With a presidential election complete, the US is arguably entering a new era of lots of unknowns. Ironically, for the health information technology (IT) industry, there might be more clarity than ever in 2017. This is potentially good, since it’s no secret that the industry has seen its share of technology hurdles. User frustration with technical challenges have created some setbacks. So, as we move into 2017, where can IT staff turn to for guidance on furthering their health IT initiatives?
#3 Consideration: New TechnologiesThe overall technology surrounding electronic health record (EHR) systems has undergone lots of changes over the last few years. It is now being impacted by the same technology challenges of any enterprise. While EHR now has the full backing of the US government, it’s also subject to far more government regulation than your average industry. So, as new technologies become possible for healthcare IT, the government will likely weigh in.
Just a few months ago, the US Department of Health and Human Services (HHS) issued a guidance on cloud computing. It essentially serves to help cloud adopters comply with the Health Insurance Portability and Accountability Act (HIPAA). For example, it provides guidance on service-level agreements (SLAs). These include covering issues related to cloud service providers (CSPs), such as system availability and reliability assurances, back-up and recovery assurances, how data is returned upon a contract termination, who’s responsible for security, and more. The new guidance also specifies business associates that the HHS considers to be applicable to the guidance.
There is also the need to consider many of the elements of the "Federal Health IT Strategic Plan: 2015-2020." It’s prepared by the Office of the National Coordinator for Health Information Technology (ONC), Office of the Secretary of the HHS. It has defined four health IT goals to achieve during this period. The first is to advance person-centered and self-managed health. The second is to transform healthcare delivery and community health. The third is to foster research, scientific knowledge, and innovation, and the fourth is to enhance the nation’s health IT infrastructure.
It’s the fourth goal that is of issue for the foundation of EHR systems. It seeks to employ a mix of innovation surrounding interoperability, security, standards, and a national communications infrastructure. Public comments contributed to the standards defined in 2016. Now, the Draft 2017 Interoperability Standards Advisory will serve as the basis on which public comments are sought to finalize the 2017 Interoperability Standards Advisory.
Also, don’t forget to leverage the recently issued "Health IT Playbook" to address health IT implementation concerns.
#2 Consideration: Certification ChallengesAccording to the Centers for Medicare and Medicaid Services, to get an incentive payment, you must use an EHR vendor that is certified specifically for the EHR Incentive Programs. As the organization states:
"Certified EHR technology gives assurance to purchasers and other users that an EHR system or module offers the necessary technological capability, functionality, and security to help them meet the meaningful use criteria. Certification also helps providers and patients be confident that the electronic health IT products and systems they use are secure, can maintain data confidentially, and can work with other systems to share information."
During 2016, healthcare providers had to attest to objectives and measures using EHR technology through set certification criteria. Thus, in 2017, we’ll have a clearer picture than ever before of a certified health IT product (CHPL) list.
The CHPL is an attempt to provide an all-inclusive and dependable means to find certified health technologies that are tested and certified by the ONC Health IT Certification program. The products listed on the CHPL have been tested by an accredited testing lab and certified by an ONC-authorized certification body. In essence, it means the products found there meet criteria adopted by the Secretary of the Department of HHS.
So, 2017 will arguably mark the first year whereby we have the most complete list of certified health IT technology.
#1 Consideration: HIPAA ComplianceHIPAA turned 20 in 2016. Everyone in the industry knows about it. With so much maturity now behind it, the Act is a strong driver of many technology requirements. It established methods for how healthcare data is electronically exchanged. Thus, according to HHS, nearly 94% of healthcare claims transacted are done so in a standard form. It also established privacy and security safeguards to protect patient information.
Meeting privacy requirements of the HHS Office for Civil Rights (OCR), which enforces HIPAA, will get no easier. In fact, the organization entered into a record number of settlement agreements in 2015 and 2016 for breaches and non-compliance. Sure, the chances your practice will be audited for violations are slim, but according to a recent Redspin "Breach Report," within the past five years, there have been more than 800 patient data breaches and 29 million patient records affected by HIPAA violations. Fines for these violations can get costly. Many of the settled violations in 2016 were for millions of dollars, and there are known plans for HIPAA OCR to expand its audit program in 2017.
The entire EHR system must be designed so that it does not violate the information sharing principles set by HIPAA, and there are likely new rules in 2017 to consider. For example, there are supposedly new requirements for patient access to records and to notify individuals in the event of a breach. Like every new year, you’ll want to turn to HIPAA to ensure compliance with any new rules and use vendors that are certified.
No doubt, many in the US have a lot of uncertainty going into 2017, but the health IT market is looking clearer than ever. 2017 might be the smoothest year ever for the EHR industry.
Rachel Jia is currently Technical Marketing Manager at Dynamsoft, a provider of web and desktop image capture and barcode reader software development kits. In addition to her marketing experience, she also has six years of customer service and technical support experience. Follow her on Twitter @Rachel_Jia.