Chapter 9
Legislative Aspects
of Nursing
Informatics:
HITECH and HIPAA
Objectives
• Describe the purposes of the Health
Information Technology for Economic and
Clinical Health (HITECH) Act of 2...
Introduction
• Nurses need to be familiar with the goals and
purposes of the HITECH Act of 2009, including the
Medicare an...
Overview of the HITECH Act
• The HITECH Act established the Office of the National Coordinator
for Health Information Tech...
How a National HIT Infrastructure is
Being Developed
• Developing a national HIT infrastructure is an
enormous and extreme...
Health Insurance Portability and
Accountability Act (HIPAA) of 1996
• Intent of the act was to
– curtail healthcare fraud ...
How the HITECH ACT Changed HIPAA
• The OCR is part of HHS and is responsible for enforcing
HIPAA
• Compliance with the Pri...
Potential Legal Issues Associated with
Technology
• BYOD (bring your own device) Healthcare
organizations typically do not...
Implications for Nursing Practice
• Be involved
• Stay involved
• Protect yourself
Summary
• HITECH Act and the HIPAA Privacy and Security Rules are intended
to enhance the rights of individuals.
• These l...
Upcoming SlideShare
Loading in...5
×

Chapter 9

2,027

Published on

Published in: Health & Medicine, Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,027
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Chapter 9

  1. 1. Chapter 9 Legislative Aspects of Nursing Informatics: HITECH and HIPAA
  2. 2. Objectives • Describe the purposes of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 • Explore how the HITECH Act is enhancing the security and privacy protections of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. • Determine how the HITECH Act and its impact on HIPAA apply to nursing practice.
  3. 3. Introduction • Nurses need to be familiar with the goals and purposes of the HITECH Act of 2009, including the Medicare and Medicaid HIT provisions of the law. • How it enhances the security and privacy protections of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 • How it otherwise impacts nursing practice in the emerging EHR age • The concepts of “meaningful use” and “certified EHR technology”
  4. 4. Overview of the HITECH Act • The HITECH Act established the Office of the National Coordinator for Health Information Technology (ONC) within the U.S. Department of Health and Human Services (HHS). • The ONC is headed by the National Coordinator, who is responsible for overseeing the development of a nationwide HIT infrastructure that supports the use and exchange of information in order to – improve health care quality – reduce the cost of health care – improve people’s health by promoting prevention, early detection and management of chronic diseases – protect public health by fostering early detection and rapid response to infectious diseases, bioterrorism, and other situations – facilitate clinical research – reduce health disparities – better secure patient health information • Improving health care quality has been an ongoing challenge in this country.
  5. 5. How a National HIT Infrastructure is Being Developed • Developing a national HIT infrastructure is an enormous and extremely complex undertaking that requires extensive financial technological and human resources. • Monetary incentives are available to clinicians and facilities who implement EHR systems that meet the specific standards. • Providers that fail to adopt such systems within a specified time frame may be subject to significant governmental penalties.
  6. 6. Health Insurance Portability and Accountability Act (HIPAA) of 1996 • Intent of the act was to – curtail healthcare fraud and abuse – enforce standards for health information – guarantee the security and privacy of health information – assure health insurance portability for employed persons. • Consequences were put into place for institutions and individuals who violated the requirements of this act.
  7. 7. How the HITECH ACT Changed HIPAA • The OCR is part of HHS and is responsible for enforcing HIPAA • Compliance with the Privacy and Security Rules is mandatory for all covered entities • Entities are to conduct regular audits to assure compliance and any breaches in the privacy or security of PHI must be remedied immediately • Improved privacy and security of patient health information by applying the requirements of HIPAA directly to the business associates of covered entities. • Strengthens the enforcement of HIPAA
  8. 8. Potential Legal Issues Associated with Technology • BYOD (bring your own device) Healthcare organizations typically do not encourage personal devices and in many instances actually have policies in place forbidding employees from using personal devices in the workplace. – Policies may restrict use to devices issued by the organization, secured, and routinely audited • Social Media Use – Nurses who engage with social media need to be especially cognizant of a potential breach of confidentiality of patient information.
  9. 9. Implications for Nursing Practice • Be involved • Stay involved • Protect yourself
  10. 10. Summary • HITECH Act and the HIPAA Privacy and Security Rules are intended to enhance the rights of individuals. • These laws provide patients with greater access and control over their PHI. They can control its uses, dissemination, and disclosures. • Covered entities must not only establish a required level of security for PHI but also sanctions for employees who violate the organization’s privacy policies and administrative processes for responding to patient requests regarding their information. • They must be able to track the PHI and note access from both a perspective of what information was accessed but also by whom and any disclosures. • There is global awareness of the need for privacy protections for personal health information or PHI.

×