HITECH Act – Making Health Accessible
HITECH is the acronym for Health Information Technology for Economic and Clinical Health. On the…
HITECH is the acronym for Health Information Technology for Economic and Clinical Health. On the 17th of February, 2009, the American President Barack Obama had approved a $789 billion economic stimulus package into the law, formally termed as the American Recovery and Reinvestment Act, or ARRA. HITECH provides $19.2 billion in stimulus money to health care institutions and individual physicians who manifest a meaningful use of the Electronic Health Record technology.
A study reveals that merely 4 out of 10 doctors in practice are using the Electronic Health Record technology. But if we talk of the ones who are bringing the iconic technology into meaningful use in its full potential, the score is even lower, 2 out of those 4 who are using this technology. The main motive of HITECH Act is to encourage at least 90% of world’s total doctors to implement the Electronic Medical Record technology in their work-field, instead of spending half of their time in paperwork.
Using paper information means a direct rise in the risk of an unlawful access owing to several human factor risks. Naming a few, they are:
Leaving the papers on a desk
Leaving the information on a printer or facsimile
Leaving the information somewhere in the open where it can be a victim of some unlawful intentions
Leaving the papers in cabinets or drawers, and forgetting to lock those
Spilling out a patient’s medical information if working on a shared work-station
Not being damaged completely, owing to some working disorders in the dumpster, or any other factor
The main five impacts of following HITECH Act would be:
Fall in the occurrence of medical errors
Rise in the quality of health care
Fall in the medical costs
Rise in security and confidentiality of the patient
More lives would be saved
This Act of the American Recovery and Reinvestment Act imposes more rigorous regulative prerequisites under the privacy and security rules of HIPAA, Health Insurance Portability and Accountability Act of 1996. Besides, this Act has increased the civil penalties for violating the HIPAA rules. HITECH Act provides sponsorship for hospitals and physicians for the implementation of Electronic Health Record technology, and is required to notify the patients of a security or privacy breach. This wide spectrum of the requirements calls for abidance by the medical units covered in the Act.
A fundamental necessity demanded by HITECH Act is to notify the individuals and HHS if the unsecured or unencrypted protected health information of a patient “has been, or is reasonably believed… to have been accessed, acquired, or disclosed as a result of such breach.” If this breach has impacted more than 500 individuals, media outlets can be used to notify.
The privacy and security requirements Health Policy And Planning in HITECH Act include:
a. The addressed units must attend to a patient’s request to deduct PHI from a health plan if he has paid for the medical care.
b. The addressed units must restrain the use or revelation of PHI to a ‘limited data set’
c. If a patient requests, the addressed units must provide patients with a track account of all the revelations of PHI made in the last three years.
d. The addressed units may not receive a payment for communicating with Healthecareers the patients for marketing purposes unless the patient is authorized.
e. The employees of the addressed units will be liable to a criminal penalty if they knowingly access, use or reveal a patient’s PHI for unlawful intentions.
f. The civil penalties for violating under HIPAA are raised, depending on the demeanour. However, the penalties for the wilful violation of the conventions may be imposed by the federal government.
The HITECH Act applies to the covered entities which include health care institutions like hospitals, health care providers, health plans, vendors, business associates, Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and Personal Health Records (PHRs). In case an entity wishes to work in accordance with the HITECH Act, the followings are recommended:
Development and execution of a Red Flag Rules Compliance Program
Development and execution of a Breach Notification Compliance Program
Inspection and rectification of the existing business associate agreements, and conclusion if a new business associate agreement is needed
Strategizing and positioning oneself to get a loan and grand sponsorship through the stimulus
Assurance that the technology is certified by CCHIT
Undoubtedly, HITECT Act has been of much use by now, and there is still a major share of the doctors in practice that is yet to register for this Act. But once accorded, there would be no stopping back, because the medical field works only on two factors- the physician’s expertise, and the patient’s trust. The HITECH Act takes care of the ‘Trust’ factor.