The enactment of the HIPAA/HITECH Act could not have come at a more appropriate time. Everyday there are hundreds and thousands of data leaks and identity thefts reported from different parts of the world. In United States alone, incidents of data breaches continue to occur at alarming rates. Moreover, if we take into account data breaches in the healthcare industry, the figures would be more when compared to other industry sectors. This is because of hospitals’ low –key attitude towards protecting patient data as they are de-focused on the enormous vulnerabilities that exist in the healthcare industry.
Though the decision of the federal government to encourage and promote technology use in the healthcare space is the right step in the right direction, it can be a success if and only if healthcare organizations, medical practitioners, and pharmacies follow suit. However, merely converting patient information to electronic health records (EHR) would not serve the purpose since increase in electronic health data would only intensify attacks by the hackers. Hence, it has to be carried out in an organized manner with primary focus on security and privacy aspects.
Through the enactment of the HIPAA/HITECH act, the federal government hoped to enhance the efficiency and effectiveness of the nation's health care system and with support from the healthcare industry, they have succeeded to a greater extent in making it a reality. However, the complacent attitude of the health care providers, pharmacies, and medical practitioners towards patient data protection management forced the government to take a carrot and stick approach.
The HIPAA/HITECH Act
The HIPAA or the Health Insurance Portability and Accountability Act was enacted in 1996 to protect the health insurance coverage for employees and workers when they change or lose their jobs. However, in 2003, the HIPAA act was amended to include the Administrative Simplification (AS) provisions in order to check fraud and abuse within the healthcare system. As per the amendment, hospitals, medical practitioners, and business associates were asked to take sufficient steps to address the data security and privacy concerns of patients.
The HIPAA or the Health Insurance Portability and Accountability Act was enacted in 1996 to protect the health insurance coverage for employees and workers when they change or lose their jobs. However, in 2003, the HIPAA act was amended to include the Administrative Simplification (AS) provisions in order to check fraud and abuse within the healthcare system. As per the amendment, hospitals, medical practitioners, and business associates were asked to take sufficient steps to address the data security and privacy concerns of patients.
The HITECH or the Health Information Technology for Economic and Clinical Health Act was enacted in 2009 by the federal government to encourage the use of technology in the healthcare industry. The government declared incentives to the tune of $19.2 billion to those organizations that take all the necessary measures for healthcare compliance. However, the government also made it clear that from 2015 onwards defaulters would have to face stiffer penalties for HIPAA/HITECH non-compliance.
Though the HIPAA/HITECH Act is already in place, the healthcare industry still needs time to adopt a compliance driven approach. However, the availability of a unique, inexpensive, and automated SaaS based solution is making things easier for doctors, dentists, chiropractors, psychologists, nursing care providers, or anyone who handles Patient Health Information (PHI) to achieve HIPAA/HITECH compliance. It not only helps in identifying the problem areas but also aids in fixing it, thereby ensuring complete data protection.
No comments:
Post a Comment