More MU debate
This week we learned more about plans for Stage 3 Meaningful Use during the most recent Health IT Policy Committee meeting, even as the program faces more criticism. Also, a hefty fine for HIPAA violations could send a message to the healthcare industry.
The American Academy of Family Physicians (AAFP), which represents 110,600 U.S. physicians and medical students, officially joined the chorus of healthcare associations urging the Centers for Medicaid & Medicare Services (CMS) to push back the implementation deadlines of MU Stage 2. Also, it proposed a revised MU Stage 2 compliance schedule that extends the timeframe for compliance by 12 months.
AAFP primarily is concerned with implementation deadlines set by CMS and ONC as it feels members are unable to obtain the products and implementation services training and support required to meaningfully use 2014 CEHRT while providing high levels of safety, quality and service.
Meanwhile, a new study finds that many critical access hospitals and other small hospitals are at risk of not achieving MU. Smaller and rural hospitals “appear to be less likely than other hospitals to have met the Stage 1 criteria, and very few hospitals had all of the computerized systems necessary to achieve Stage 2 Meaningful Use.”
These facilities face challenges including low patient volume which complicates long-range planning, difficulty attracting and retaining IT professionals and difficulty finding a suitable IT vendor.
Study authors made a number of recommendations aimed at policymakers paying more attention to the MU needs of critical access and smaller hospitals. “Without the full participation of these hospitals, the nation will not be able to achieve the larger policy goal of sharing data across providers and ensuring that clinical information follows patients wherever they receive care.”
On the privacy and security front, a New York-based health plan settled potential HIPAA violations for $1,215,780. A photocopier the health plan previously leased was sold to the CBS television network. The CBS Evening News, as part of an investigation, found that the copier had protected health information on the hard drive. The health plan estimated that the breach affected 344,579 individuals.
The timing of this settlement was interesting to me as the Privacy & Security Tiger Team presented to the Health IT Policy Committee several recommendations regarding security risk analysis and related MU requirements for Stage 3.
Is your organization regularly conducting a risk analysis and acting on any identified deficiencies? Please share your experience.
Beth Walsh
Clinical Innovation + Technology editor
Editor
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.