Is the HIPAA EMR/EHR Mandate Required by ALL Medical Providers? Is the HIPAA EMR/EHR Mandate Required by ALL Medical Providers?
Is the HIPAA EMR/EHR Mandate Required by ALL Medical
Providers? Recently, an interesting question was posed to
me by a colleague regarding a so-called 'HIPAA EMR/EHR mandate' and
whether all medical providers are required to comply, or only those
providers that accept Medicare and/or Medicaid.
To the
best of my knowledge, there is no such thing as a
"HIPAA EMR/EHR mandate." This question seems to be conflating the HIPAA privacy,
security, and breach notification requirements with the EHR Incentive
Program. Under the Medicare EHR Incentive Program, providers are
required to initiate participation by 2014 to avoid Medicare payment
adjustments that begin in 2015. See here for a timeline - https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/downloads/EHRIncentProgtimeline508V1.pdf
(excerpted below). Similarly, under the Medicaid Incentive
Program, providers are required to initiate participation by 2016. There
are no payment adjustments for providers who are only eligible for the
Medicaid program.
Further, there is no mandate for medical providers to
participate in the EHR Incentive Program. To the extent that a provider
accepts Medicare, the provider can take the adjustment. A number of
small medical providers have opted to take the adjustment because the
EHR subsidy is not enough to cover the cost of EHR implementation.
Alternatively, the provider can stop accepting Medicare and transition
his or her practice to a cash-only, concierge style practice, or private
insurance only practice. How a provider is paid has no impact on whether a
provider is subject to HIPAA compliance. All medical providers that
transmit protected health information electronically are required to
comply with HIPAA.Posted by
Tatiana Melnik May 5,
2014.
|
December 2024
Su | Mo | Tu | We | Th | Fr | Sa |
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | 11 | 12 | 13 | 14 |
15 | 16 | 17 | 18 | 19 | 20 | 21 |
22 | 23 | 24 | 25 | 26 | 27 | 28 |
29 | 30 | 31 |
Blog Home
Newest Blog Entries
7/23/15 Hospital Settles with OCR for $ 218,400 Over Cloud-Based File Sharing
6/8/15 Two California Privacy Bills to Watch in 2015
3/28/15 When Looking at Security, Consider Every Device
3/9/15 Alabama Board of Optometry Makes Final a Rule on Telemedicine
1/25/15 Indiana Court of Appeals Upholds $1.44 Million Jury Verdict Against Walgreen Co. in a Privacy Breach Case; Denies Rehearing
12/9/14 Malware Leads to a $150,000 OCR Settlement with a Behavioral Health Provider
11/30/14 Can a Board of Medicine Use the State’s Prescription Drug Database in Investigating Physician Actions?
11/29/14 Under the Florida Telemedicine Rule, Can a Physical be Conducted by Telemedicine?
11/19/14 Wearables and the Challenge for Consumer Device Makers
10/28/14 A Few Telemedicine Resources
10/27/14 FCC: The Newest Regulator to Throw its Hat into the Data Privacy and Security Ring
Blog Archives
October 2013 (9) April 2014 (6) November 2013 (3) August 2014 (4) June 2014 (3) January 2015 (1) December 2014 (1) July 2014 (1) May 2014 (6) March 2015 (2) June 2015 (1) March 2014 (3) January 2014 (4) October 2014 (2) February 2014 (4) November 2014 (3) September 2014 (1) December 2013 (5) July 2015 (1)
Blog Labels
Dental (1) Identity Theft (1) Mobile Apps FDA (2) Meaningful Use (4) Financial Services (1) Privacy (4) FAQ (6) Healthcare Competition (1) FCC (1) Data Breach (10) HIPAA (3) Telemedicine (7) Marketing (1) Medical Marijuana (1) Security (1) EHR (2) Healthcare Fraud (1) Big Data (3) Privacy Litigation (3) BYOD (2) Social Media (2) Employment (1) Mobile Apps (2)
|