Healthcare IT: Keeping Data Safe

Healthcare IT: KEEPING DATA SAFE & HIPAA/HITECH COMPLIANT As those that work in healthcare IT know, the healthcare industry has some of the most complex IT needs of all industries that exist today. Per the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, covered entities and business associates are required to ensure the following safeguards on patient data: ADMINISTRATIVE SAFEGUARDS PHYSICAL SAFEGUARDS TECHNICAL SAFEGUARDS to proteot data integrity, confidentiality and availability of electronio protected health information (PHI) to protect data integrity, confidentiality and availability of electronio protected health information (ePHI) to protect data integrity, confidentiality and availability of ePHI .and not complying isn't cheap. 000000o0000 PAST PENALTIES o0000o o0000 O000 o 0o 00000 O00000 o000 O00000 o0000 CIGNET HEALTH Fined $4.3 million for failing to provide 41 patients copies of their medical records upon request & subsequently failing to cooperate with the investigation. 4.3 MILLION CVS 2.25 MILLION Fined $2.25 million for failing to implement adequate policies, procedures and training to safeguard patient information. BLUE CROSS BLUE SHIELD OF TENNESSEE 1.5 MILLION Fined $1.5 million after 57 unencrypted computer hard drives containing PHI of more than 1 million individuals was stolen. PAPER vs. EMR When it comes to HIPAA, breaches that involve paper charts ONLY happen more frequently than those that involve Electronic Medical Records (EMR). Of 479 breaches listed on the Department of Health and Human Services' website, only 7 were related to EMR 7479 OUT OF BREACHES RELATED TO EMR Breaches aside, EMR are also less expensive to maintain: PAPER CHART ELECTRONIC CHART $8 $2 PER YEAR PER YEAR Switching from paper records to EMR has a clear advantage. That's why the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law in 2009 and is intended to increase the use of EMR by physicians and hospitals. It stipulates that, as of 2011, healthoare providers will be offered financial incentives for demonstrating meaningful use of EMR. INCENTIVES Eligible professionals and hospitals that begin using EMR by 2014 could receive up to: PROFESSIONALS HOSPITALS 44,000 TO 2 MILLION 63,750 Incentives will be offered until 2015, after which time penalties will be levied for failing to demonstrate such use. If healthcare entities don't demonstrate meaningful use by 2015, Medicare reimbursements will be reduced by 1% and will continue to be reduced in the years following. 2015 2016 2017 2018 1% 2% 3% 4-95% 0000000 THE BOTTOM LINE :: EMR Avoid data breaches and ensure end-to- end HIPAA and HITECH compliance. Host your data in the most secure, Tier 3 data center available: the IBX Vault. LEARN MORE AT www.ibxvault.com/healthcare