Baucus Wants Tighter HIPAA Standards

Baucus Wants Tighter HIPAA Standards.

The health care reform plan issued by Senate Finance Committee chair Sen. Max Baucus (D-Mont.) calls for mandated adoption of "operating rules" that would significantly tighten the standards of HIPAA administrative/financial transactions. It also would increase the number of transaction sets.

The "operating rules" referenced in the plan are those developed under the voluntary CORE initiative under way for several years. CORE is the Committee on Operating Rules for Information Exchange within CAQH, a Washington-based payer advocacy group. The initiative seeks to build industry consensus on tightening of the HIPAA standards to facilitate health care financial/administrative transactions and offer more information to providers.

HIPAA TV; YouTube for security healthcare professionals

HIPAA TV.

This looks promising: "Physician IT: Getting Your Healthcare Practice Information Security and Continuity House in Order."

Monitoring and privacy issues beyond HIPAA | mobihealthnews

Monitoring and privacy issues beyond HIPAA | mobihealthnews.

UK-based publication, The Engineer, has a short and sweet commentary that raises the issue of privacy — but not in the regulatory, protect-my-health-data sense. The brief editorial wonders where the line should be drawn for remote monitoring of older relatives and friends. The Engineer reported on A&D Medical’s Bluetooth blood pressure cuff and Bluetooth-enabled weight scale attaining Continua Health Alliance interoperability certification a few weeks ago.

SquareLoop debuts HIPAA-compliant healthcare text messaging system

  From Health Imaging News:

The text messaging system, a new feature on SquareLoop's Mobile Alert Network, is HIPAA-compliant for regulations governing encryption of patients' electronic records and provides an application for secure mobile-originated text messages.

This product will be commercially available in June.

From their product page:

Key Features

• HIPAA compliant encrypted text messaging - All messages are encrypted end-to-end providing a quick, yet safe and secure method to exchange patient information
• Target your messages - Only the Mobile Alert Network enables geographic targeting of messages to mobile devices
• Ensure messages are noticed - Only the Mobile Alert Network allows you to define the alert tone to ensure your messages stand out. Alert tones continue to play until the message is acknowledged
• Provide actionable information - The Mobile Alert Network allows you to provide clearly worded instructions not limited by character limits and can include graphics
• Message delivery status - Know when the message was received by the phone and when it was acknowledged by the recipient with true read receipts
• Off-the-shelf phone support - In many cases, you can use phones you already own or standard off-the-shelf models
• Highly reliable - SquareLoop maintains redundant high priority connections with carriers and aggregators

I'd be interested in finding out more about these "redundant high priority connections" and the studies that have tested this. The problem with replacing beepers with cell phones has always been about reliability.

EFR (electronic fax record): SecureCare Technologies Sfax now completely paperless

SecureCare Technologies is adding Digital Signature and annotation features for its flagship product, Sfax, which now makes this service completely paperless.

The faxing of patient records is a major means of transmitting patient records. According to their press release, "approximately 14.9 billion fax pages are sent and received between providers annually.)

They'll launch it with a Webcast from their Web site on February 12.

Lack of HIPAA enforcement prompts fear of privacy erosion

An article (subscribers only) by Theo Francis in the  last month's Wall Street Journal, tells the story of a 51-year-old lawyer who has unsuccessfully fought to keep her psychotherapist’s notes from companies such as the health insurance carrier at her job. She was turned down for disability benefits based on these notes which he therapist assured her would remain confidential. Unfortunately, some of these notes were entered into her general electronic medical record, and despite her requests, will still remain there.

When HIPAA was written, it stipulated that psyche records should be kept separate and protected from access unlike the general medical record.

This article reports on the track record of enforcement of HIPAA complaints. While there has been a rising trend of medical-privacy complaints received by the Department of Health and Human Services (HHS), averaging about 600 per month in 2006, “it has not yet taken any enforcement actions against hospitals, doctors, insurers or anyone else for rule violations.” There have been about 24,000 privacy complaints since April 2003, with three-quarters dismissed, either because no violation was found or the situation was resolved with “informal guidance.”

MedInformaticsMD, a blogger at Health Care Renewal, responded with a letter to the WSJ, pointing out that clinical computing needs to be treated differently than business computing in order to preserve doctor-patient confidentiality; suggesting that an advocacy movement is needed here in the US, much like the one (The Big Opt Out) in the UK; and, warning "if you want to keep information secure, don't put it on a computer." This last point refers to the types of clinical data such as psychotherapy notes which need special consideration of privacy, security and confidentiality. He calls on the Office of the National Coordinator for Health IT (ONCHIT) in the Dept. of Health and Human Services to spearhead this strategy.