AHA: Clarify Security MeasuresSays "meaningful use" rule contains unnecessary language
In its letter, the Chicago-based AHA urges regulators "to clarify that this meaningful use measure requires no new obligation beyond the requirements of the HIPAA privacy and security rules."
The letter also states, "The meaningful use rule should not be used to create a redundant and potentially conflicting process to ensure compliance with HIPAA obligations."
The AHA labels as "unnecessary" language in the proposed meaningful use rule that requires hospitals and physicians to "conduct or review a security risk analysis of certified EHR technology and implement updates as necessary." The association notes that hospitals already have this obligation under HIPAA.
Like many other associations, the AHA calls the timeline for the incentive program created under the HITECH Act "unrealistic" and urges regulators to enable hospitals to qualify in a much more gradual way.
To read the letter, visit aha.org.
Comments due March 15
David Blumenthal M.D., national coordinator for health information technology, recently said the final versions of the three core rules for the EHR incentive program will be completed by the end of spring. (Read the story).