Continuing this week’s focus on privacy, today’s guest author Stacie Durkin, RN-C, RHIA, MBA, owner, Durkin & Associates, explains what ARRA’s privacy provisions might mean for health information exchange. Durkin co-chairs an AHIMA/HIMSS collaborative workgroup focused on privacy and security in the HIE/RHIO environment.
HIPAA has sharper teeth and a wider net due to the American Recovery and Reinvestment Act of 2009 (ARRA). A section of ARRA called The Health Information Technology for Economic and Clinical Health Act (HITECH Act) is the healthcare portion of the stimulus package that provides $19 billion for health information technology and the Federal financial commitment which supports and promotes the adoption of electronic health records (EHRs) by 2014. Some of the perceived weaknesses in HIPAA’s privacy and security regulations will be rectified by ARRA, dubbed “HIPAA II.”
There has been much discussion around the privacy and security issues of shared data. Before the stimulus package, health information exchanges (HIE) were not directly regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The new legislation is loaded with requirements, new enforcement provisions and penalties for covered entities, business associates, vendors and others. (more…)