A Digital Look Forward
Have we all attested for our HITECH EHR Incentive? Updated our HIPAA Security Policies to reflect the Omnibus Rule back in November? Considered connecting to the Illinois Health Information Exchange (ILHIE)?
A lot of doctors call the ICS office with questions and are frustrated to learn they have to comply with all of these new requirements and programs. Over and over we hear, “I just don’t understand WHY I have to do this?!” This article is not a how-to guide for HIPAA and EHR–the ICS has information, articles, and classes available that cover those topics. Instead, I aim to give you the 10,000-foot fly-by on recent legislation and where we believe we are heading in the sharing of digital information.
“Why?”
Welcome to the Information Age; it all boils down to the sharing of information. How many times has your office had challenges with either sending or receiving medical records for your patients? Or a patient’s failure to disclose tests or procedures rendered by another physician? Previous injuries not disclosed? In a world where everything should be at our fingertips, these are the logistical obstacles we are still trying to overcome.
Your answer is in three parts: First, patients experience better outcomes when their providers coordinate care. Secondly, providers benefit by having immediate access to vital information. And finally, because the State is the largest payer of health services in Illinois, improving efficiencies and outcomes reduces State costs. In light of the fact that Illinois is continually unable to bring its financial house in order, the State’s costs are why Illinois has recently taken such an interest in health care and health care information technology.
Challenges to Data Sharing
In order for any of these goals to be a reality, all health care providers must use compatible online technologies. Although individual offices may have no problems operating from a paper system, this presents an obvious barrier to the interconnected online system toward which the health care industry is moving. Simply switching to any EHR is not enough, because each system must demonstrate that it adheres to specific standards and is, therefore, able to communicate with other approved electronic systems. This need for compatibility also applies to usage of a more detailed and standardized coding system. The switch to ICD-10 allows for clearer codes without the use of non-standardized annotations needed to modify the older ICD-9.
Another roadblock that must be overcome is the question of where to host all of this information. It would not work to have records from particular physicians become unavailable due to technical problems in their offices, switching EHRs, or if their EHR goes out of business. The solution to this problem is a Health Information Exchange (HIE) such as ILHIE (hie.illinois.gov). A HIE creates a secure, central repository where providers can share and view all of this clinical and administrative data.
A final challenge is actually a legal one. Historically, there have been several types of medical information that could not be shared without specific patient consent. In order for care coordination to be successful, these barriers to data sharing must be removed while maintaining certain protections on an individual’s personal health information. Illinois is already making numerous changes to State law to make data sharing and consent requirements more consistent with new federal standards (HIPAA).
HIPAA
New technology presents the need for new laws. Rules must be established for the transmission of electronic information: email is not secure, laptops can be stolen or lost, and passwords can be compromised. Lapses in these areas can result in gross data breaches, where countless patient records are irrevocably released and duplicated in the digital realm. A HIPAA patient privacy policy isn’t just another form your patients sign but is instead a living document tailored specifically to your office based on how and where your records are kept and your procedures for ensuring their security.
Originally enacted in 1996 by President Bill Clinton, HIPAA and its rules are now being relied upon as an accepted standard, enforcing consistency across different health care offices and reducing chances for accidental breaches of privacy. HIPAA now imposes security requirements on both computer and paper files, requires encryption of electronic information transmission, requires notification of an office’s privacy practices, and requires that each office does an individualized internal risk assessment – just to name a few current requirements. Many Illinois laws are being re-evaluated and changed to reflect these standards and to allow for this new world of electronic medical record (EMR) exchange and care coordination.
Illinois Law
The Illinois Chiropractic Society has monitored numerous changes to Illinois law regarding to this constantly evolving topic. Just this last legislative session, Illinois saw electronic data sharing barriers removed in the Mental Health and Developmental Disabilities Confidentiality Act, the AIDS Confidentiality Act, Genetic Information Privacy Act, and the Clinical Lab and Blood Bank Act. These laws were corrected to allow for EMR exchange and allowances for record disclosure. With these recent changes, Illinois has nearly removed all of its legal roadblocks and will be continuing its efforts towards a universal electronic data sharing system.
If you would like to read more on…
Health Information Exchanges: http://www.hie.illinois.gov or http://www.healthit.gov/HIE
HIPAA: https://ilchiro.org (keyword search “HIPAA”) or http://www.hfs.illinois.gov/hipaa/
ICD-10: https://ilchiro.org (keyword search “ICD-10”)
EHR: https://ilchiro.org (keyword search “EHR”)