|Last Month's Featured Article
|Last month's featured article was entitled Healthcare for the 21st Century, it's the architecture stupid. Because healthcare architecture and interoperability will be such important topics going forward, we have decided to feature this article in this month's newsletter as well. For a summary continue reading, otherwise to read the full article click here.
This article discusses a notion that has heretofore been mostly foreign to health information technology ("HIT") professionals let alone to healthcare executives.
The HITECH Act has engendered significant discussion regarding "interoperability." However the latter term is a concept that is critically dependent on the healthcare architecture that underpins it. Therefore, this article takes a broad look at the importance of architecture within healthcare and highlights the business significance of healthcare architecture to an organization's competitive advantage (large or small).
It should be clear by now to even casual observers of the U.S. healthcare industry that it is quickly evolving into something radically different than the status quo. In fact, it is no understatement to suggest that the disruption occurring within the industry is a tsunami of sorts, one that has far reaching implications. Although healthcare architecture is not a buzz word that you are accustomed to hearing, it will be.
Remember you read it here first. Also remember that there can be no meaningful discussion of healthcare architecture without including privacy and security in "virtually the same breadth."
| HITECH Ready Business Associate Contract & Compliance Roadmaps now available in the HSG Store.
|Business Associate Agreement: a HITECH Ready Model Contract
The HIPAA regulations and the HITECH Act mandate that a CE establish a written contract with a BA in a number of instances, including whenever a BA "manages" PHI on behalf of a CE.
Our Model Contract includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links, where appropriate, to the relevant statutory/regulatory authority that underpins each Contract clause.
The Contract package also includes a complete "User's Guide," with a clause-by-clause explanation of the issues addressed in the Contract. It can be used, with minor modifications, out-of-the-box, or as an educational tool to draft a customized version.
The Security Rule Under HITECH:
a Business Associate Perspective
The most important step for building a "good SR compliance story" is for the business associate to get started. The approach recommended herein is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. Getting started in the wrong direction initially could be far more costly in the long run, since much of the compliance budget may simply be wasted. The framework discussed throughout this document provides a good road map to follow.
HIPAA Survival Guide Third Edition
The Third Edition of the HIPAA Survival Guide updates various substantive text of the first two editions and adds completely new material. The HITECH Act has indeed proven to be transformational. In order to deal more effectively with its changing regulatory landscape we have decided to release an updated version available here and on Amazon's Kindle platform.
|Join Our Mailing List
Interested in staying current on HITECH / HIPAA compliance issues? Click the "join our list" link above and receive your own copy
of the newsletter each month.
Also, if you are interested in "jumpstarting" your compliance efforts then check out the HSG Store
. If you need to compare EHR software offerings click here
and if you need a HITECH compliant data backup checklist click here
Finally, interested in reducing costs and delivering more value to your patients? Then check out Info-Surge's patient engagement portal
Welcome to the October 2010 HITECH / HIPAA Compliance Newsletter. The featured article this month is entitled: "Ten Steps to Selecting the Right EHR Software." As discussed below, this article is based on an article with a similar title from one of our content partners. To download the original article and access other EHR tools click here.
We are now actively promoting what we believe to be is the best of breed compliance tracking system ("CTS") on the market. We performed a significant amount of due diligence over the last couple of years and this is the one solution that is clearly ahead of the pack and economically priced to be within the reach of even the smallest covered entities and business associates. To see a demo of the product click here.
We are also pleased to announce the availability
of our Breach Notification Framework.
Section 13402 of the HITECH Act
requires that HIPAA covered entities and their business associates provide various notifications following a breach of unsecured protected health information. Our Breach Notification Framework
offers guidance for complying with HITECH's Breach Notification requirements.
Our EHR Library
remains one of our most popular downloads. Here you will find content that will help you select the right EHR package for your practice or facility.
We continue to be excited regarding the marketplace feedback of our Business Associate Agreement: a HITECH Ready Model Contract (Buy Now
The HIPAA regulations
and the HITECH Act
mandate that a CE establish a written contract with a BA in a number of instances, including whenever a BA "manages" PHI
on behalf of a CE. Our Model Contract includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links, where appropriate, to the relevant statutory/regulatory authority that underpins each Contract clause.
Our Model Business Associate Contract, Roadmaps, and other offeringsare now available in the HSG Store
Want to stay updated throughout the month then follow Debbie on Twitter by clicking on the badge below. If you would like to read more regarding the authors' views on HIT and compliance click here and here and subscribe to their blogs.
Become a Fan
Follow us on FaceBook by becoming a fan of the guide and support the HSG
by purchasing some HSG Wearables
. Also, be sure to check out our HITECH Videos
is now welcoming advertisers
to help support one of the most comprehensive and usable HITECH / HIPAA sites on the Internet. Our audience continues to grow as healthcare providers, both large and small, return to HSG
again and again.
| Ten Steps to Selecting the Right EHR Software
| First of all, if you have been following along with this newsletter you understand that there are no ten steps (or five, pick a number) to "solving" any wicked problem (for new readers see here and here). Software selection is clearly a wicked problem and therefore does not lend itself to a linear process.
The software selection problem is much more chaotic than what may be apparent on its face. Second, although an EHR implementation and your HITECH compliance initiative are closely intertwined, for reasons to be discussed in this article, we feel compelled to (once again) remind our readers that they are NOT one and the same thing.
This article leverages (euphemism for borrows heavily from) an article with a similar title by one of the HIPAA Survival Guide's ("HSG") content partners, Software Advice ("SA"). The SA article (see our hosted content library here) is well written and quite useful, standing alone. However, it does not cover compliance issues. Also, there are aspects of the SA article with which we disagree. That should not come as a surprise.
That said, this article was much easier to write because we built on SA's strong foundation and, to borrow a jazz expression, "riffed off of it." This article is therefore a derivative work. You will need to "grok" the foundation in order to understand what is contained herein.
Finally, although a wicked problem cannot be solved using a linear process, that does not mean that a linear framework is not useful. A framework is required because without one you may become hopelessly lost in the chaos and find yourself aimlessly wondering around the desert and dying of thirst.
These are 10 important steps to take, no doubt. But the order you will actually do them in will vary and you will find yourself revisiting some steps over and over before your final selection is made.
- Research the Market
- Prioritize Requirements
- Make the Business Case
- Build the Vendor Short List
- Educate the Vendors
- Evaluate the Short List Selections
- Rank the Vendors
- Get Down and Dirty with Pricing
- Verify Vendor Viability
- Review the Software License Agreement
| About Us
| We help companies safely and securely do business on the web, in accordance with applicable law. How? By helping them reduce risk. Privacy and security compliance issues are merely a subset of legal issues that online businesses face. This is equally true for eCommerce sites as it is for healthcare providers, facilities, and vendors.
We take a partnering and collaborative approach in our legal practice. If you would like to see specific topics covered in this newsletter then please let us know.
The Digital Business Law Group, P.A.