AMA, MGMA Differ on Rule

MGMA, an Englewood, Colo.-based association of physician group practice administrators, says the provisions are unnecessary and should be removed. The Chicago-based AMA, in contrast, supports the provisions but says physicians will need help carrying them out.

The proposed rule states that to qualify for Stage 1 of the Medicare and Medicaid incentives under the HITECH Act, healthcare providers must "conduct or review a security risk analysis of certified EHR technology and implement updates as necessary."

"Requiring an eligible professional to conduct a security risk analysis that is already required under HIPAA is duplicative and adds an unnecessary reporting burden," the MGMA stated in a March 15 letter to regulators.

The AMA, however, "strongly supports" including the risk analysis requirement. But in its letter filed in collaboration with dozens of other physician associations, it asks regulators to either require vendors to offer physicians help "or make directly available resources to physicians to help them identify the specific technical capabilities they will need to ensure patient information is appropriately protected and safeguarded."

Meanwhile, the Healthcare Information and Management Systems Society asked regulators to provide far more specifics on the risk analysis requirements. (To read story, click here.)

More time

MGMA, AMA and HIMSS, like many other associations, call on regulators to give providers more time to meet fewer criteria to qualify for the incentive program as an alternative to the proposed rule's "all or nothing" approach.

For more on MGMA, visit mgma.com.

To view the AMA letter, visit ama-assn.org.

Comments on the "meaningful use" rule were due March 15. They can be viewed at: regulations.gov.. David Blumenthal M.D., national coordinator for health information technology, recently said the final versions of the three core rules for the EHR incentive program will be completed by the end of spring. (To read story, click here).