1 / 11

Series 1: “Meaningful Use” for Behavioral Health Providers

Series 1: “Meaningful Use” for Behavioral Health Providers. From the CIHS Video Series “Ten Minutes at a Time” Module 10: HIPAA Privacy & Security and 42 CFR Part 2 (Confidentiality). 9/2013. Overview. Differences between privacy, security and confidentiality

summer
Download Presentation

Series 1: “Meaningful Use” for Behavioral Health Providers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Series 1: “Meaningful Use” for Behavioral Health Providers From the CIHS Video Series “Ten Minutes at a Time” Module 10: HIPAA Privacy & Security and 42 CFR Part 2 (Confidentiality) 9/2013

  2. Overview • Differences between privacy, security and confidentiality • Meaningful Use and HIPAA Privacy and Security • Understanding and applying 42 CFR Part 2 in Meaningful Use • Resources for implementation

  3. A Note on Sharing Patient Information • HIPAA and 42 CFR Part 2 are intended to support (not impede) the appropriate exchange of patient information • Exchange of patient information is central to Meaningful Use • Ensure understanding of the data sets to be exchanged (Module 9) and what the rules REALLY say about when and how personal health information may be shared among providers • What HIPAA really says: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/usesanddisclosuresfortpo.html • What 42 CFR Part 2 really says: http://www.lac.org/index.php/lac/webinar_archive

  4. Privacy, Security and Confidentiality • Privacy and Security • Health Information Protection and Accountability Act (HIPAA) • Privacy rules identify national standards (45 CFR Part 160 and Subparts A and E of Part 164) • Security rules operationalize these standards (Subparts A and C of Part 164) • Patient information protected by HIPAA can be exchanged between covered entities in the coordination of patient care without additional consent • Protected by DHS Office of Civil Rights, increased penalties in Stage 1 • Confidentiality • Confidentiality of Alcohol and Drug Abuse Patient Records Act (42 CFR Part 2) • Identifies and operationalizes standards • Patient information cannot be exchanged without patient consent • Protected be federal law, otherwise, no penalties

  5. Core Objective/Measure #15 More about this Objective http://www.healthit.gov/providers-professionals/ehr-privacy-security

  6. When Conducted • CMS Guidance says “EPs must conduct or review a security risk analysis of certified EHR technology and implement updates as necessary at least once prior to the end of the EHR reporting period and attest to that conduct or review • Stage 1, Year 1 “Acquire, Implement, Use” for 90 days – conduct during this 90 days • To meet the grant requirement – prior to health information exchange

  7. Starting Points – HIPAA and Meaningful Use • “Core Measure 15 - Protect Electronic Health Information” comprehensive ONC resource (National Learning Consortium) www.healthit.gov/providers-professionals/achieve-meaningful-use/core-measures/protect-electronic-health-information • Health Information Privacy and Security 10 Step Plan http://www.healthit.gov/providers-professionals/ehr-privacy-security/10-step-plan • Nationwide Privacy and Security Framework http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov_privacy_security_frame-work/1173 • Workflow redesign templates http://www.healthit.gov/providers-professionals/workflow-redesign-templates

  8. Confidentiality • Ensure HIPAA Privacy and Security Objective has been met • Apply 42 CFR Part 2 only to patient information that emerges from a “treatment provider” (record should be flagged in EHR) • To meet the Meaningful Use standard for the grant, apply strategy to PBHCI enrollees • Majority of states cannot use state HIEs to exchange patient record that contains confidential information • Almost all states are using Nationwide Health Information Network Direct as part of their statewide HIE plan

  9. Starting Points – 42 CFR Part 2 and Meaningful Use • SAMHSA- Federal Initiatives Related to Data Sharing http://www.samhsa.gov/co-occurring/topics/data/data-sharing.aspx • Office of the National Coordinator for Health Information Technology – Behavioral Health Roundtable http://www.healthit.gov/sites/default/files/bh-roundtable-findings-report_0.pdf • Center for Integrated Health Solutions (includes links to SAMHSA 42 CFR Part 2 FAQs) http://www.integration.samhsa.gov/operations-administration/hit

  10. Summary • Privacy, Security and Confidentiality mean different things, especially in Behavioral Health • Meet the Objective 15 Measure sooner rather than later to ensure a baseline of quality in the exchange of patient information • Privacy and Security allow the exchange of patient information for the coordination of care between HIPAA covered entities without additional consent – check state regulations and then policies and procedures to ensure this barrier to integration are not in place • For the exchange of confidential patient health information use Nationwide Health Information Network (NwHIN) Direct • NwHIN Direct can be used to meet all HIT-related grant requirements (see Module 8)

  11. We Have Solutions for Integrating Primary and Behavioral Healthcare Contact CIHS for all types of primary and behavioral health care integration technical assistance and training needs 1701 K Street NW, Ste 400 Washington DC 20006 Web: www.integration.samhsa.gov Email: integration@thenationalcouncil.org Phone: 202-684-7457 Prepared and presented by Colleen O’Donnell, MSW, PMP, CHTS-IM for the Center for Integrated Health Solutions

More Related