Tiger Team Scrutinizes HITECH Rules

Reviews Details in Stage 2 EHR Incentive Proposals
Tiger Team Scrutinizes HITECH Rules

The Privacy and Security Tiger Team soon will provide specific recommendations on how the proposed rules for Stage 2 of the HITECH Act electronic health record incentive program should be refined.

See Also: Live Webinar | Securing Mobile Endpoints to Protect IP in the Pharma Industry

At its March 19 meeting, the team reviewed a detailed document listing the team's original recommendations and comparing them to what's included in the proposed Stage 2 rules. One rule spells out requirements for demonstrating the meaningful use of EHRs to qualify for additional incentive payments. The other rule spells out standards for EHR software certification for the incentive program.

The Tiger Team will meet again March 28 to discuss its recommendations for refinements and additions to the rules and will present a preliminary set of recommendations to the Health IT Policy Committee at its April 4 meeting, says Deven McGraw, co-chair. That committee advises the Department of Health and Human Services, which issued the rules.

Comments on both rules are due by May 7, and the Tiger Team may make further recommendations by then, McGraw says. It has slated meetings for April 9 and April 23.

Digging Through Details

Tiger Team members stressed that many of their recommendations made their way into the rules, including, in particular, a requirement that risk assessments verify how data at rest is protected, such as through encryption. But at the March 19 meeting, members began to dig through the proposed rules to determine if certain provisions lacked details. For example, the team is considering whether to request that the rules require that EHRs can transmit patients' records amendments, updates or appended information to other providers to whom the data has been previously transmitted.

At the March 19 meeting, team members reached tentative agreement that the Stage 2 EHR software certification rule should require that EHR systems accommodate patient amendments in free text as well as by scanning documents.

The team plans to discuss a number of other topics at its next meeting, including, for example, whether the rules contain enough direction on how to ensure electronic health records can help with matching patient records from various sources to the right patient.

About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.