Legal and Practical Implications of Meaningful Use Attestation

Posted by Krystyna Monticello on May 15, 2012

With over $4 billion paid out to eligible professionals (EPs) and hospitals under the Medicare and Medicaid EHR Incentive Programs as of March 2012 according to CMS, many hospitals are gearing up for or have recently completed successful Meaningful Use attestation for their first Stage 1 90-day reporting period.  The online attestation process itself, as experience shows, is fairly straightforward and can be completed in a short amount of time.  But making sure you have everything to support that you were a “meaningful user” during the applicable reporting period requires careful planning and documentation.  

Know what you are attesting to.  The federal False Claims Act imposes liability on any person submitting a claim to the federal government that he or she knows, or should know, is false.  No proof of specific intent to fraud is required and “knowledge” includes (1) actual knowledge of the information; (2) deliberate ignorance of the truth or falsity of the information; or (3) acting in reckless disregard for the truth or falsity of the information.  State laws may also result in civil or criminal penalties for false claims.

By attesting, the hospital or EP is submitting a claim for payment from the government.  As such, any misrepresentations, material omissions, false claims, statements or documents are subject to prosecution under Federal or State criminal laws and potentially civil penalties.  With all hospitals and EPs on the hook for visits from both CMS and the respective State Medicaid auditors, they must be prepared to show proof that they accurately attested to the best of their knowledge to all measures and objectives and other meaningful use requirements having been met.

It is therefore critical, that, before attestation, the hospital or EP reasonably have the knowledge to attest that it was a meaningful user during the applicable EHR reporting period and that all data is (1) accurate and complete to the best of his or her knowledge; (2) includes information on all patients to whom the measure applies; and (3) for CQMs, that the numerators and denominators were generated as output from certified EHR technology. 

At an absolute minimum, the hospital or EP must ensure that all measure thresholds were appropriately met, all patients to whom a measure applied were included in the denominator (or properly excluded), and interpretations of any “grey areas” are clearly documented.  The hospital or EP should be familiar with any clarifying language in the Preamble to the EHR Incentive Programs Final Rule as well as any relevant and available CMS Frequently Asked Questions.    

Other practical considerations to support attestation and defend against potential audit by CMS or the State include:

  • Have all data readily available that must be entered during the attestation process (e.g., CMS EHR Certification Number, method for calculating ED visits, all applicable numerators and denominators).  CMS has made available an Attestation Worksheet for assistance with the online attestation process.
  • Document all certified EHR technology reports and supplemental data reports, as well as measure checklists, screenshots, test results and any assumptions or processes concerning workflows or interpretations for any given individual measure that support meaningful use during the applicable EHR reporting period.  Be prepared to show documentation to support all “yes/no” attestations.  For example, documentation for “exchange key clinical information” could include potentially screenshots of the test information that was sent to the third party health care provider and the testing “script” showing the date and success or failure of the exchange.   
  • When using multiple certified EHR systems, CMS as of April 20, 2012 will permit those numerators and denominators generated by the respective certified EHR systems reports to be added together, rather than requiring the hospital or EP to reconcile the reports to account for unique patients as CMS required in the past.  If a hospital or EP has already attested and reconciled for unique patients, keep all reports used to aggregate the data and that support the numerators and denominators attested to.
  • Keep all documentation to support your meaningful use, including to support patient volume thresholds, and incentive payment calculations for the Medicare and/or Medicaid EHR Incentive Programs, for a period of six years from the date of your attestation (three years to support Medicaid Adoption/Implementation/Upgrade payments).

Remember that for hospitals, July 3, 2012 is the last day to begin your 90-day reporting period for Stage 1.  Be sure also to keep an eye on both the CMS and your State’s EHR Incentive Program websites for additional information regarding audits or updates to the respective Meaningful Use programs.  Subscribing to the CMS EHR Incentive Program Listserv will ensure that you receive any new or updated FAQs from CMS as well as other important information about the EHR Incentive Programs. 

Oscislawski LLC and Blass Affiliates have teamed up to help a number of hospitals successfully attest for Meaningful Use Stage 1.  The experienced consultants at Blass provide hands-on guidance and software compliance management support to help clients succeed with Meaningful Use through ComplyAssistant, its web-based compliance management tool, and the knowledgeable attorneys at Oscislawski LLC keep on top of Meaningful Use regulatory developments and offer legal interpretation and guidance to clients.  

Public Comments for Meaningful Use Stage 2 NPRM Due May 7

Posted by Krystyna Monticello on May 01, 2012

The clock is ticking for interested parties to submit comments in response to the CMS and ONC Meaningful Use Stage 2 Notices of Proposed Rulemaking (NPRM).  The deadline for submission of comments is 5pm on Monday, May 7.  CMS has requested public comment on a variety of specific Stage 2 proposed requirements, such as for CQM reporting, transport standards, and the active role of patients proposed for certain objectives and measures. ONC likewise has requested public comment on proposed new and revised standards, implementation specifications and certification criteria. Public comments may also be submitted in general on any of the proposed new or revised Stage 1 and Stage 2 requirements.   

For a summary of the changes proposed by the CMS NPRM, check out my previous posts, Proposed Rule for Meaningful Use Stage 2 Released and Meaningful Use Stage 2 Ramps up HIE.  Formal comments can be submitted directly online through the respective CMS and ONC NPRM websites. Entities currently participating in or considering participating in the Medicare or Medicaid EHR Incentive Programs are strongly encouraged to submit comments on the NPRMs as feedback is critical for improvement of the EHR Incentive Programs and accomplishing the goals of Meaningful Use. 

CMS Updates Meaningful Use FAQs for Multiple Certified EHRs

Posted by Krystyna Monticello on April 23, 2012

Coming a little too late for hospitals and eligible professionals who have already attested or begun to attest for 2012, CMS has kindly taken a step back on Meaningful Use requirements for accounting for unique patients in calculating numerators and denominators during attestation in the release of an updated FAQ on April 20.  Retracting its previous requirement that any hospital attesting with multiple certified EHR technology, or any eligible professional seeing patients at multiple locations with certified EHR technology, reconcile the various reports generated by the certified EHR technology to ensure only "unique patients" were counted in the numerators/denominators, CMS now permits hospitals and eligible professionals to simply add the numerators and denominators from the reports generated by the certified EHR technology.  

CMS states,

For objectives that require an action to be taken on behalf of a percentage of "unique patients" (e.g., the objectives of "Record demographics", "Record vital signs", etc.), EPs, eligible hospitals, and CAHs may also add the numerators and denominators calculated by each certified EHR system in order to arrive at an accurate total for the numerator and denominator of the measure. Previously CMS had advised providers to reconcile information so that they only reported unique patients. However, because it is not possible for providers to increase their overall percentage of actions taken by adding numerators and denominators from multiple systems, we now permit simple addition for all meaningful use objectives.

This therefore removes one step from the attestation process, eliminating the need to reconcile various reports to ensure patients aren't counted twice. However, hospitals and eligible professionals still must count any patients whose records are not maintained in certified EHR technology where applicable in order to provide accurate numbers.  All of the CMS FAQs are available on the newly designed CMS Frequently Asked Questions page by clicking on the topic "Electronic Health Records Incentive Programs."

Meaningful Use EP Eligibility Appeals Extended to April 30, 2012

Posted by Krystyna Monticello on April 20, 2012

As a reminder to eligible professionals (EPs) participating in the Medicare EHR Incentive Program, CMS has extended the deadline within which an EP may file an eligibility appeal to Monday, April 30, 2012.  In general, there are three types of appeals afforded to EPs:  eligibility appeals, meaningful use appeals, and incentive payment appeals. 

Eligibility appeals provide an EP with the chance to show that he or she should have receive an incentive payment as all meaningful use requirements were met, but could not because of circumstances outside of the EP's control.  There are two levels of review afforded under the Medicare EHR Incentive Program appeals process:

  • Informal review;
  • Request for reconsideration if the EP does not win in the informal review.  

EPs should be aware that all relevant issues must be presented in the initial appeal as any issues raised at a later time will not be considered absent special circumstances. When filing an appeal, EPs should be prepared to provide any additional documentation requested within seven (7) calendar days from a request.

CMS strongly encourages EPs and other providers to communicate with OCSQ, the designated appeals coordinator, about any questions on specific issues or providing documentation in order to avoid having an appeal dismissed. Additional guidance on the appeals process is available here.  Appeals may be filed through OCSQ.

Meaningful Use Stage 2 NPRM Ramps Up HIE

Posted by Krystyna Monticello on March 16, 2012

With electronic health information exchange ("HIE") leaping out of the 132-page Meaningful Use Stage 2 Notice of Proposed Rulemaking ("Stage 2 NPRM), it is clear that while Stage 2 will continue to afford flexibility to eligible professionals ("EP"), hospitals and critical access hospitals ("CAH"), CMS is not shy about heightening its expectations for HIE.  The Stage 2 NPRM proposes several changes to existing Stage 1 objectives as well as proposes additional objectives for Stage 2 which would officially begin in 2014.

For starters, only one of the Stage 1 hospital core objectives involves HIE with "capacity to exchange key clinical information" satisfied by a test or even a failed test of exchange of clinical information with an outside health care provider.  And although four of the ten Stage 1 menu set objectives applicable to hospitals require HIE, at a minimum only one of these objectives would need to be satified out of the menu set objectives hospitals could choose from. Hospitals and EPs are required by Meaningful Use to meet all core objectives, whereas they have the option to choose from available menu set objectives (five of ten for hospitals in Stage 1, with two of four proposed in Stage 2), only one of which must be a population/public heath objective. 

The Stage 2 NPRM would move these Stage 1 public health/population menu set objectives to the core objectives for hospitals and EPs, with syndromic surveillance remaining a menu set measure for EPs.  Ongoing transmission of data to immunization registries as well as submission of data on reportable lab results and syndromic surveillance data to public agencies would also be required with testing no longer sufficient.

The Stage 1 core objective "capacity to submit key clinical information" would be removed effective in 2013 (with CMS welcoming comment on this and its replacement).  For Stage 2, hospitals and EPs would move instead to the now-core objective of "provide summary of care document" with 10% required to be provided electronically through HIE to other health care providers.  Likewise, new objectives and measures proposed for Stage 2 would also require HIE.  For EPs, new menu set objectives would require ongoing submission of data to cancer and specialized registries.  And for hospitals and EPs alike, although not proposed in the Stage 2 NPRM, CMS specifically requested comment on whether imaging results, which would have to be accessible through certified EHR technology as a new menu objective, should also be exchanged through HIE. 

Another area clearly marked on CMS's agenda is stronger patient engagement through HIE, with patient utilization actually required in order to meet certain objective measures. In Stage 1, for example, EPs and hospitals were required to provide patients with an electronic copy of their health information upon request.  The Stage 2 NPRM would propose to change this to requiring the ability of the patient to print, view, and download their health information online, but also to actually having a percentage of patients utilize this resource (10%).  If 10% of all patients did not choose to access their health information this way, an EP or hospital would fail to meet meaningful use.  EPs would also be required under the Stage 2 NPRM to use electronic messaging to communicate with at least 10% of their patients about their health information.  Only messages sent by a patient would count for numerator calculation. 

A public comment period will remain open for sixty days from the date of publication in the Federal Register (March 7 - May 7, 5pm) for both the Stage 2 NPRM and the Standards, Implementation Specifications and Certification Criteria NPRM.  EPs and hospitals are strongly urged to submit comments, whether in general to proposed Stage 2 NPRM requirements as well as in response to specific questions posed by CMS.  

Proposed Rule for Meaningful Use Stage 2 Released

Posted by Krystyna Monticello on February 24, 2012

Yesterday, the Meaningful Use Stage 2 Proposed Rule was made available on the Office of the Federal Register Electronic Public Inspection Desk.  The Proposed Rule will be published March 7 and will be open for public comment for sixty days.

With a focus on data exchange, the Proposed Rule addresses the Stage 2 meaningful use criteria that eligible professionals and hospitals must meet as well as proposes certain changes to existing Stage 1 criteria.  Nearly all Stage 1 core and menu objectives would remain in place for Stage 2, and eligible hospitals would be required to meet 16 core objectives and 2 out of 4 menu objectives.  Eligible professionals would be required to meet 17 core objectives and 3 out of 5 menu objectives. 

CMS has specifically requested public comment regarding processes for electronic clinical quality measure (CQM) reporting.  Eligible hospitals would be required to report on 24 CQMs with eligible professionals reporting on 12.  The Proposed Rule would also include clinical quality reporting within the definition of "meaningful EHR user" and remove it as a separate objective beginning in 2013. 

Another significant area made more robust by the Proposed Rule is the ability of patients to have electronic access to their health information (e.g., view, download), rather than access to only electronic copies of their information and discharge instructions as originally required by Stage 1.  Additionally, hospitals and eligible professionals are also required in connection with the HIPAA risk assessment that must be performed to specifically address encryption/security of EHR data at rest.  While the Proposed Rule would not require actual implementation of encryption mechanisms, it would require each hospital and eligible professional to assess the reasonableness and appropriateness of encrypting electronic PHI, and, if not reasonable, adopting alternative equivalents. 

Other proposed changes, although by far not an exhaustive list, include:

  • A more "robust" "transitions of care" core objective instead of the core objective of Stage 1 "exchange of key clinical information", requiring exchange of summary of care records for each transition or referral of care;
  • Requiring utilization of clinical decision support intervention for improving performance on high priority health conditions to relate to 5 or more CQMs which the EP or hospital would be required to report on (proof of actual improvement not required);
  • Consolidation of certain Stage 1 objectives within Stage 2 objectives:
    • "Use clinical decision support to improve performance on high-priority health conditions" would include Stage 1 drug-to-drug and drug-allergy checks
    • "Summary of care record for each transition or referral of care" would include Stage 1 active medication, allergy and problem lists
    • eRX objectives for eligible professionals and hospitals would include Stage 1 drug formulary checks
  • Expansion of CPOE to medication, laboratory and radiology orders, clarification on how and when CPOE must occur, and increase of measure from 30% to 60% of orders created;
  • Secure e-mail protocols
  • Expansion of the definition of a Medicaid patient encounter;
  • Process for Medicare payment adjustment beginning in 2015; and
  • Official delay of Stage 2 until 2014.

The ONC Standards and Certification Proposed Rule with additional guidance and standards for certified EHR technology is also expected to be released today so stay tuned.  

HITECH Omnibus and AOD Rules Set for OMB Review

Posted by Krystyna Monticello on February 16, 2012

Health Data Management reports that the long-awaited HITECH Omnibus Rule as well as the Accounting of Disclosures (AOD) Rule are set for OMB review.  Expected also are proposed regulations for Meaningful Use Stage 2.  HHS released its semi-annual regulatory agenda in January to the Office of Management and Budget (OMB).  As with other agencies, the agenda identifies key regulatory priorities over the next months.

The HITECH Omnibus Rule is expected for publication in March of this year with the AOD Rule not until June.  The proposed regulations for Meaningful Use Stage 2 are still expected this month, February.  While OMB review could hypothetically take a matter of weeks, the OMB may take up to ninety (90) days to review regulations before publication, as well as potentially extend the deadline. 

CMS Provides Guidance on Meaningful Use Appeals Process

Posted by Krystyna Monticello on January 26, 2012

CMS has released additional guidance for hospitals and eligible professionals on the Medicare EHR Incentive Program appeals process.  The CMS Office of Clinical Standards and Quality (OCSQ), together with Provider Resources, Inc., the CMS appeals support contractor, will accept and review appeals filed by eligible professionals and hospitals. For those individuals and organizations participating in the Medicaid EHR Incentive Program, each state will have its own process for Medicaid appeals. 

CMS began accepting appeals December 1, 2011.  Appeals may be filed by eligible professionals and hospitals through an online web portal.  In addition to eligibility determinations, eligible professionals and hospitals may appeal denials of status as a meaningful user as well as incentive payment calculations.

For hospitals, the deadline to appeal eligibility determinations has been extended to January 30, 2012.  In general, a hospital or eligible professional has sixty (60) days after the issuance of an incentive payment to appeal the amount of the payment made.  Additionally, hospitals and eligible professionals have thirty (30) days to appeal denials of their status as a meaningful user after receipt of a letter with the results of a meaningful use audit conducted by CMS.  Limited extensions will be granted on a case-by-case basis under extenuating circumstances.

The first OCSQ informal review determination was released on January 19, 2012.  CMS plans on making this and other OCSQ appeals opinions available in February on its EHR Incentive Program Appeals website.  These opinions may provide additional guidance to eligible professionals and hosptials seeking to attest in 2012 for their first payment year.

Over $2 billion paid in Meaningful Use Incentive Payments and Counting

Posted by Krystyna Monticello on January 20, 2012

In a report submitted to the Health Information Technology Policy Committee on January 10th, CMS highlighted progress in the Medicare and Medicaid EHR Incentive Programs ("Meaningful Use") and registration and attestation numbers for eligible hospitals and eligible professionals ("EPs"). For 2011, the two programs paid out over $2.5 billion in Meaningful Use incentive payments to EPs and hospitals who attested to Meaningful Use for 2011.

In 2011, 124,089 EPs registered for Medicare, 39, 503 EPs registered for Medicaid, and 2,834 hospitals registered for both programs.  Out of the 842 hospitals that attested to Meaningful Use for FY 2011, 100% were succesful, with 99% of EPs that attested for 2011 also succesful.

CMS has made available additional information on a state-by-state basis which can be viewed on its EHR Data and Reports page.  You'll notice also that CMS has "modernized" the look and feel of its webpages, not only for Meaningful Use, but in general for Medicare, Medicaid and other web resources.   

Hospitals in their second payment year will generally need to meet Stage 1 Meaningful Use requirements for the full 12-month period in FY 2012.  Due to concerns about the ability of EHR vendors to certify their products in compliance with Stage 2 requirements, once finalized, HHS has proposed to delay Stage 2 Meaningful Use, which was originally set to begin in 2013 for those who attested in 2011. 

Input from the vendor community and the provider community makes clear that the current schedule for compliance with Stage 2 meaningful use objectives in 2013 poses a challenge for those who are attesting to meaningful use in 2011.  The current timetable would require EHR vendors to design, develop, and release new functionality, and for providers to upgrade, implement, and begin using the new functionality as early as October 2012.

HHS has indicated that those hospitals and EPs that attested in 2011 would be able to attest to Stage 1 requirements for an additional year, giving them the benefit of attesting to the more lenient Stage 1 requirements again in their third payment year (FY 2013 for hospitals).

The delay is not expected to affect hospitals and EPs who attest to Meaningful Use for their first payment year in 2012.  It would also not affect any hospitals or EPs who attested under Medicaid for "Adoption, Implementation and Upgrade" incentive payments for their first payment year in 2011. 

CMS is expected to formalize this delay in the proposed rule for Stage 2 which is expected to be released this month or in February.  For more information about the Medicare/Medicaid EHR Incentive Programs, visit the CMS EHR Meaningful Use webpage

HITPC Releases Tiger Team EHR Amendment/Correction Recommendations

Posted by Helen Oscislawski on July 27, 2011

The ONC Health Information Technology Policy Committee (HITPC) released the Privacy & Security Tiger Team (Tiger Team) recommendations concerning amendments and corrections to electronic medical records (EMRs) in a letter to HHS on July 25, 2011 (HITPC Letter).  The Tiger Team's two recommendations are:

  • Certified electronic health record (EHR) technology for Meaningful Use Stage 2 should have the capability to support amendments to health information as well as support compliance with HIPAA obligations to respond to patient requests for amendments, specifically (i) to make it technologically possible for providers to make amendments consistent with their obligations with respect to the legal medical record (e.g., access/view the original data and identify changes made); and (ii) attach any information from the patient and any rebuttal from the entity regarding disputed data.
  • Certified EHR technology for Meaningful Use Stage 2 should have the ability to transmit amendments, updates or appended information to other providers to whom data in question had previously been transmitted. 

The recommendations address the concerns of stakeholders regarding technological capabilities of EHR systems to assist covered entities in complying with HIPAA amendment and correction procedures for their EMRs.  They also address issues concerning data integrity and quality when correcting errors in patient information not at the request of the patient or communicating updates in patient information. 

HIPAA requires covered entities to comply with specific procedures for correcting or amending protected health information (PHI) within their records where a patient requests such correction or amendment.  In addition, the principle of "correction" was adopted by the Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information, which requires timely means provided to individuals to dispute the accuracy or integrity of their health information.  

The Tiger Team recommends that the HIT Standards Committee develop standards, specifications and criteria for the certified EHR technology, and that any technological capabilities be kept as simple as possible to start.  Capabilities could evolve over time and become more complex, including "potentially greater standarization and automation."  Most notably, the Tiger Team rejected placing affirmative obligations on providers to inform other providers and entities about errors which were not identified in response to a patient's request, citing the "range of different errors that could occur" and the potential difficulty in distinguishing between what was a difference in medical opinion and an actual error, deciding,

...Providers' existing ethical and legal obligations were sufficient to motivate them to use appropriate professional judgment regarding when to inform any known or potential recipients of amendments to health data.

Finally, the HITPC letter notes that the Tiger Team considered whether health information exchange organizations (HIOs) should be obligated to correct errors and transmit amendments or updates to affected providers where they may be responsible for such errors.  The Tiger Team has specifically sought input from the HITPC and will continue to research existing HIO policies prior to developing future recommendations on this issue. 

The full HITPC letter may be found here: HITPC Privacy & Security Tiger Team Amendment Recommendations

Meaningful Use Missing for Behavioral/Mental Health

Posted by Krystyna Monticello on March 23, 2011

As Meaningful Use participation kicks off this year, eligible health care providers and facilities are scrambling to make sure they will qualify for the incentive payments being shelled out by the Medicare and Medicai EHR Incentive Programs ("EHR Incentive Programs") established by the American Recovery and Reinvestment Act as part of HITECH.  Yet, key sets of providers and facilities are glaringly missing from the list of those eligible for the EHR Incentive Programs.

The need to incorporate substance abuse, behavioral and mental health treatment professionals and facilities into a cohesive network of treatment along with the rest of an individual's medical treatment has long been recognized nation-wide.  However, these crucial health care providers and facilities are not currently eligible standing alone to receive incentive payments for incorporating meaningful use of EHR technology into their practices and facilities.

The Current Payment Structure

As currently provided for by HITECH and ONC's regulations, certain providers and facilities are eligible for incentive payments where they demonstrate "meaningful use" of certified EHR technology.  The EHR Incentive Programs exclude:

  • Clinical psychologists
  • Psychiatric hospitals
  • Clinical social workers
  • Mental health and substance abuse treatment facilities

For example, a community behavioral health organization ("CBHOs") would not be eligible for incentive payments even though providing the same or additional services that a hospital (eligible for facility incentive payments) might provide.  Likewise, while a psychiatrist, primary care physician or nurse practitioner affiliated with a CBHO could potentially receive incentive payments as "eligible professionals", the facility itself along with other health care providers, such as psychologists and clinical social workers providing services there, would not. 

Although the availability of funding may have played a large part of this omission, the exclusion of substance abuse and behavioral and mental health from the EHR Incentive Programs runs contrary to the very ideology and goals of the Programs.  By far, the populations served by these providers and facilities are in greatest need for the improved efficiency, quality, coordination and integration of health care that EHR technology facilitates.

The Need for Increased Eligiblity: The Behavioral Health Information Technology Act of 2011

Extending the EHR Incentive Programs to these key providers and facilities would provide much needed assistance in the adoption and implementation of EHR technology.  It would help substance abuse, mental and behavioral health professionals access recent and up-to-date patient medical histories and would improve the accuracy of diagnoses, the quality of care received by patients and bridge gaps in the provision of mental and substance abuse treatment services.  With access to EHR technology, physicians and substance abuse or mental and behavioral health professionals would be better able to coordinate adn integrate mental or behavioral health care into the rest of a patient's medical care, especially for patients admitted through hospital Emergency Departments who may be involved in care at multiple facilities.

Last week, legislation was introduced into the Senate with the aim of rectifying this oversight. The Behavioral Health Information Technology Act of 2011 ("BHITA" for short), S. 539, was sponsored by Senator Sheldon Whitehouse and seeks to expand eligibility for Meaningful Use participation to substance abuse and behavioral and mental health providers and facilities. Sen. Whitehouse stated,

"Mental health care is a critical component of a health care safety net and allowing these providers access to cost-saving, quality-enhancing advances in health information technology will improve the care that millions of Americans receive." 

Previous efforts to amend HITECH have unfortunately already failed, as a similar bill, the Health Information Technology Extension for Behavioral Health Services Act, H.R. 5040, died in the House last year.  However, the similar BHITA introduced this year into the Senate shows that the need to include these vital providers and facilities continues to be recognized by policymakers.

The BHITA would:

  • Extend Medicare and Medicaid eligible professional incentive payments to clinical psychologists and social workers
  • Extend Medicare incentive payment eligibility to community mental health centers, private and public psychiatric hospitals, residential/outpatient mental health and substance abuse treatment facilities
  • Clarify eligibility for community health centers, psychiatric hospitals, substance abuse and behavioral and mental health professionals, residential/outpatient mental health/substance abuse treatment facilities as Health Information Technology Regional Extension Centers

If passed (and it has only made its way to the Senate Finance Committee so far), the BHITA would be one big step towards treatment of the individual as a whole through better integration and coordination of medical care with substance abuse and mental and behavioral health care.  Yet even if passed, additional efforts will likely still be needed to achieve complete efficiency, integration and coordination of care for other populations.

An amendment or similar program for long term care facilities may also be necessary in the future, as individuals in need of long term care comprise yet another population desperately in need of efficient and coordinated systems. Although the Patient Protection and Affordable Care Act provides grants for long term care facilities, the grants are nothing like the aggressive EHR incentive payments and program created by HITECH.  To achieve the goals sought after by the EHR Incentive Programs of efficiency, coordination and improved quality of care for patients, these facilities, along with the providers of substance abuse, mental health and behavioral health treatment and services, need to be folded into the EHR development and implementation process.     

ONC Open Casting Calls

Posted by Helen Oscislawski on February 18, 2011

Prepared by Krystyna Nowik, Esq.

Last week, ONC opened a thirty-day window for organizations to apply to become the sole accrediting entity to oversee certifying organizations under the Permanent Certification Program for Health Information Technology (“Certification Program”). The Certification Program ensures certain electronic health record ("EHR") technology includes required capabilities for participation in the Medicare and Medicaid EHR Incentive Programs, which provide incentive payments to certain eligible health care professionals, hospitals and critical access hospitals that demonstrate meaningful use of certified EHR technology to adopt and utilize EHRs (“Meaningful Use”).

Currently, EHR vendors must be tested and certified by one of six ONC-approved entities (ONC-Authorized Testing and Certification Body or ONC-ATCB) under a temporary certification program implemented to ensure certified EHR technology was available for incentive payments beginning this year. Vendors who seek ONC-ATCB certification of their EHR technology as either a “Complete EHR" or an “EHR Module” must demonstrate compliance with certain capabilities, standards, implementation specifications and certification criteria. Once EHR technology has been ONC-ATCB certified, it can be used by health providers and hospitals to meet applicable meaningful use requirements. Complete EHRs provide all applicable certification criteria and the minimum capabilities a participant needs to comply with Meaningful Use. They may also include additional functions. EHR Modules, on the other hand, meet at least one, but not all, of the required certification criteria, and a combination of EHR Modules may be used to comply with Meaningful Use.

With the Final Rule for the Certification Program issued this January, accreditation and oversight is placed in the hands of the ONC Approved Accreditor or ONC-AA, which will be selected competitively every three years. The ONC-AA will be responsible for overseeing the ONC-ATCB entities and accrediting the Authorized Certified Bodies (ONC-ACB) under the Certification Program. Competing organizations for the ONC-AA will have to show what their proposed requirements would be for accrediting the ONC-ACBs, how surveillance of certified EHR technology would be conducted, their requirements for key personnel conducting the accreditation, and investigation and responding to complaints about ONC-ACBs. They also must show how they would adhere to ISO/IEC17011:2004 and experience with ISO/IEC Guide 65:1996, standards developed by the International Standardization Organization that specify general requirements for approving conformity assessment organizations and for product certifying organizations.

The ONC-ACBs replace the ONC-ATCBs created by the temporary certification program. Although ONC-ATCB status ends upon the sunset of the temporary certification program, certifications issued by ONC-ATCBs through the 2011/2012 payment years do not need to be re-certified for those years until ONC-ACB certification processes are in place.

The Notice for submission of requests for ONC-AA status may be found here.

The 800-Pound HIE Gorilla Tiger in "Meaningful Use"

Posted by Helen Oscislawski on July 09, 2010

There has been a lot of discussion around the Meaningful Use (MU) criteria. CMS has an entire website dedicated to the subject, as does ONC. Although the clinical criteria of MU may garner much of the attention, the privacy and security components are also significant.  In particular, the MU criteria pertaining to Health Information Exchange (HIE) raise certain fundamental privacy questions.

In short, the HIE requirements for MU include the ability to: (1) exchange “key” clinical information among providers of care and patient authorized entities electronically, and (2) perform at least 1 test of exchanging information. The crucial question, then, is what exactly does "and patient authorized entities" suggest?  In listening to the privacy discussion taking place in various ONC Workgroups, including the newly-established Privacy & Security Tiger Team, one could reasonably conclude that this requirement might evolve to mean that a HIE will need to be able to capture and implement patients' specific and granular preferences (e.g., patient is "ok” with releasing info to Provider B, but not to Provider C) -- at least if you want to meet MU criteria

This interpretation, however, could throw a wrench into HIE networks across the nation that have implemented an Opt-Out consent model in part in reliance on a legitimate belief that when HHS adopted the final version of the HIPAA Privacy Rule it also vetted and already decided the question of whether a patient's prior written authorization should be required before general health information can be shared between treating providers for treatment purposes -- and it affirmatively decided to create the "Treatment Exception".  In fact, many states have laws that contain a similar exception. New Jersey, for example, specifically permits two treating doctors to share pertinent information about a common patient and expressly states that the prior consent is not required in such instances if it is in the best interest of the patient (see N.J.A.C. 13:35-6.5(d)3).

Links to the full legislative history related to the promulgation of the HIPAA Privacy Rule can be found on HHS’s website, but, a closer look at the August 14, 2002 “Modification to the HIPAA Privacy Rule –Final Rule" are worth a second read in particular.  For those who wish to review it in full, I have posted a full exerpt of the relevant sections under the “Continue Reading” window below, but in sum HHS removed the requirement of obtaining prior patient authorization after reviewing numerous public comments on the issue and concluding that:

As a result of the large number of treatment-related obstacles raised by various types of health care providers that would have been required to obtain consent, the Department became concerned that individual fixes would be too complex and could possibly overlook important problems. Instead, the Department proposed an approach designed to protect privacy interests by affording patients the opportunity to engage in important discussions regarding the use and disclosure of their health information through the strengthened notice requirement, while allowing activities that are essential to quality health care to occur unimpeded ...

The Final HIPAA Privacy Rule was adopted after HHS released multiple proposed versions, considered significant public comment, and followed administrative rule-making procedures -- all over the course of almost 3 years. Thus, as policies are recommended and developed for the HIE context, prior debate and dialogue is relevant and should not be forgotten or dismissed.

Continue Reading