A CCHIT Vendor’s Take on Potential Impacts of the HITECH Act

As most people know, I’m always open to guest posts from everyone and anyone that can provide a thoughtful perspective on a subject.  In the following guest post, Charlie Jarvis, AVP at NextGen, shares some of his thoughts on the HITECH act’s impacts.  I don’t necessarily agree with everything in this guest post, but I do believe that Charlie’s description of the “ambivalent” EMR buyer seems to be pretty accurate.  This will be a major challenge we need to overcome.  I’m hoping to follow up this post with an interview of Charlie.

Thanks Charlie!

As the national debate over the economic recovery plan and specifically the entire stimulus package continues, the HITECH sections of the American Recovery and Reinvestment Act (ARRA) may be “relatively” less controversial to the American public than other sections of this law But HITECH may wind up being just as important as other more visible pieces of this law-and central to the discussion around health care reform. HITECH will drive EMR adoption as we all know. But what does this really mean, beyond the sheer massive amounts of money being thrown at this effort?

I contend that HITECH is going to “stimulate” the following actions in our health care sector, beyond the obvious ones of job creation and expanded health care automation:

  • the evolution of coordinated care (among independent doctors), around the individual patient- a concept known as patient –centered care
  • a focus on true quality of care outcomes, and the necessary paradigm shift in physician behavior to a focus on the health care outcomes of patients rather than simply the results of individual treatments or procedures
  • the necessity of independent small (1-5) physician practices to either consider joining with their hospital, creating larger independent groups, or affiliating with an IPA or other such organization that can support their technology needs going forward; their ability to remain independent will suffer dramatically (an after many economic activities in the past have failed to unite doctors, this one appears to be able to have that effect)

All of these actions are going to challenge the medical practitioner to adopt a new view of their practice and indeed of medicine in general. And all of us who support physicians are likewise challenged with the responsibility to support physicians through this potentially overwhelming process. Our job is to focus not on independent opportunity for success in this new model but rather to understand and accept our role in helping reform care achieve its intended goal- the improved health care service to the patient, at a price they or their insurance carrier can afford.

While there is a great deal of excitement among many with the availability of incredible amounts of money to support HIT adoption, we must remember that a large portion of the medical community is viewing this “technology explosion” as something being forced upon them rather than an action that they enthusiastically embrace. And in an environment where the right EHR product is not always obvious (the government’s definition of certified HIT products and issuance of a certified HIT product list is not ready yet although everything points to CCHIT remaining their certifying body), we have a potentially disenchanted and ambivalent “buyer”.

And this purchasing “ambivalence” does not even begin to address the concern most doctors have over the fact that how they will be judged as caregivers in the future, will be largely dependent on reports of data which they will be required to capture and report. (And finally, if that is not enough, their ability to automate successfully will be published on the government’s health website for all the population to see.)

This may be an exciting and tremendously opportunistic time for America to reform its health care system- but the automation plan is going to have it’s challenges. We had better be up to it as a team!!

Charlie Jarvis
Assistant Vice President Health Services and Government Relations
NextGen Healthcare Information Systems, Inc.

About the author

John Lynn

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • One factor contributing to physician ambivalence could be HITECH’s hugely increased penalties for privacy/security violations of the law, coupled with new provisions that demand functionality in EHRs that’s either currently weak or nonexistent.

    When a privacy/security violation becomes a potentially bankruptcy-inducing event (civil penalties raised 49,900% from the prior $100/violation to the new range of $100 to $50,000/violation at the lowest level of culpability), physicians and other covered entities will want to make absolutely sure that their new EHRs can provide the functionality needed to comply with the new laws.

    Such functionality is tough to come by. What vendor can currently provide for a restriction of PHI at the patient’s request from its EHR to a health plan for purposes of payment or healthcare operations, as required by HITECH, when the PHI may be only one part of an operative report. That could happen if a patient decides to have cosmetic surgery, paid for by the patient out of pocket and thus not to be disclosed to the health plan, done at the same time as a medically necessary procedure for which the patient wants payment for from the health plan.

    Are vendors going to be able to assure physicians that their EHRs will be able to provide the requisite data for an accounting for disclosures to a patient when we won’t know the required content of the accounting until DHHS promulgates regulations (by June 30, 2010 at the latest)? Note that under HITECH, the effective date for compliance for any EHR purchased after Jan. 1, 2009 is Jan. 1, 2011 or the date of purchase, whichever is later. If I were a physician, I’d weigh the incentives against the potential penalties and think long and hard about EHR adoption.

  • This is one of the reasons that the IT standards are tough and getting tougher. The better solutions will be the ones that meet the standards and thus can assure a high level of functionality as well as compliance with all aspects of the new privacy and security laws.
    Another reason why ALL HIT providers should be CCHIT 2008 certified now if they hope to meet the government’s final regulations.

  • Jana,
    Thanks for the reminder that I wanted to cover more of the HIPAA enforcement thanks to the HITECH act. I just wonder how much of HIPAA enforcement will really happen. Especially for the small solo doctor which is the group that still hasn’t implemented EHR at least to a large extent despite making up 75% of the medical care (depending on which numbers you look at).

    Honestly, I’m not sure that doctors use HIPAA as a major part of the EHR selection. They all have it on their list, but every EHR that exists can quickly reply that they are compliant. Once doctors have this, I’m not sure that they give it a second thought.

  • John — I agree that HIPAA privacy/security compliance is probably not very high on the list of criteria for solo physicians in choosing an EHR. My point, however, is that it should move up a notch or two because of the difficult-to-handle new patient rights afforded under the HITECH Act AND the greatly increased penalties.

    As for enforcement, if the past is any guide, again you’re right — there won’t be much. We’re under a new administration, however, and perhaps things will change. Certainly the size of the increased penalties, the new provision for state attorneys general actions plus several of the required reports from DHHS/FTC point in the direction of encreased enforcement. Finally all it takes is one upset patient to call OCR.

    Since I’m not a tech person, I would be interested in a discussion of how EHRs really will handle the “request for restrictions” provision. I can foresee patient requests that are legitimate under the new provision, but which will be literally impossible for ANY EHR to handle. The law doesn’t permit any “real-life impossibility” defense, unfortunately! If, as I suspect, the new rights will be very difficult to actually provide from a technical standpoint, it would be good for the industry to recognize and acknowledge that.

  • Jana,
    Point well made. Too bad no one will really listen until they or their friend gets slapped with a big HIPAA fine. I’d be happy to take the fine checks if that would help. I do agree that many doctors have the fear of one upset patient.

    Can you point me to the “request for restriction” provision you’re speaking of? I’d be interested to read it and see if it would be possible or not technically. I usually say that EVERYTHING is possible, but that doesn’t mean it’s likely to happen.

  • The “request for restrictions” that I’m wondering about is found at section 13405(a) of the HITECH Act. In short, covered entities are now required to comply when a patient requests that the covered entity not disclose PHI relating to an item or service to a health plan for payment or healthcare operations purposes and the patient has paid for the item or service out of pocket in full.

    This provision is easy to manage if the patient asks for restriction on disclosure about a specific discrete service, such as a lab test. No problem. But what about if the patient is going to be hospitalized for some medically necessary sinus surgery coupled with a cosmetic procedure on her nose — and she requests that the surgeon and the hospital restrict the disclosure to her health plan of the cosmetic procedure, but not the sinus surgery? (Assume that she has paid both the physician and the hospital for the cosmetic portion of the hospitalization/surgery in full, out of pocket.)

    The operative report is a unified document, as is the discharge summary. The physicians and nurses’ notes will be full of mention of both the cosmetic and the non-cosmetic procedure. How will the EHR be able to separate out the two? If it was a paper-based record, one could physically redact the restricted information, but how does one do so in an EHR? Is that workable based on existing hospital EHRs?

  • Jana,
    That is an interesting question. My guess is that most EHR still release information using paper, so they still have the same option as paper-based records. This could be more of a problem if we talk about electronic exchange of information. Things like this is what makes the sharing of patient information so hard. There’s probably 100 situations like this that are hard to model.

    I think there’s also an interesting point about discovering the incorrect submission of information. I’m sure that some cases will happen just based on the volume and complexity of certain situations. They’ll also probably get a lot of media coverage. It’s just too bad that we have to jump through so many hoops in honor of some crazy situations.

    I think I’m going to point your comment to a health care lawyer I know online and see if she’s willing to comment on your points.

  • I agree that the scenario described would create a dilemma and, short of making all disclosures to the health plan in paper format (with redaction) I’m not sure how else one would comply from a practical standpoint. This is the type of thing that should be brought to the OCR’s attention so that they will hopefully address it in future guidance or regulations.

Click here to post a comment