Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Healthcare Online User Group
Showing posts tagged with HIPAA/HITECH
Showing posts in English
David Finn | 17 Jul 2012 | 0 comments

Well, most of you have heard me, for several years now, talking about the impact of HIPAA on banking and Financial Institutions.  I remember as a hospital CIO getting all this stuff from the Medical Banking Project and wondering what it had to do with me - - I used to send it on the revenue cycle people, who in turn, I'm sure, wondered what it had to do with them . . .  That was probably the early 2000’s.  Now we know.

Today’s healthcare providers must continue to diligently require business associate contracts from their financial institution partners when there is access, use or disclosure of personal health information (PHI).  This happens in cash management with lockbox arrangements, with EDI operations and in other areas.  Here’s an example:  when a bank’s lockbox is used to gather, collect and streamline payments and it includes processing the Explanation of Benefits (EOBs), this will result...

David Finn | 28 Jun 2012 | 0 comments

   The Supreme Court has spoken, but the debate will probably not end. This morning, the Supreme Court held that the Patient Protection and Affordable Care Act (ACA) is constitutional. Healthcare will, however, be a key issue in the presidential election.

   Some of you may remember the discussion of this case on a recent Healthcare Community Call.  There were 4 key issues the Court was to consider:

  1. Anti-Injunction Act
  2. The Individual Mandate
  3. Severability
  4. Medicaid Expansion

  In a nutshell, the Individual Mandate was upheld.  Not under the commerce clause as the Administration argued, but upheld constitutionally under the broad taxing powers of the Congress.  That, then, essentially addresses the anti-injunction act by saying it is a tax and not a penalty.

Severability is not an issue since the law was upheld.  There is no need to pull out or sever pieces of the law from...

David Finn | 22 Jan 2012 | 0 comments

Well, this is the time of year when everyone involved in health information technology, directly and indirectly, from the providers, payers, government, banking, venture capitalists and vendors begin to turn their attention to HIMSS.  This year HIMSS is in Las Vegas - -  after a long absence from this venue.  For many years, Vegas didn’t have the classroom capacity required but that has changed and HIMSS will be making a return engagement in February.  First, remember we’re on a new schedule this year Monday through Friday (February 20 – February 24).

If you haven’t booked rooms or travel, get on it!  If you haven’t registered better get that done, too.  And then start working on your “dance card”.  The days fill up fast and five days at CHIME & HIMSS disappears very quickly.  And that is just educational sessions, booth visits and professional association meetings or Symposia.  Don...

David Finn | 12 Nov 2011 | 0 comments

I have the privilege of getting to talk to a lot of health care IT folks.  It is an interesting perspective - - having been “one of them” for so long and to be on the vendor side now, the “dark side” as I used to call it.  I also have the opportunity to “address” a lot of healthcare IT folks - - through webinars, at HIMSS events, at other meetings and sometimes in their facilities.  Usually it is about some aspect of securing or protecting data. 

Lately, I’ve gotten tired of talking about it.  Not because it isn’t important - - it is.  Not because it isn’t required - - it is.  Not because I don’t have a passion for it - - I do.  I’m tired of talking about it because, as I learned in West Texas, “talkin’ ain’t doin’” and...

David Finn | 03 Oct 2011 | 0 comments

When it comes to healthcare, accuracy and attention to detail are not only important, they can mean the difference between life and death. Preventing misdiagnoses or mistreatment is taken very seriously.

Today, not only are patient lives on the line, but also, their information is increasingly online—on the hospital’s IT system, on private networks and even on the Internet. Mishandling of this data, or unauthorized use of it, can result in the wrong medical treatment, identity theft, data breaches and more. At the same time, more people need access to this information than ever before and from a variety of devices. The proper administration of healthcare data should be taken very seriously.

Just as clinicians use the “Five Rights of Medication Administration” to ensure proper patient care, the digitization of healthcare records and patient information means healthcare providers need to adopt best practices for ensuring proper security and...

David Finn | 05 Sep 2011 | 0 comments

In addition to the Grand Ol’ Opry, Nashville recently hosted the Allscripts Client Experience 2011 (better known by attendees as ACE.11).  You may know that Allscripts and Symantec earlier this summer released a Privacy and Security Risk Assessment (PRSA) to help Eligible Providers (Professionals, Hospitals and Critical Access Hospitals) complete and document the mandatory Risk Assessment in order to achieve Meaningful Use.  This is a web-based tool that allows providers at all levels of expertise and maturity to collect and document their baseline security posture - - and then track and manage improvement, changes and updates to their overall security posture as well as the vulnerabilities discovered from the initial assessment.

From the provider’s perspective, the conference was certainly about getting the assessment done, documented and attesting to Meaningful Use so the money can start coming in.  From the IT people I spoke to at the conference...