AIS's Directory of Health Plans 2010

How to Guarantee PBM Transparency, Reduce Rx Costs and Maximize Pharmacy Benefits; How to Amend HIPAA Business Associate Agreements to Comply With the HITECH Act; New Medicare Advantage Rates: Health Plan Strategies for Bids Due in June - Webinars

AIS Compliance Health Reform Pharmacy Benefit Consumer-Directed Care Compliance Market Data Health Plans
 HOME
 New on the Site
Customer Service
Sample Newsletters MarketPlace
AIS Products & Services

E-Savings Club weekly specials

Free E-Mail Newsletters
Health Business Daily
Government News
Sign Up for Free E-Mail Newsletters

Health Business Job Openings

Health Business Meetings

People on the Move
 
Health Plans
General Business Issues
Product News
Company Intelligence
Disease Management
Blue Cross and Blue Shield
Medicare Advantage
Managed Medicaid
Health Plan Products
 
Compliance
Compliance Strategies
HIPAA Resource Center
Government Resources
Compliance Products
 
Pharmacy Benefit
Pharmacy Benefit Mgmt.
Specialty Pharmacy
Drug Mgmt. Products
 
Consumer-Directed Care
Articles on CDH
CDH Data
CDH Products
 
Market Data
Health Plan Enrollment
Pharmacy Benefit Mgmt.
Data Products
 
Health Reform
Obama Administration
Federal Legislation
State Legislation
State Results
Association Positions
Research Organizations
 
MarketPlace
Newsletters
Web Services & Looseleaf Guides
Books & Reports, Directories & Databases
Meetings
Alphabetical Listing
 

Health Care Links
 

 
Visit AISEducation.com for more news and strategic information for today's business leaders
 

HIPAA Compliance Strategies

Featured Health Business Daily Story March 25, 2009

Despite Its Many Patient Privacy Provisions, Economic Stimulus Law Does Not Fix HIPAA's Negative Impact on Research

Reprinted from REPORT ON PATIENT PRIVACY, the industry's most practical source of news on HIPAA patient privacy provisions.

Hopes that lawmakers would "fix" the problems HIPAA has wrought on research will have to wait until Congress takes up health care reform later this year. The stimulus law passed last month imposes new requirements that will impact research institutions as much as other covered entities (CEs). These are on top of the old rules that have plagued researchers and are detailed in two high-profile reports released before the stimulus passed.

Like other CEs, research institutions will be subject to changes in the new law that affect business associate agreements, that require notification of data breaches, and that affect accounting for disclosures.

Just 10 days before the final version of the measure passed the Senate Feb. 10, a committee impaneled by the Institute of Medicine (IOM) issued a scathing report, which urged Congress to exempt research from the rules and impose an entirely new system, or at least make significant changes in the current requirements.

The IOM report also urged research institutions to beef up their data security protections immediately. This report came on the heels of the Jan. 23 report by the Association of Academic Health Centers (AAHC), which urged policy makers and legislators to take similar steps to shield research from the rule.

The IOM committee has been researching the effect of the privacy rule for two years and reached the same conclusions as AAHC, but it suggested two approaches to correcting the situation, one being more radical than the other.

Congress could exempt research entirely from HIPAA, IOM found, and instead implement a new "framework" that would replace the privacy rule and presumably the Common Rule as well, which governs federally funded research involving human subjects.

According to IOM, what the new approach "should do" includes:

  • Apply to any person, institution, or organization conducting health research in the United States, regardless of the source of data or funding.
  • Make a clear distinction between the privacy considerations that apply to interventional research and research that is exclusively information-based; facilitate greater use of data with direct identifiers removed in health research; and implement legal sanctions to prohibit unauthorized re-identification of information that has had direct identifiers removed.
  • Require ethical oversight of research when identifiable health information is used without informed consent. HHS should develop best practices for oversight that should consider: (1) measures taken to protect the privacy, security, and confidentiality of the data; (2) potential harms that could result from disclosure of the data; and (3) potential public benefits of the research.
  • Certify institutions that have policies and practices in place to protect data privacy and security in order to facilitate important large-scale, information-based research.

If its framework is not selected, the government should make a number of changes in the current regulations and issue guidance to help universities and others comply, the committee said.

Specifically, HHS needs to determine best practices for privacy protections in research; encourage greater use of de-identified data and provide guidance on how to use data agreements that are provided for in the privacy rule; and harmonize the Common Rule with the privacy rule.

IOM committee members said they briefed members of Congress and their staffs on the findings while the stimulus bill was under discussion. It is unclear at this point what impact either study will have now that the bill is law.

Read the IOM report at www.iom.edu/CMS/3740/43729/61796.aspx.

 

AIS's Hot New books

receive free reports

HIPAA & Medicare Compliance Resources

Advertise With AIS

Privacy

Site Map



Copyright © 2010 by Atlantic Information Services, Inc. All rights reserved.
1100 17th Street, NW, Suite 300, Washington, DC 20036
Phone 202-775-9008 or 800-521-4323; E-mail customerserv@aispub.com