, FHIMSS, CPHIMS CEO, AC Group, Inc.
Welcomes you to Part II of a four part Webinar series on the healthcare IT marketplace, the reasons why EMR/EHR products have failed, how the Healthcare Stimulus package will effect you, and what you need
More informationConsumer Engagement with Health Information Technology Summary of NeHC Survey Results
Consumer Engagement with Health Information Technology Summary of NeHC Survey Results Background In June 2012, National ehealth Collaborative (NeHC) distributed a survey on consumer engagement with health
More informationData Sharing Issues in Accountable Care Organizations
Data Sharing Issues in Accountable Care Organizations Joel Garmon Chief Information Security Officer Wake Forest Baptist Health Brian Vick, JD Associate Counsel Blue Cross Blue Shield of North Carolina
More informationOCR UPDATE Breach Notification Rule & Business Associates (BA)
OCR UPDATE Breach Notification Rule & Business Associates (BA) Alicia Galan Supervisory Equal Opportunity Specialist March 7, 2014 HITECH OMNIBUS A Reminder of What s Included: Final Modifications of the
More informationMAKING HEALTH INFORMATION ACCESSIBLE & SECURE. w w w. i m e d i c o r. c o m
MAKING HEALTH INFORMATION ACCESSIBLE & SECURE w w w. i m e d i c o r. c o m SOFTWARE FEATURES ONC COMPLETE AMBULATORY EHR CERTIFIED MU- 2 Fully hosted and managed solution Intuitive interface Accessible
More informationMeaningful Use Rules Proposed for Electronic Health Record Incentives Under HITECH Act By: Cherilyn G. Murer, JD, CRA
Meaningful Use Rules Proposed for Electronic Health Record Incentives Under HITECH Act By: Cherilyn G. Murer, JD, CRA Introduction On December 30, 2009, The Centers for Medicare & Medicaid Services (CMS)
More informationHIPAA Privacy and Information Security Management Briefing
HIPAA Privacy and Information Security Management Briefing Karen Pagliaro-Meyer Privacy Officer kpagliaro@columbia.edu (212) 305-7315 Soumitra Sengupta Information Security Officer sen@columbia.edu (212)
More informationMedicaid and Medicare Meaningful Use of Electronic Health Records Program. May 15, 2013
Medicaid and Medicare Meaningful Use of Electronic Health Records Program May 15, 2013 Presenters Andie Patterson, Deputy Director of Regulatory Affairs California Primary Care Association apatterson@cpca.org
More informationSigned into law on February 17, 2009, the Stimulus Package known
Stimulus Package Expands HIPAA Privacy and Security and Adds Federal Data Breach Notification Law Marcy Wilder, Donna A. Boswell, and BarBara Bennett The authors discuss provisions of the Stimulus Package
More informationAre you ready? Meaningful Use Stage 2 HIT Summit July 26, 2014
Are you ready? Meaningful Use Stage 2 HIT Summit July 26, 2014 Meaningful Use Stage 2 Are you Ready? Speakers: Robyn Polinar, BA, MBA, AMB & Community EMR Supervisor Hawai i Pacific Health Nadine Owen,
More informationEmpowering Nurses & Building Trust Through Health IT
Empowering Nurses & Building Trust Through Health IT Helen Caton-Peters, MSN, RN Health Information Privacy & Security Specialist Office of the National Coordinator for Health Information Technology 2
More informationSunday March 30, 2014, 9am noon HCCA Conference, San Diego
Meaningful Use as it Relates to HIPAA Compliance Sunday March 30, 2014, 9am noon HCCA Conference, San Diego CLAconnect.com Objectives and Agenda Understand the statutory and regulatory background and purpose
More informationHIT Audit Workshop. Jeffrey W. Short. jshort@hallrender.com
HIT Audit Workshop Jeffrey W. Short jshort@hallrender.com 1 Audits and Investigations to be Discussed Meaningful Use Audits HIPAA Audits Data Breach Investigations Software Vendor Audits FTC Investigations
More informationOpportunities for Medicaid to Invest in HIT. Shannah Koss, Principal Koss on Care LLC
Opportunities for Medicaid to Invest in HIT Shannah Koss, Principal Koss on Care LLC Topics Key HIT components in the ARRA What is happening in state Medicaid programs today? Challenges and opportunities
More informationAm I a Business Associate?
Am I a Business Associate? Now What? JENNIFER L. RATHBURN Quarles & Brady LLP KATEA M. RAVEGA Quarles & Brady LLP agenda» Overview of HIPAA / HITECH» Business Associate ( BA ) Basics» What Do BAs Have
More informationHIPAA Omnibus Rule Practice Impact. Kristen Heffernan MicroMD Director of Prod Mgt and Marketing
HIPAA Omnibus Rule Practice Impact Kristen Heffernan MicroMD Director of Prod Mgt and Marketing 1 HIPAA Omnibus Rule Agenda History of the Rule HIPAA Stats Rule Overview Use of Personal Health Information
More informationAgenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014
OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2 Linda Sanches, MPH Senior Advisor, Health Information Privacy HCCA Compliance Institute March 31, 2014 Agenda Background Audit Phase
More informationREGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI
REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI Healthcare Organizations Can Adopt Enterprise-Wide Disclosure Management Systems To Standardize Disclosure Processes,
More informationTrust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC Why Does Privacy and Security Matter? Trust Who Must Comply with HIPAA Rules? Covered Entities (CE)
More informationBusiness Associate Agreement (BAA) Guidance
Business Associate Agreement (BAA) Guidance Introduction The purpose of this document is to provide guidance for creating or updating business associate agreements between your Practice ( Covered Entity
More informationGerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman LLP
How Regional Extension Centers (RECs), Beacon Programs, Community College Consortia and Health Insurance Exchanges Work and Why Privacy and Security are Important Gerry Hinkley Co-Chair, Health Care Industry
More informationStage 2 Meaningful Use What the Future Holds. Lindsey Wiley, MHA HIT Manager Oklahoma Foundation for Medical Quality
Stage 2 Meaningful Use What the Future Holds Lindsey Wiley, MHA HIT Manager Oklahoma Foundation for Medical Quality An Important Reminder For audio, you must use your phone: Step 1: Call (866) 906-0123.
More informationOverview of HITECH ACT Changes to HIPAA Privacy Rules
Overview of HITECH ACT Changes to HIPAA Privacy Rules January 4, 2010 Presentation by Jennifer L. Cox, Esq. Timeline and Sources of Law HIPAA was passed by Congress in 1996, and regulations were required
More informationAHAdatainfo@healthforum.com 866-375-3633. 2012 AHA Annual Survey Information Technology Supplement. Healthcare IT Database Download and Data Licensing
2012 AHA Annual Survey Information Technology Supplement Survey Questionnaire This survey instrument can be used to facilitate sales, planning and marketing activities. For example, consider current and
More informationAgenda. Government s Role in Promoting EMR Technology. EMR Trends in Health Care. What We Hear as Reasons to Not Implement and EMR
Agenda A 360-Degree Approach to EMR Implementation Environmental Overview Information on the HITECH Stimulus Opportunities Hospitals, Physicians and Interoperability Preparing for an EMR Implementation
More informationCustom Report Data Elements: 2012 IT Database Fields. Source: American Hospital Association IT Survey
Custom Report Data Elements: 2012 IT Database Fields Source: American Hospital Association IT Survey COMPUTERIZED SYSTEM IMPLEMENTATION 3 Bar Coding 3 Computerized Provider Order Entry 3 Decision Support
More informationHIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist
HIPAA Omnibus Rule Overview Presented by: Crystal Stanton MicroMD Marketing Communication Specialist 1 HIPAA Omnibus Rule - Agenda History of the Omnibus Rule What is the HIPAA Omnibus Rule and its various
More informationHIPAA Compliance Guide
HIPAA Compliance Guide Important Terms Covered Entities (CAs) The HIPAA Privacy Rule refers to three specific groups as covered entities, including health plans, healthcare clearinghouses, and health care
More informationMeaningful Use Stage 2. Meeting Meaningful Use Stage 2 with InstantPHR TM. www.getrealhealth.com
www.getrealhealth.com Meaningful Use Overview We are at the forefront of the patient engagement era. The American Recovery and Reinvestment Act of 2009 included the Health Information Technology for Economic
More informationTHE 2009 HEALTH INFORMATION TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT
July 2009 THE 2009 HEALTH INFORMATION TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT SUMMARY The Health Information Technology for Economic and Clinical Health Act (HITECH) is an important component of
More informationOf EHRs and Meaningful Use. Pat Wise, RN, MA, MS FHIMSS COL (USA ret d) VP, Healthcare Information Systems, HIMSS
Of EHRs and Meaningful Use Pat Wise, RN, MA, MS FHIMSS COL (USA ret d) VP, Healthcare Information Systems, HIMSS 1 MU: Where We are Today From www.cms.gov As of the end of January 31, 2013: >210,000 EPs
More informationPrivacy & Security The HHS Rule is Out What s New and What s Next. Mary Jo Carden, RPh, JD Director, Regulatory Affairs AMCP mcarden@amcp.
Privacy & Security The HHS Rule is Out What s New and What s Next Mary Jo Carden, RPh, JD Director, Regulatory Affairs AMCP mcarden@amcp.org Disclosure Mary Jo Carden is an employee of the Academy of Managed
More informationElectronic Health Records. Going Beyond Data Collection to Making the Data Usable
Electronic Health Records Going Beyond Data Collection to Making the Data Usable Overview Compliance to the Meaningful Use guidelines in the Health Information Technology Economic and Clinical Health (HITECH)
More informationHealth Homes Implementation Series: NYeC Privacy and Security Toolkit. 16 February 2012
Health Homes Implementation Series: NYeC Privacy and Security Toolkit 16 February 2012 1 Agenda What are the New York ehealth Collaborative (NYeC) and the Regional Extension Center? What are Health Homes?
More informationHIPAA Compliance, Notification & Enforcement After The HITECH Act. Presenter: Radha Chanderraj, Esq.
HIPAA Compliance, Notification & Enforcement After The HITECH Act Presenter: Radha Chanderraj, Esq. Key Dates Publication date January 25, 2013 Effective date - March 26, 2013 Compliance date - September
More informationMeaningful Use Stage 2:
Meaningful Use Stage 2: Where We Are Now, Where We re Going, and What it Means for Your Practice Russell B. Leftwich, MD, FAAAI Chief Medical Informatics Officer Office of ehealth Initiatives, State of
More informationCertification Guidance for EHR Technology Developers Serving Health Care Providers Ineligible for Medicare and Medicaid EHR Incentive Payments
I. Background Certification Guidance for EHR Technology Developers Serving Health Care Providers Ineligible for Medicare and Medicaid EHR Incentive Payments The Medicare and Medicaid EHR Incentive Programs,
More informationHealth Insurance Portability and Accountability Act HIPAA. Glossary of Common Terms
Health Insurance Portability and Accountability Act HIPAA Glossary of Common Terms Terms: HIPAA Definition*: PHCS Definition/Interpretation: Administrative Simplification HIPAA Subtitle F It is the purpose
More informationEnabling Patients Decision Making Power: A Meaningful Use Outcome. Lindsey Mongold, MHA HIT Practice Advisor Oklahoma Foundation for Medical Quality
Enabling Patients Decision Making Power: A Meaningful Use Outcome Lindsey Mongold, MHA HIT Practice Advisor Oklahoma Foundation for Medical Quality Today 1. Meaningful Use (MU) 2. 2/3rds of MU relates
More informationMeaningful Use: Stage 1 and 2 Hospitals (EH) and Providers (EP) Lindsey Mongold, MHA HIT Practice Advisor Oklahoma Foundation for Medical Quality
Meaningful Use: Stage 1 and 2 Hospitals (EH) and Providers (EP) Lindsey Mongold, MHA HIT Practice Advisor Oklahoma Foundation for Medical Quality Meaningful Use Stage 1 Focuses on Functional & Interoperability
More informationSURVEY QUESTIONNAIRE 2013 AHA ANNUAL SURVEY INFORMATION TECHNOLOGY SUPPLEMENT
2013 AHA ANNUAL SURVEY INFORMATION TECHNOLOGY SUPPLEMENT SURVEY QUESTIONNAIRE This survey instrument can be used to facilitate sales, planning and marketing activities. For example, consider current and
More informationStraight from the Source: HHS Tools for Avoiding Some of the Biggest HIPAA Mistakes
Watch the Replay Straight from the Source: HHS Tools for Avoiding Some of the Biggest HIPAA Mistakes FairWarning Executive Webinar Series May 20, 2014 #AnytimeAudit Today s Panel Laura E. Rosas, JD, MPH
More informationHIPAA: Protecting Your. Ericka L. Adler. Practice and Your Patients
HIPAA: Protecting Your Ericka L. Adler Practice and Your Patients Rachel V. Rose Fallout from the Omnibus Rule Compliance strategies for medical practices 1. Know / manage your business associates and
More informationHow to Achieve Meaningful Use with ICANotes
How to Achieve Meaningful Use with ICANotes Meaningful use involves using an EHR in a way that the government has defined as meaningful to collect incentive payments. but do not participate. Note: If you
More informationMeeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel
Meeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel Questions Answers 1 Is a Business Associate (BA) responsible for assuming a Covered
More informationKaiser Permanente Comments on Health Information Technology, by James A. Ferguson
Kaiser Permanente Comments on Health Information Technology, by James A. Ferguson FTC Public Workshop: Innovations in Health Care Delivery 24 April, 2008 Kaiser Permanente Overview Established in 1945,
More informationDemonstrating Meaningful Use of EHRs: The top 10 compliance challenges for Stage 1 and what s new with 2
Demonstrating Meaningful Use of EHRs: The top 10 compliance challenges for Stage 1 and what s new with 2 Today s discussion A three-stage approach to achieving Meaningful Use Top 10 compliance challenges
More information