Key Takeaway: Patients will have the right under HIPAA (Health Insurance Portability and Accountability Act) to have direct access to lab test results, regardless of state laws or if the treating physician has counseled the patient.
Why it Matters: CIOs who are responsible for facilities in multiple states will no longer have to comply with different access laws for posting lab test results online. This final rule gives laboratories thirty days (plus a 30-day extension option) to comply with a patient request.
Final rules, nearly two years in the making, were released Monday outlining a new right for individuals to have direct access to laboratory test results. “While patients can continue to get access to their laboratory test reports from their doctors,” CMS says in an announcement, “these changes give patients a new option to obtain their test reports directly from the laboratory while maintaining strong protections for patients’ privacy.” Labs that were exempt under HIPAA from having to comply with such requests will now have 30 days to give patient test results. Additionally, the final rule pre-empts 20 state laws that prohibit patients from accessing lab results without first discussing them with a doctor. “We believe 30 days is generally sufficient time to allow a treating provider to receive a test report in advance of the patient’s receipt of the report and to communicate the result to and counsel the patient as necessary…” the final rule states.
This timeframe in no way changes Meaningful Use requirements to give patients the ability to view online, download and transmit information about a hospital admission within four business days.
CHIME will develop a forthcoming “CIO Cheat Sheet” for this final rule, so please convey any questions or thoughts to Jeff Smith, Senior Director of Federal Affairs.
EHR Certifying Body Exits Meaningful Use Program
Key Takeaway: The Certification Commission for Health Information Technology (CCHIT) announced plans to stop testing and certifying EHRs, effective immediately.
Why it Matters: CCHIT was the government’s dominant certification body. It tested and certified nearly half of the 722 EHR products currently certified to 2014 Edition CEHRT.
What’s Next? CIOs should contact their EHR vendor(s) to determine whether they have a continuity plan in place to ensure they will be able to maintain their vendor’s certifications.
Rather than play the role of referee, CCHIT wants to join the game. According to Alisa Ray, CCHIT executive director, the move will enable providers and vendors to receive “greater levels of support and counsel” on health IT regulations. “It’s apparent to both providers and vendors that the pace of ONC 2014 Edition certification has been slowed by the challenges of more rigorous criteria and testing, and the timing and nature of future federal health IT program requirements remain uncertain,” Ray said in a statement. The nonprofit group also announced a new partnership with HIMSS to provide consulting services to health IT developers on the requirements for certifying their EHR technologies and satisfying health IT regulations.
For providers confused about the implications of this announcement, they should first determine if CCHIT was the certifying body of record for their 2014 Edition EHR. You can also search the CHPL here. If their vendor was certified by CCHIT, providers should seek an update on the vendor’s transition plans immediately. For vendors that were certified by CCHIT, this announcement does not likely affect the standing of the certifications attained under the 2014 certification program. And CCHIT said a process has been put in place to transfer certification records for maintenance purposes to ICSA Labs, another certification body authorized by ONC.
CHIME staff will engage policymakers and industry sources to determine what broader implications this move may have. CHIME members with questions should contact Jeff Smith, Senior Director of Federal Affairs.