Nuesoft Website  |  Blog Home  |  Contact Information

With public attention on the ARRA stimulus funds in recent months, physicians have been feeling the pressure to adopt electronic health records. The vision is that in the next couple of years, the technology will be advanced enough to exchange health data freely between systems. Yet there is some skepticism from many in the health care industry that the lack of infrastructure and data sharing standards means that the day of sharing patient records between providers, labs and hospitals is a lot further off than the current administration is hoping.

The announcement last week therefore that Florida will be putting Medicaid patient histories online was a welcome indication that other stakeholders are willing to get involved to put the necessary health data infrastructure in place. If practices know that payers and government agencies are invested in coordinating these efforts (and actions speak louder than words here), it will reassure physicians that they won’t be left alone to arrange dozens of interfaces with a myriad of other systems. If other states adopt Florida’s example, it would almost certainly speed health IT adoption by the smaller players that are currently ambivalent about making such a large investment in a technology that is still young. In fact, the inability of some smaller practices to afford EHRs at all has been another issue that has troubled advocates of health care technology. The Medical Group Management Association (MGMA) voiced the concern back in July that those practices without the purchasing power of larger medical groups would in effect be penalized for their inability to show meaningful use. This stumbling block to widespread EHR adoption may soon be removed if Senator Kerry’s proposed legislation to make smaller practices eligible for business loans to buy health IT is passed.

There is still a long way to go, but perhaps these and other measures will give physicians  confidence that the current path of health care enhances the chance that they will spend more time treating patients and less time tracking down information.

The “red flags” rule is now scheduled to take effect on June 1, 2010, after another delay announced earlier this week by the Federal Trade Commission as it considers new legislation that would exempt small businesses, including medical practices, from compliance. The rule mandates the creation of identity theft prevention programs, and will apply to any organization that can be considered a creditor with “covered” accounts (i.e.-commercial accounts that involve multiple transactions). Most providers, many medical billing companies and some health plans are expected to comply.

The American Medical Association, American Academy of Family Physicians and other industry groups have weighed in against the rule, on the basis that physicians do not meet the definition of creditors. A completely sensible argument. But medical practices need to proactively engage in some agreed-upon set of identity theft prevention practices. It’s in the best interest of consumers, not to mention practice owners, who’ll otherwise pay the price through legal costs, or through the provision of services for which they would never collect payment. Incidences of medical identity theft are increasing – enough to raise the gander of the government, which commissioned a study to assess and evaluate the scope of the problem. And smaller medical practices (which account for nearly 80 percent  of all U.S. practices) may be more vulnerable, as thieves could perceive them to be lower risk targets based on the assumption that they lack the sophisticated security procedures of hospitals or larger health care organizations.

Despite the widespread outcry from industry groups, the actual impact on a practice for complying with the red flags rule may be minimal. The new rule would simply buttress state privacy laws that already require health care organizations to respond to breaches of certain patient information. In addition, there is a great deal of overlap between the proposed FTC regulations and HIPAA, which applies to medical practices or other entities that are conducting electronic transactions.

Medical practices concerned about compliance can learn more at: http://www.ftc.gov/bcp/edu/pubs/articles/art11.shtm or http://www.ama-assn.org/ama1/pub/upload/mm/368/red-flags-rule-edu.pdf.