AG: So really we’re looking at a combination here of incentives and penalties for adopting healthcare IT, with much stricter criteria or punishments for breaches of personal health information.
KH: Yes, and it’s really raised the stakes for privacy and security compliance. I think that it’s important for hospital CIOs to understand that. I think we’re really seeing an evolution in terms of the regulatory environment that requires a much higher degree of compliance and sophistication.
AG: So the goal in this legislation was to make the system more electronic, while ensuring that the data is secure.
KH: Right, we’re going to make you go electronic and there will be penalties, in part, because of the financial consequences of not going electronic, just in terms of adverse drug reactions and things of that sort. But we’re also going to hold you accountable in the event you don’t meet the standards and requirements, and there will be stiff penalties to give you the incentive to really go the extra mile and make sure that you do comply with the regulatory requirements.
AG: Today, all we have is the term ‘meaningful use’ that people are trying to parse. If you assume that it’s going to be a light definition, not a lot of people are going to be fined. However, if there is a curveball that comes, and meaningful use is much more specific and onerous than a lot of people that expect, it could be quite a different situation; don’t you agree?
KH: I completely agree. Again, I would underscore that ‘meaningful use’ itself will evolve. The act requires the Secretary of HHS to continue to improve the use of electronic health records. And as I read the act, it says that, over time, there will be more stringent measures of meaningful use. I think that’s the key for healthcare providers, particularly hospitals; they will need to plan and budget for evolving standards, and they shouldn’t go into this phase and into the incentive arrangement thinking that they can comply at the outset and they’ll be fine. They need to continue to monitor what that term ‘meaningful use’ means, because there will be additional guidance about this.
AG: Many of our readers are far along in their implementations. Many of them will simply have to fill out the proper forms and paperwork and they’ll get their $2 million and they’ll start getting their enhanced reimbursements for Medicare. Does that sound right so far?
KH: Yes. It’s certainly my view, and I think it’s the common view, that some existing EHR systems will initially comply and people don’t necessarily have to scrap their existing system and look for an entirely new one.
AG: We just saw a study from Harvard Medical School which said only about 1.5 percent of hospitals have a fully electronic environment. Could we be looking at a situation where the haves (as I would put it) are simply enhanced – they're rewarded for being where they are. The have-nots, not only don’t get money upfront to implement these systems, but then down the road they get penalized if they don’t somehow figure out how to get there. It seems a strange system to spur successful adoption.
KH: We were speaking before about the EHR itself, and you're correct that the percentage of hospitals that have fully implemented an EHR system is very low. The definition of meaningful use, as it’s currently stated, requires a couple of things that I think most hospitals are not doing, and that is that the technology needs to provide for the electronic exchange of health information outside of their organization to improve quality of care and care coordination. I don’t think that that is common.
I think everyone is going to have work to do in order to obtain the incentives. Some will have more work than others. I think that small entities are going to have a harder time because they’ll have more work to do. One of the concerns I have about the act is that so much of the financial incentives exist for adoption and a lot of the incentive payments are not directed towards extension activities and implementation activities.
AG: So you would agree with my assessment, which is that all of this money is on the backend, as I would put it, and not on the front end. It’s reimbursement money.
KH: Well, we don’t know that yet because we don’t know what the payment methodology will be. It is money that will exist for adoption. I think that the act itself doesn’t sufficiently address what the government will do in order to provide the extension and training that will really be needed not just to adopt EHR, but to make them fully functional.
AG: As far as I know, and tell me if I’m wrong, we’re talking about people receiving payments for showing meaningful use of technology, which would imply that they have the technology in place. So if you were a paper-based hospital system that is living hand to mouth, paycheck to paycheck so to speak, you are not going to get any money to go out and buy systems. You have to get the systems and then show that you’ve got meaningful use going. Am I misunderstanding?
KH: I think that that’s correct, as far as I know it at this point in time.
AG: My assessment would be we don’t know what we we’re going to know by Dec. 31. What would your response be to that?
KH: We need to wait and see what the payment methodology will be, and we don’t know that at this time.
AG: Do you think the anticipation level for the final regulations will be tremendous in December?
KH: I think that will depend on when additional guidance, including regulations, are actually issued. We hope there will be additional guidance by December of 2009. We don’t know whether that will be regulations, and we also don’t know whether that will be issued in August or December.
I think providers should begin to take a hard look at their privacy and security policies and procedures now, because there will be additional work that needs to be done.
AG: It sounds like PHI is an area people need to take a hard look at, that they may be focusing on the healthcare IT side, the payments, but there is a lot of critical information in the act about privacy and security.
KH: Yes, I think that’s absolutely true.