Safe & Sound with Marianne Kolbasuk McGee

Calls for Halting HITECH Misguided

Halting EHR Incentives Could Disrupt Security

Four Republican congressmen recently wrote a letter to the Department of Health and Human Services asking that the HITECH Act electronic health record incentive program be halted immediately and incentive payments suspended until tougher requirements are added.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

I believe that suspending the program is a bad idea. But before I discuss why, here's a look at the congressmen's arguments.

The congressmen asked HHS to "promulgate universal interoperable standards" to facilitate data exchange among healthcare providers. They say the rules for Stage 2 of the program don't go far enough on interoperability.

The GOP legislators accuse the incentive program of squandering billions of dollars in taxpayers' money, and they allege that the HITECH effort could be doing "more harm than good" in part by making it easier for healthcare providers to pad their bills.

The legislators cite a recent New York Times article that pointed out that an analysis of Medicare billing data found that hospitals received $1 billion more in reimbursement in 2010 than five years earlier, in part as a result of billing codes used in emergency departments - which might also be attributed to more widespread use of EHRs (see: EHRs: A Catalyst for Billing Fraud?.)

A Bad Idea

Whether there's a strong link between EHRs and billing fraud is far from certain. EHRs certainly make it easier for healthcare providers to document the care they provide. And yes, it's also possible the technology might be used to create fake or exaggerated documentation to support billing. But does that mean we should go back to paper records? I don't think so.

Suspending the HITECH incentive program midstream makes little sense. It will only fuel uncertainty and distrust among many healthcare providers that have, in good faith, begun adopting EHRs.

Hospitals and physician groups are spending big bucks for EHRs in hopes of recouping some of their investment with federal incentive dollars. Threatening to stop the program right now amounts to bait and switch, as far as I'm concerned.

What will be the impact on data privacy and security if the EHR incentive program is suspended, even temporarily? I suspect some healthcare providers will feel like they've been fooled into buying these systems at the urging of the feds with false promises. Many will likely slow down their rollout of EHRs and related health IT, stalling automation efforts that could improve the quality of care and cut the nation's healthcare bill. And I fear some, faced with the loss of future rounds of incentive payments, would have to make some painful cuts, including skimping on security for the systems they already have in place.

The feds have been hammering out the details of the HITECH incentive program for years. Plenty of time was given for the public and industry stakeholders to comment before the most recent final rules for Stage 2 were published in September. If the congressmen had concerns about the criteria, those concerns should have been expressed before the Stage 2 rules were finalized, not after.

Regulators should take a close look at including stricter interoperability requirements in Stage 3 of the incentive program to pave the way for easier exchange of potentially life-saving data. But for now, let's not put the brakes on progress that's being made.



About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.