The American Health Information Management Association (AHIMA) held its annual Advocacy Summit in Washington, DC on March 19-20, 2018. Members from all over the country came together to inspire leadership and influence change.
Historically, this event has been an opportunity to advocate for HIM professional interests, build name recognition for AHIMA and the profession, and make valuable legislative and executive branch contacts.
Five representatives of the Indiana association (IHIMA) ascended Capitol Hill, including Blue & Co.’s senior consultant, Lynette Thom, who serves as IHIMA’s President-Elect. Among the lawmakers that Indiana visited were Senators Joe Donnelly (D) and Todd Young (R), as well as Representatives Susan Brooks (R) and Todd Rokita (R). AHIMA provided state members with two initiatives to present to their individual representatives for support.
HIM industry members may find this information useful in understanding some of the healthcare industry legislative and regulatory advocacy activity underway.
The following topics that influence the HIM field were presented to legislators to seek support of the initiatives.
In 1996, the Health Insurance Portability and Accountability Act (HIPAA) mandated a Unique Patient Identifier for healthcare purposes. Due to concerns from privacy groups, the 1999 Omnibus Appropriations Act prohibited the use of appropriated funds by the U.S. Department of Health and Human Services (HHS) to “promulgate or adopt any standard for a unique health identifier until legislation is enacted specifically approving the standard.” AHIMA’s request to Congress was to omit the 1999 language in the fiscal year 2019 appropriations legislation to enable HHS to work with industry to advance a nationwide patient matching strategy.
Modernize Privacy Laws to Combat Opioid Epidemic
The 42 CFR Part 2 regulation, a law that is more than 40 years old, governs the confidentiality and sharing of substance use disorder treatment records within our healthcare system. Under current law, disclosure of information that identifies an individual as having received or receiving substance abuse disorder treatment from a designated Part 2 program is generally prohibited, unless an individual gives his or her written consent. In contrast, the Health Insurance Portability and Accountability Act (HIPAA) privacy rule establishes a “floor” by generally prohibiting a “covered entity” from using or disclosing protected health information unless authorized by patients. However, to limit interference with an individual’s access to quality healthcare or the efficient payment and delivery of such care, the HIPAA privacy rule permits a covered entity to “use and disclose protected health information, with certain limits and protections, for treatment, payment and healthcare operations activities.” This creates a number of challenges for the HIM professionals working in this space.
Summary of Agency Presentations
AHIMA started the event Monday with presentations from AHIMA leadership officials and patient advocates. Included in the agenda were former officials from the Centers for Medicare and Medicaid Services (CMS), the Office of the National Coordinator for Health IT (ONC), and the Office for Civil Rights (OCR). Below are some highlights of their presentations.
Maria Durham, Director, Division of Program Measurement Support, Center for Clinical Standards & Quality spoke about the opportunities for quality measures and quality improvement efforts. Among the key topics discussed included CMS’ “Meaningful Measures” initiative and “Patients over Paperwork” initiative. Reducing provider burden and empowering patients are key goals of these initiatives.
You can read more about “Meaningful Measures” at: https://www.cms.gov/Medicare/Quality-Initiatives-Patient-Assessment-Instruments/QualityInitiativesGenInfo/MMF/General-info-Sub-Page.html
For information regarding “Patients over Paperwork, visit: https://www.cms.gov/Outreach-and-Education/Outreach/Partnerships/Downloads/PoPDecember2017Newsletter.pdf
Iliana Peters, JD, LLM, former OCR acting deputy director discussed cybersecurity, cloud computing and HITECH’s audits of covered entities’ compliance with various requirements related to elements of privacy, security, and breach notification. Data aggregation and encryption are key areas under which covered entities must comply.
For more information about the Phase 2 HIPAA Audit Program, visit: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/protocol/index.html
Genevieve Morris, Principal Deputy National Coordinator, Office of the National Coordinator for Health Information Technology, provided participants with insight into the Trusted Exchange Framework and Common Agreement, which focuses on interoperability and the goal of getting healthcare consumers data to make care decisions while promoting standardization, transparency, cooperation, security and patient safety.
For more information, please visit: https://www.healthit.gov/sites/default/files/draft-guide.pdf
If you have questions about these, feel free to contact your local Blue & Co. healthcare advisor.