Senate Hearing Includes Calls to Delay MU Stage 3 Rulemaking
Key Takeaway: During a Senate hearing last week, Congressional leaders called for a delay of Meaningful Use Stage 3 rulemaking and removal of gag clauses from EHR contracts.
Why It Matters: Last Thursday, the Senate Health, Education, Labor and Pensions Committee hosted the latest in a series of health IT-focuses hearings entitled, entitled, “Achieving the Promise of Health Information Technology: Information Blocking and Potential Solutions,” to examine “information blocking” practices as a barrier to nationwide interoperability.
The Committee heard from:
• David C. Kendrick, M.D., MPH, Chair, Department of Medical Informatics, University of Oklahoma; CEO, MyHealth Access Network, Tulsa, OK
• Michael J. Mirro, M.D., FACC, FAHA, FACP, Past Chair, Medical Informatics Committee, American College of Cardiology; Chief Academic / Research Officer, Parkview Mirro Center for Research and Innovation, Fort Wayne, IN
• David C. Kibbe, M.D. MBA, President and CEO, DirectTrust; Senior Advisor, American Academy of Family Physicians, Washington, DC
• Paul M. Black, MBA, President, Chief Executive Officer and Director, Allscripts, Chicago, IL
Witnesses offered several recommendation to combat information blocking and advancing interoperability including: the need for more robust testing of EHR interoperability, bolstering the Office of the National Coordinator’s (ONC) EHR surveillance program and improving EHR usability for clinicians. Further, the four witnesses unanimously called for the removal “gag clauses” and broader transparency in vendor contracts.
Multiple panelists underscored the importance of the transition to value-based payment models in building demand for interoperability among providers.
Chairman Lamar Alexander (R-TN) outlined six areas in which the Committee would likely be pursuing policy reforms: ownership of an individual’s health data; interoperability; reducing excessive physician documentation; improving security and privacy, bettering EHR usability and Meaningful Use Program fixes. The Chairman expressed is preference for regulatory action due to the imminent need for improvement in many of Committee’s priority areas to ensure the continued use of EHR systems.
Two more hearings are expected when the Senate returns from recess in September, one focused on the ownership of patient data and another featuring perspectives from officials from the Department of Health and Human Services (HHS).
Calls for Stage 3 rulemaking delays are not limited to the Senate. Last week, Congresswoman Renee Ellmers (R-NC-02) announced a forthcoming bill to reform the Meaningful Use Program that among other provisions would delay rulemaking on Stage 3. Further, Congressman Tom Price (R-GA-06), who hosted a town hall meeting with the American Medical Association last week to discuss physician challenges with EHRs, expressed concern during a Ways and Means Committee hearing last week about CMS’ intent to move forward with Stage 3 rulemaking without the proper metrics indicating provider success in Stage 2.
NIST Solicits Feedback on Mobile Medical Device Security
Key Takeaway: The National Cybersecurity Center of Excellence (NCCoE) within the National Institute of Standards and Technology (NIST) has requested industry feedback on a proposal to strengthen privacy and security protocols on mobile devices used in healthcare delivery.
Why It Matters: The guide released last week demonstrates how health care providers can make mobile devices, including as smartphones and tablets, better suited to protect patient information.
Last week, the NCCoE has released the first cybersecurity practice guide for public comment titled, "Securing Electronic Health Records on Mobile Devices." The draft practice guide maps to standards and best practices from NIST and others, and to Health Insurance Portability and Accountability Act (HIPAA) rules. Further, guide accounts for different types of implementations for different circumstances such as when cyber security is handled in-house or is outsourced.
The new series of publications will demonstrate how businesses and other organizations can improve their cybersecurity using standards-based, commercially available or open-source tools.
NCCoE invites stakeholders to download the draft and provide feedback before September 25, 2015.