Salient Features of India constitution especially power and functions
Issue Brief - EHRs
1. Issue Brief: Electronic Health Records Seeler 1
Background
President George Bush signed an executive order in April 2004 directing the Secretary of
Health and Human Services (HHS) to establish the position of National Health Information
Technology Coordinator. This individual was tasked with overseeing the development a
nationwide interoperable health information technology infrastructure that, among other things:
• improves health care quality,
• reduces medical errors,
• decreases health care costs resulting from inefficiency, medical errors,
inappropriate care, and incomplete information,
• while ensuring the security of personally identifiable health information.1
The Office of the National Coordinator for Health Information Technology (ONC), as the
department is now called, is focusing on electronic medical records to achieve its mission of
“improv[ing] health and health care for all Americans through use of information and
technology.”2
What is an Electronic Health Record (EHR)?
Also known as electronic medical records or personal health records, EHRs can loosely
be seen as “a set of computer-based tools that allow people to access and coordinate their
lifelong health information and make appropriate parts of it available to those who need it.”3
More particularly, HHS defines an EHR as:
1
President, Executive Order, “Incentives for the Use of Health Information Technology and
Establishing the Position of the National Health Information Technology Coordinator,” Federal Register 69, no. 84:
(April 2004).
2
Office of the National Coordinator for Health Information Technology, FY 2012 Congressional Budget
Justification (Washington DC, 2011).
3
Kaelber, David C., Ashish K. Jha, Douglas Johnston, Blackford Middleton, and David W. Bates, "A Research
Agenda for Personal Health Records (PHRs)," Journal of the American Medical Informatics Association 15, no. 6
(2008): 729-736.
2. Issue Brief: Electronic Health Records Seeler 2
A real-time patient health record with access to evidence-based decision support tools
that can be used to aid clinicians in decision making. The EHR can automate and
streamline a clinician's workflow, ensuring that all clinical information is communicated.
It can also prevent delays in response that result in gaps in care. The EHR can also
support the collection of data for uses other than clinical care, such as billing, quality
management, outcome reporting, and public health disease surveillance and reporting.4
What Types of Legislation are Related to EHRs?
There are two main pieces of legislation that greatly impact the nature and use of EHRs:
the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health
Information Technology for Economic and Clinical Health Act (HITECH), which was passed as
part of the American Recovery and Reinvestment Act (ARRA) of 2009.
HIPAA
The main objective of HIPAA when originally enacted was to “improve portability and
continuity of health insurance coverage in the group and individual markets.”5 Sections 261
through 264 of HIPAA, referred to as “Administrative Simplification” rules, require the
Secretary of HHS to publicize national standards for the electronic exchange, privacy and
security of health information. The Centers for Medicare & Medicaid Services (CMS)
administer and enforce the following Administrative Simplification rules: Transactions and Code
Sets Standards, Employer Identifier Standard, and National Provider Identifier Standard.6
The act also mandated that the Secretary issue privacy regulations governing personally
identifiable health information, if Congress did not enact privacy legislation within three years.
Because Congress did not reach a consensus, HHS developed a proposed rule and released it for
4
Department of Health and Human Services, “HealthIT.hhs.gov:Glossary,” Glossary of Selected Terms Related to
Health IT, last modified December 4, 2009,
http://healthit.hhs.gov/portal/server.pt/community/health_it_hhs_gov__glossary/1256
5
Health Insurance Portability and Accountability Act of 1996, H.R. 3103, 104th Cong., 2nd sess.
6
Department of Health and Human Services, “HIPAA Administrative Simplification Statute and Rules,” HIPAA
Administrative Simplification Statute and Rules, http://www.hhs.gov/ocr/privacy/hipaa/administrative/index.html
3. Issue Brief: Electronic Health Records Seeler 3
public comment in November 1999. The final regulation, known as the Privacy Rule, was
published December 2000. It was later amended in August 2002.7
The Privacy Rule applies to all health plans, health care clearinghouses, and any health
care provider who transmits health information in any format. It seeks to protect individually
identifiable health information, such as a person’s past, present, or future physical condition by
defining and limiting circumstances in which someone’s protected health information may be
used or disclosed by covered entities. Some measures include requiring covered entities to
provide notice of their privacy practices to patients, the ability of patients to authorize access to
their medical records, and the right of people to view and obtain a copy of their own records.8
HHS proposed rule protecting the integrity, confidentiality, and availability of electronic
personally identifiable health information held or transmitted by covered entities and released it
for public comment in August 1998. The final regulation, known as the Security Rule, was
published in February 2003.
The Security Rule applies to covered entities that transmit health information in an
electronic format. It specifies a series of administrative, technical, and physical security
procedures for covered entities to use to assure the confidentiality, integrity, and availability of
personally identifiable health information. Covered entities are also expected to protect against
reasonably anticipated and impermissible uses or disclosures, guard against anticipated threats to
security or integrity of information, and ensure compliance by their workforce.9
Neither the Security Rule or Privacy Rule dictate how covered entities should achieve
these objectives, understanding that providers vary greatly in size and needs.
7
Department of Health and Human Services, “Summary of the HIPAA Privacy Rule,” Summary of the HIPAA
Privacy Rule, http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
8
Ibid.
9
Department of Health and Human Services, “Summary of the HIPAA Security Rule,” Summary of the HIPAA
Security Rule, http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
4. Issue Brief: Electronic Health Records Seeler 4
HITECH
President Barack Obama signed the American Recovery and Reinvestment Act (ARRA)
in February 2009, which the Health Information Technology for Economic and Clinical Health
Act (HITECH) was part of. The act widens the scope of privacy and security protections offered
under HIPAA, increases potential liability for non-compliance, and provides more enforcement.
HITECH also amends Title XXX of the Public Health Service Act by adding various
opportunities to advance health information technology.
One example of this is the grant, loan, and demonstration programs. The Secretary of
HHS is required to allocate funds among various agencies, such as ONC, CMS, Agency for
Healthcare Research and Quality, and Indian Health Service with the intent to support health
information technology, development and adoption of appropriate certified EHRs, and training
on and dissemination of information on best practices to integrate health information technology
into providers’ delivery of care among others.10
HITECH also provides specifications for regional assistance centers, state grants, and to
Indian tribes. The act allocates funding for demonstration projects to develop academic curricula
integrating certified EHR technology in the clinical education of health professionals.11 During
the 2009-2010 fiscal year, HHS allocated $235 million to the Beacon Community Cooperative
Agreement Program for communities to build and strengthen their health information technology
infrastructure. The Strategic Health IT Advanced Research Projects (SHARP) Program was
given $60 million to fund research focused on finding solutions to address well-documented
problems that have impeded adoption of EHRs: security of health information technology,
10
Health Information Technology for Economic and Clinical Health (HITECH) Act, Title XIII of Division A and
Title IV of Division B of the American Recovery and Reinvestment Act of 2009 (ARRA), Pub. L. No. 111-5 (Feb.
17, 2009)
11
Ibid.
5. Issue Brief: Electronic Health Records Seeler 5
patient-centered cognitive support, healthcare application and network platform architectures,
and secondary use of EHR data.12
A key component included in the HITECH Act is the provision of financial incentives to
professionals, eligible hospitals and critical access hospitals for certified EHR adoption under
Medicare and Medicaid. CMS coordinates this aspect of the legislation. Eligible providers can
register as early as 2011, but must participate by February 29, 2012 in order to receive the
maximum incentive payment. Starting in 2015, eligible parties that do not successfully
demonstrate meaningful use will have a payment adjustment to their Medicare reimbursement,
although this will not apply under the Medicaid EHR Incentive Program.13
What is “Meaningful Use”?
Providers are expected to demonstrate their use of certified EHR technology in ways that
be measured significantly in quality and in quantity. More particularly, ARRA outlines three
elements of Meaningful Use:
• The use of a certified EHR in a meaningful manner, such as e-prescribing.
• The use of certified EHR technology for electronic exchange of health
information to improve quality of health care.
• The use of certified EHR technology to submit clinical quality and other
measures.14
Meaningful Use criteria will by laid out in three stages from 2011 to 2015. Stage 1 (2011
and 2012) sets a baseline for electronic data capture and information sharing. Stages 2 and 3
12
Office of the National Coordinator for Health Information Technology, Celebrating the First Anniversary of the
HITECH Act and Looking to the Future, Health Information Technology for Economic and Clinical Health
(Washington DC, 2010).
13
Centers for Medicaid and Medicare Services, “Overview EHR Incentive Programs,” Overview, last modified
April 18, 2011, http://www.cms.gov/EHRIncentivePrograms/
14
Centers for Medicaid and Medicare Services, “CMS EHR Meaningful Use Overview EHR Incentive Programs,”
CMS EHR Meaningful Use Overview, last modified April 20, 2011,
http://www.cms.gov/EHRIncentivePrograms/30_Meaningful_Use.asp#TopOfPage
6. Issue Brief: Electronic Health Records Seeler 6
(2013 and 2015 respectively) will continue to expand on the established baseline. Current
criteria for Meaningful Use includes both a core set and menu set of objectives specific to
eligible professionals or eligible hospitals and critical access hospitals.15
What is a Certified EHR?
Legislators and HHS want health care providers and their patients to be confident that the
electronic health information technology products and systems they use are secure, can maintain
data confidentially, can work with other systems to share information, and can perform a set of
well-defined functions. A Final Rule on an initial set of standards, implementation
specifications, and certification criteria was issued July 2010. According to HHS, the
certification criteria adopted in this initial set establish the required capabilities and related
standards and implementation specifications that certified EHR technology will need to include
in order to support the achievement of meaningful use Stage 1 by eligible professionals and
eligible hospitals under the Medicare and Medicaid EHR Incentive Programs.16 Several
examples of certification criteria include drug-drug and drug-allergy interaction checks,
encryption, audit logs, and access control.17
CMS will only reimburse eligible entities under its Medicare and Medicaid Incentive
Programs for EHR technology that has been tested and certified by an Office of the National
Coordinator Authorized Testing and Certification Body (ATCB).
Who Provides Certified EHRs?
15
Ibid.
16
Department of Health and Human Services, “HealthIT.hhs.gov:Standards IFR,” Standards & Criteria
Certification Final Rule, last modified March 31, 2011,
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1195&parentname=CommunityPage&parentid=97
&mode=2&in_hi_userid=11673&cached=true
17
Department of Health and Human Services, “HealthIT.hhs.gov:Reference Grids,” Reference Grids for Meaningful
Use and Standards and Certification Criteria Final Rules, last modified March 31, 2011,
http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&objID=3584
7. Issue Brief: Electronic Health Records Seeler 7
Many commercial vendors offer EHR systems that have been certified by the ATCB.
Users can go to the Certified HIT Product List website maintained by HHS to locate and select a
provider based on practice type (ambulatory or inpatient). The 600 plus products are designated
as “Complete EHR,” which means that it meets all of the certification criteria, or “Modular
EHR," meaning that it meets at least one certification criteria.
What Information is Included in EHRs?
This varies widely and depends on the particular data fields included by the vendor.
Information in an EHR may include:
• personal identification, such as name and birth date
• emergency contacts
• health insurance information
• living wills, advance directives, or medical power of attorney
• a list and dates of significant illnesses and surgical procedures
• current medications and dosages
• immunizations and their dates
• allergies or sensitivities to drugs or materials
• important events, dates, and hereditary conditions in the family history
• test results
How can Consumers Use EHRs to Obtain Information?
A joint task force consisting of individuals from the Medical Library Association and
National Library of Medicine investigated the characteristics of personal health records in 2008
and 2009. They also looked at how librarians could help consumers locate reliable and
authoritative health information since many users might be consulting questionable sources such
8. Issue Brief: Electronic Health Records Seeler 8
as wikis, blogs, and social networking sites. The task force created a statement that could be
inserted in EHRs to alert users that they can obtain information from authoritative resources such
as NLM’s MedlinePlus, MLA’s Consumer and Patient Health Information Section website, and
through direct contact with medical librarians.18
Medical librarians, including those found in public libraries, can assist patrons in many
capacities such as:
• assisting patients with registering for EHRs
• training employees in the use of EHRs
• educating staff on how use of EHRs might reduce costs, inform consumers, and
benefit the institution
• incorporating information about EHRs into academic courses
• helping implement patient portals that include EHRs
• selecting and evaluating consumer health content to be included in personal health
records
• coordinating with health information management professionals responsible for
EHRs
• assisting health care providers in adopting the use of EHRs
• providing EHR vendors with information regarding the UMLS and how it can be
integrated into EHRs
• promoting the use of EHRs through consumer
• outreach efforts to build trust and acceptance
18
Dixie A. Jones, Jean P. Shipman, Daphne A. Plaut, and Catherine R. Selden, “Characteristics of personal health
records: findings of the Medical Library Association/National Library of Medicine Joint Electronic Personal Health
Record Task Force,” Journal of the Medical Library Association 98, no.3 (2010): 247.