Inability to Share Health Data May Attract Attention of Regulators

Oct 2, 2014 | Blog

The most recent irony in the medical information technology space is that the next round of enforcement audits may focus on insufficient sharing of medical information, rather than health data breaches.  The federal government, under the HITECH Act (Health Information Technology for Economic and Clinical Health) of 2009, provided financial incentives totaling $27 billion for healthcare providers that treat patients under Medicaid and Medicare plans to adopt electronic health records (EHR) systems.  The criteria under which an eligible hospital or medical professional could receive these funds were set forth in a regulation known as the Meaningful Use Rule. The ability to share patient data with other healthcare providers, to enhance coordination of care, was a key element of these criteria.  Yet, few organizations have this capacity, placing practitioners at risk of penalties by the federal Office of the Inspector General of the Centers for Medicare and Medicaid Services (CMS).

Rigorous health information exchange is a key requirement in Stage 2 of the Meaningful Use Rule. Yet, as reported by The New York Time on October 1, 2014, many caregivers report that their EHR systems lack the means to connect with the EHR systems of caregivers to which a patient’s care may be transferred. The Times investigation indicates that certain systems providers may have designed their platforms to deliberately restrict sharing of patient data with systems of competing EHR vendors.

The CMS Office of the Inspector General has begun auditing caregivers for Meaningful Use compliance. If auditors find an inability to share electronic patient information with caregivers outside the organization penalties may be assessed against the medical practice or hospital, not against the EHR vendor, even if the lack of connectivity was deliberately built into the system by the vendor.  Practices and hospitals should review their systems to ascertain if they can share data as required and, if not, should immediately take steps to enable sharing for patient care so as to avoid a potential violation of the Meaningful Use Rule requirements, investigation, or fine.

If you have questions regarding EHR implementation or Meaningful Use Rule compliance, please contact Kenneth N. Rashbaum.