|
Recently, an interesting question was posed to
me by a colleague regarding a so-called 'HIPAA EMR/EHR mandate' and
whether all medical providers are required to comply, or only those
providers that accept Medicare and/or Medicaid.
To the best of my knowledge, there is no such thing as a "HIPAA EMR/EHR mandate." This question seems to be conflating the HIPAA privacy, security, and breach notification requirements with the EHR Incentive Program. Under the Medicare EHR Incentive Program, providers are required to initiate participation by 2014 to avoid Medicare payment adjustments that begin in 2015. See here for a timeline - https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/downloads/EHRIncentProgtimeline508V1.pdf (excerpted below). Similarly, under the Medicaid Incentive Program, providers are required to initiate participation by 2016. There are no payment adjustments for providers who are only eligible for the Medicaid program.  Further, there is no mandate for medical providers to
participate in the EHR Incentive Program. To the extent that a provider
accepts Medicare, the provider can take the adjustment. A number of
small medical providers have opted to take the adjustment because the
EHR subsidy is not enough to cover the cost of EHR implementation.
Alternatively, the provider can stop accepting Medicare and transition
his or her practice to a cash-only, concierge style practice, or private
insurance only practice. How a provider is paid has no impact on whether a provider is subject to HIPAA compliance. All medical providers that transmit protected health information electronically are required to comply with HIPAA. Posted by
Tatiana Melnik May 5,
2014. |
| ||||||
| ||||||
Home / Disclaimer / Privacy Policy / Contact / ©2013-2022 melniklegal.com |