Health IT Bill Clears Hurdle, Advances through Senate Committee
Key Takeaway: Last week the Senate Health, Education, Labor and Pensions (HELP) Committee unanimously approved a bill that seeks to improve the usability and interoperability of electronic health records (EHRs).
Why It Matters: The Improving Health Information Technology Act (S.2511), introduced by Chairman Lamar Alexander (R-TN) and Ranking Member Patty Murray (D-WA) seeks to reduce the reporting requirements through EHRs and directs the Government Accountability Office (GAO) to examine opportunities to improve how patients are linked to their healthcare data.
Cosponsored by Senators Michael Bennet (D-CO), Orrin Hatch (R-UT), Bill Cassidy (R-LA) and Sheldon Whitehouse (D-RI), the bill creates a rating system for EHRs, gives the Department of Health and Human Services (HHS) resources to combat information blocking and seeks to enhance patient to access their health data.
CHIME submitted comments on the draft legislation last month. The EHR-focused legislation is one of the many bills that are expected to comprise the Senate's version of the 21st Century Cures Act (HR 6), a comprehensive biomedical innovation proposal that passed the House last July.
MU Attestation Deadline Extended to March 11
Key Takeaway: The Centers for Medicare & Medicaid Services (CMS) extended the attestation deadline for the 2015 Meaningful Use program year from February 29 to March 11.
Why It Matters: The attestation deadline extension will allow providers additional time to attest, and with the announcement earlier last week of the PQRS submission deadline also being extended until March 11 creates alignment for providers.
Eligible professionals (EPs), eligible hospitals (EHs), and critical access hospitals (CAHs) participating in the Medicare EHR Incentive Program can attest through the CMS Registration and Attestation System. Providers participating in the Medicaid EHR Incentive Program should refer to their respective states for attestation information and deadlines.
President Request Additional Health IT Funding for FY17, Would Extend MU to Behavioral Health Community
Key Takeaway: The Administration’s proposed FY 2017 budget would increase funding for Office of the National Coordinator for Health Information Technology (ONC) and the Office of Civil Rights (OCR), in addition to an extra $1.7 billion to expand the Meaningful Use program to include behavioral health providers in FY18.
Why It Matters: The Obama Administration’s final budget included funding for a number of initiatives to further work in precision medicine and to achieve the “moon shot” of curing cancer, with health IT being a benefactor.
ONC’s budget proposal was $82 million, a $22 million jump from the estimated FY 2016 level.
According to the justification, the proposed funding would support ONC’s efforts to upgrade federal health information technology and develop and improve interoperability among health information technology systems across the country. The budget also set forth four legislative proposals focused on interoperability:
• establishing health IT governance certification;
• prohibiting information blocking, which can interfere with the exchange of electronic health information;
• requiring that certified health IT vendors report on their costs, capabilities and performance limitations; and
• providing the ONC with the authority to create a Health IT Safety Collaborative that can come up with ways to improve the reporting of health-IT related safety events.
The proposed budget also would increase funding for OCR by $4 million over the $39 million received in FY16. The funding increase will be used to execute HIPAA compliance audits, which are intended to determine if health-care organizations and their contractors are complying with HIPAA Privacy and Security rules.
Congressional leaders will now put forth their own budgets, which will likely not include the funding increases or program expansions requested by the Administration.
Proposed Changes Outlined for Capturing Substance Abuse in EHRs
Key Takeaway: On February 5, the Substance Abuse and Mental Health Services Administration (SAMHSA) released a proposed rule that would alter restrictions on sharing substance abuse treatment records.
Why It Matters: The proposed rule included many long-awaited changes to privacy rules for sharing substance abuse treatment records among healthcare providers, seeking to refresh privacy rules that have remained unchanged since 1987.
The proposed rule would make it easier for healthcare providers, particularly substance abuse treatment facilities, to electronically share patient records that contain substance abuse treatment information.
SAMHSA is proposing the creation of broader consent forms for 42 CFR Part 2 (Part 2) data, under the proposed rule, allowing patients to broadly permit healthcare providers to access their substance abuse treatment data rather than having to consent every time.
Part 2 rules require patients to consent every time their information is shared, making it difficult for health-care organizations to share their data with researchers who wish to study it.
The comment deadline is April 11.
CHIME and AEHIS Submit Comment on NIST Cybersecurity Framework
Key Takeaway: Last week CHIME and AEHIS submitted joint comments to the National Institute of Standards and Technology (NIST) on the request for information (RFI) pertaining to possible updates to the Framework for Improving Critical Infrastructure Cybersecurity.
Why It Matters: The comments submitted highlight the healthcare sector’s perspective on cybersecurity, citing the mounting concerns voiced by CHIME and AEHIS members as more patient information is not only stored electronically but is also moving across the healthcare system and new threat actors emerge.
The comments recommend NIST work with the healthcare industry to develop healthcare specific guidance. CHIME and AEHIS also called on NIST should work with the Department of Health and Human Services (HHS) and the Department of Homeland Security (DHS) to highlight best industry practice (i.e. wall of fame).
CHIME and AEHIS highlighted the critical role the private sector must play. The comments urged the importance of public and private partnership to help ensure providers of all sizes are able to further their risk management strategies. CHIME and AEHIS also recommended NIST also pay particular attention to fostering an environment through its engagement with other federal stakeholders that moves away from the current environment where cyber risks are passed off to providers who in turn shoulder the entire burden under HIPAA as noted earlier. This includes working with the FDA and OCR to recognize that protecting against cyber threats is a shared responsibility.