During the first quarter of 2012, the federal government continued to implement the HITECH Act, enacted as part of the American Recovery and Reinvestment Act.
The first quarter of 2012 saw the following high-level developments:
- HHS Released Proposed Rules on Stage 2 Meaningful Use and EHR Certification Criteria — On Feb. 23, CMS released a proposed rule setting forth the requirements that health care providers must meet to achieve meaningful use of certified electronic health records under Stage 2 of the Medicare and Medicaid EHR Incentive Programs. On Feb. 24, the Office of the National Coordinator for Health Information Technology released a companion proposed rule related to the associated standards and certification criteria for EHRs.
- White House Selected Todd Park as New Chief Technology Officer — On March 9, the White House announced that President Obama had selected Todd Park as the new U.S. Chief Technology Officer. Park previously served as CTO of HHS.
Medicare and Medicaid EHR Incentive Programs
CMS Released Incentive Program Provider Participation Data
In March, CMS released February data highlighting health care provider participation and incentive payment totals since the EHR Incentive Program launched in January 2011. According to CMS, over 211,500 total eligible professionals (EPs), eligible hospitals (EHs) and critical access hospitals (CAHs) had registered for the Medicare and/or Medicaid EHR Incentive Programs. Over 62,000 EPs, EHs and CAHs had been paid a total of more than $3.8 billion for successfully participating in the programs.
NIST Released EHR Usability Evaluation Protocol
On March 20, the National Institute of Standards and Technology released guidance for evaluating, testing and validating the usability of EHRs. According to NIST, the proposed usability protocol “encourages a user-centered approach to the development of EHR systems” and “provides methods to measure and address critical errors in user performance before those systems are deployed in a medical setting.” On Feb. 14, NIST also published a notice in the Federal Register seeking vendors to supply EHR systems for NIST to use to develop a framework for assessing the usability of health IT systems and performance-oriented user interface design guidelines for EHRs. Interested vendors were required to submit a request and Letter of Understanding by March 15.
Health Information Exchange
ONC Published Article on HIE Strategy
On March 28, ONC leaders published a Health Affairs article outlining the federal government’s strategy for advancing health information exchange. The article discusses the federal government’s progress to date in establishing the “essential building blocks” for health data exchange. It also describes ONC’s plans to “develop additional policies and standards that will make information exchange easier and cheaper and facilitate its use on a broader scale.”
ONC Released CONNECT 3.3
On March 16, ONC released version 3.3 of CONNECT, which is open-source software that supports health information exchange and relies on Nationwide Health Information Network standards. The new CONNECT version includes additional features, performance improvements, maintenance fixes and software updates. Of note, CONNECT 3.3 complies with NwHIN specifications approved in July 2011 and creates backwards compatibility between the January 2010 and July 2011 specifications and among CONNECT versions.Â
Privacy and Security
HIPAA Final Omnibus Rule Sent to OMB for Review
On March 24, the HHS Office of Civil Rights sent the final HIPAA “Omnibus Rule” to the Office of Management and Budget for review. OMB review, which must be completed within 90 days, is one of the final steps before publication in the Federal Register. OCR has suggested that the final rule will include:
The changes to the HIPAA Privacy and Security Rules required under the HITECH Act;
- New data breach enforcement and penalty requirements;
- Final regulations related to the HITECH Act’s breach notification rule; and
- Changes to HIPAA to incorporate the Genetic Information Nondiscrimination Act.
HHS Announced Settlement With BCBS Tennessee Resulting From HITECH Breach Notification Rule
On March 13, OCR announced the first enforcement action resulting from a breach report required under the HITECH Breach Notification Rule: Blue Cross Blue Shield of Tennessee agreed to pay HHS $1.5 million to settle potential violations of the HIPAA Privacy and Security Rules. The investigation followed a notice submitted by BCBST reporting that 57 unencrypted computer hard drives were stolen from a facility in Tennessee. The drives contained the protected health information of more than one million individuals, including member names, Social Security numbers, diagnosis codes, dates of birth and health plan identification numbers.Â
ONC To Increase Data Collection To Inform Nationwide Campaign on Privacy and Security of Health Information
On Feb. 22, ONC published a notice in the Federal Register seeking a revision to a currently approved information collection request to increase focus group burden hours and explore consumer attitudes and preferences regarding the use of mobile devices to communicate personal health information electronically. The collected information will inform a two-year nationwide campaign to educate the public about privacy and security of electronically exchanged personal health information.
ONC Hosted Roundtable and Solicited Comments on Mobile Device Privacy and Security
On March 16, ONC convened a roundtable to gather input from the public, industry and subject matter experts on the privacy and security issues related to health care providers’ use of mobile communication devices. The roundtable consisted of three panels with federal agency representatives, practicing health care providers and representatives of research, provider and industry organizations. Following the roundtable, ONC solicited public comments on:
- Real world use of mobile devices by health care providers and other health professionals;
- Real world mobile device privacy and security practices, strategies and technology; and
- Any other comments on provider and other health professional use of mobile devices.Â
Comments were accepted through March 30.
ONC Announced Plan for Consumer Survey on EHR Privacy and Security Attitudes
On Feb. 21, ONC published a notice in the Federal Register proposing to conduct a five-year nationwide survey to assess the percentage of individuals who are concerned about the privacy and security of EHRs, who report having kept any part of their medical history from their doctor due to privacy concerns and who are concerned that an unauthorized person would see their medical information if it is sent electronically, among other key measures. ONC will investigate whether these numbers change from 2012 to 2016. The survey will consist of annual computer-assisted telephone interviews of a representative sample of the general population. The data will be analyzed using statistical methods, and a draft report will be prepared. ONC will hold an Internet seminar prior to the publication of the final report to convey the findings to the general public.
Other Health IT Developments
ONC Announced Two Investing in Innovation Challenges
On Jan. 26, ONC announced the launch of the Discharge Follow-Up Appointment care transitions challenge as part of the ONC Investing in Innovation (i2) Initiative. The challenge consists of a contest to create an easy-to-use Web-based tool that will make post-discharge follow-up appointment scheduling a more effective and shared process for care providers, patients and caregivers. Submissions will be accepted through April 30. On Feb. 7, ONC announced an additional i2 challenge to develop mobile applications to help improve access to health records for people with disabilities. Submissions are due by July 23. The i2 Initiative is an effort to spur innovations in health IT through prizes and challenges to facilitate innovation and obtain solutions to intractable health IT problems.
ONC Announced popHealth Tool Development Challenge Winners
On Feb. 22, ONC announced the winners of the popHealth Tool Development Challenge, a contest to build applications using the popHealth framework to help providers address disparities in care, engage with patients and improve patient safety. popHealth is an open source software service that automates the reporting of Stage 1 meaningful use clinical quality measures.
ONC Launched Consumer Health IT Video Challenge
On Jan. 9, ONC launched a nationwide, open call for entries in the Healthy New Year Video Challenge highlighting personal stories of patients and families using health technology to improve health. According to HHS, the video challenge kicked off the first in a series of consumer video contests in 2012 that will serve as a way to engage consumers to integrate technology into their health care. Submissions for the Healthy New Year Video Challenge were accepted through Feb. 16.Â
OPM Announced Expansion of Blue Button to Federal Workers
On Jan. 18, the Office of Personnel Management announced that it had asked all health insurance carriers in the Federal Employees Health Benefit Program to add Blue Button functions to personal health record systems on their websites. As a result, millions of federal employees, retirees and their families will be able to use the Blue Button to download their personal health data, according to OPM. The Blue Button initiative was first launched in August 2010 by the Department of Veterans Affairs as a way for veterans to download their health care claims data from the MyHealtheVet website. The Blue Button was later expanded to members of TRICARE’s military health plan and Medicare beneficiaries.