Electronic health records : overview, challenges and legislation / edited by Elmer Mitchell.

Format:

Book

Contributor:

Mitchell, Elmer, editor.

Series:

Health Care in Transition

Language:

English

Subjects (All):

Medical records--Law and legislation--United States.

Medical records.

Medical records--United States--Data processing.

Physical Description:

1 online resource (326 pages) : illustrations

Place of Publication:

New York, New York : Snova, [2019]

Summary:

Recent data breaches have highlighted the importance of ensuring the security of health information, including Medicare beneficiary data. The objectives of chapter 1 are to identify the major external entities that collect, store, and process Medicare fee-for-service beneficiary data; determine whether requirements for the protection of Medicare beneficiary data align with federal guidance; and assess CMS oversight of the implementation of those requirements. Health care providers are increasingly sharing patients' health records electronically. When a patient's records are shared with another provider, it is important to accurately match them to the correct patient. As reported in chapter 2 accurately matching patient health records is a barrier to health information exchange and that inaccurately matched records can adversely affect patient safety or privacy. VA provides health care services to approximately 9 million veterans and their families and relies on its health information system--VistA--to do so. However, the system is more than 30 years old. In June 2017, the department announced plans to acquire the same system--the Cerner system--that DOD is implementing. Chapter 3 and 4 review key aspects of VistA and VA's plans for the new acquisition of the Cerner system. The National Defense Authorization Act for Fiscal Year 2008 included provisions that VA and DOD jointly develop and implement electronic health record systems or capabilities and accelerate the exchange of health care information. The act also required that these systems be compliant with applicable interoperability standards. Further, the act established a joint Interagency Program Office to act as a single point of accountability. Chapter 5 discusses findings on the establishment and evolution of the Interagency Program Office over the last decade. Chapters 6 through 8 discuss recent legislation pertaining to electronic health records.

Contents:

Intro

Contents

Preface

Chapter 1

Electronic Health Information: CMS Oversight of Medicare Beneficiary Data Security Needs Improvement*

Abbreviations

Why GAO Did This Study

What GAO Recommends

What GAO Found

Background

Federal Law Establishes Security Requirements to Protect Federal Information and Systems

Office of Management and Budget Provides Guidance to Agencies on Implementing FISMA

NIST's Framework for Critical Infrastructure Cybersecurity Establishes a Baseline for Protecting Critical Information Assets

CMS Shares Medicare Fee-for-Service Beneficiary Data with Three Major Types of External Entities

Medicare Administrative Contractors Access Fee-for-Service Beneficiary Data to Process Claims

Researchers Access Fee-for-Service Beneficiary Data to Assist CMS in Monitoring, Managing, and Improving Medicare Programs and Services

Qualified Entities Access Medicare Fee-for-Service Beneficiary Data to Evaluate the Performance of Service Providers and Equipment Suppliers

CMS Established Information Security Requirements that Align with Federal Guidance for Some, But Not All, External Entities

CMS Requirements for MACs and Qualified Entities Reflect a Risk-Based Assessment and Generally Align with the NIST Cybersecurity Framework

CMS Does Not Provide Security Guidance for Researchers

CMS Has Not Consistently Overseen the Implementation of Security Controls by External Entities

CMS Has Overseen Independent Assessments at the MACs, But Has Not Consistently Tracked Issues Identified by Those Assessments

MACs Undergo Two Types of Annual Assessments

Corrective Actions and Milestones Have Not Always Been Tracked Consistently

CMS Does Not Have Effective Oversight Processes and Procedures for Researchers and Qualified Entities

Conclusion

Recommendations.

Agency Comments and our Evaluation

Appendix I: Objectives, Scope, and Methodology

Appendix II: Analysis of CMS Acceptable Risk Safeguards

Appendix III: Comments from the Department of Health and Human Services

Chapter 2

Health Information Technology: Approaches and Challenges to Electronically Matching Patients' Records across Providers(

Patient Record Matching

Importance of Accurate Patient Record Matching

ONC Responsibilities and Patient Record Matching

Stakeholders Described Patient Record Matching Approaches and Associated Challenges

Providers and HIE Organizations Described Using Both Manual and Automated Approaches to Patient Record Matching

Stakeholders Said That Inaccurate, Incomplete, and Inconsistently Formatted Data Can Pose Challenges for Patient Record Matching

Stakeholders Identified Efforts Underway to Improve Patient Record Matching as Well as Additional Efforts ONC and Others Could Undertake

Stakeholders Have Undertaken Efforts to Improve the Demographic Data and Methods Used to Match Records

Efforts to Improve Demographic Data Used for Matching

Assessing and Improving Matching Methods

Stakeholders Identified Additional Efforts That ONC or Others Could Undertake to Improve Patient Record Matching

Implementing Common Standards for Recording Patients' Demographic Data in Health IT Systems

Developing a Data Set to Test the Accuracy of Methods Used to Match Patients' Medical Records

Sharing Best Practices and Other Resources Used in Matching Patients' Medical Records

Implementing a National Unique Patient Identifier

Developing a Public-Private Collaboration Effort to Improve Patient Record Matching

Agency Comments

Chapter 3.

Electronic Health Records: VA Needs to Identify and Report System Costs*

VistA's Role at VA

VA has about 130 Different Versions of VistA

OIT and VHA Share Responsibilities for VistA

VA has Begun to Acquire a New System after a Long History of Efforts to Modernize VistA

GAO Has Previously Reported on VA's Challenges in Managing Health IT and VistA Modernization

VA Has Undertaken Efforts to Define VistA, but Additional Work Remains

VA Identified Total VistA Costs of about 2.3 Billion between 2015 and 2017, but Could Not Sufficiently Demonstrate the Reliability of All Data and Omitted Other Costs

VA did not Sufficiently Demonstrate the Reliability of Data for All VistA Costs

VA Omitted Certain Costs from the Total Cost of VistA

VA Has Initiated a Number of Activities to Transition from VistA to the Cerner System

VA Has Taken Steps to Establish a Program Office Reporting to Senior Agency Management and Efforts to Hire Staff are Ongoing

VA Has Established Program Governance and is Working on Developing a Joint Management Structure with DOD

VA and Cerner Conducted Site Assessments to Refine the Scope of Work

VA Is Preparing Program Plans for Implementation

VA Established a Program Baseline for Achieving Initial System Deployments

Recommendation for Executive Action

Agency Comments and Our Evaluation

Appendix II: Comments from the Department of Veterans Affairs

Chapter 4

VA IT Modernization: Preparations for Transitioning to a New

Electronic Health Record

System Are Ongoing(

Background.

VA Has Reported Obligating about 3.0 Billion to VistA and Related Activities from Fiscal Years 2015 through 2017

VA Is Working to Define VistA's Scope and Identify Components to Be Replaced by the Cerner System

VA's Preparations for Transitioning from VistA to the Cerner System Are Ongoing

Standardizing VistA

Assessing the Approach to Increasing Interoperability

Establishing a Program Office and Governance

Preparing Initial Program Plans

Critical Factors Underlying Successful Major Acquisitions

Chapter 5

Electronic Health Records: Clear Definition of the Interagency Program Office's Role in VA's New Modernization Effort Would Strengthen Accountability*

Interoperability: An Overview

VA and DOD Have a Long History of Efforts to Achieve Electronic Health Record Interoperability

The Interagency Program Office Has Not Functioned as the Single Point of Accountability for VA and DOD's Efforts to Increase Electronic Health Record Interoperability

The Interagency Program Office Became Operational, But Was Not Positioned to Be the Single Point of Accountability for Achieving Interoperability

The Interagency Program Office Was to Be the Single Point of Accountability for Establishing a Lifetime Electronic Record for Servicemembers and Veterans, but VA and DOD Did Not Develop Complete Plans for the Effort

The Interagency Program Office Was Responsible for the Development of a Joint Electronic Health Record System for VA and DOD, but the Office Was Not Positioned for Effective Collaboration

The Interagency Program Office Subsequently Took Steps to Improve Interoperability Measurement and Additional Actions Are Planned.

The Interagency Program Office's Role in Governing VA's New Electronic Health Record System Acquisition Is Uncertain

Chapter 6

Veterans' Electronic Health Record Modernization Oversight Act of 2017(

Purpose and Summary

Background and Need for Legislation

Hearings

Subcommittee Consideration

Committee Consideration

Committee Votes

Committee Oversight Findings

Statement of General Performance Goals and Objectives

New Budget Authority, Entitlement Authority, and Tax Expenditures

Earmarks and Tax and Tariff Benefits

Committee Cost Estimate

Congressional Budget Office Cost Estimate

Federal Mandates Statement

Advisory Committee Statement

Statement of Constitutional Authority

Applicability to Legislative Branch

Statement on Duplication of Federal Programs

Disclosure of Directed Rulemaking

Section-by-Section Analysis of the Legislation

Section 1. Short Title

Section 2. Oversight of Electronic Health Record Modernization Program

Changes in Existing Law Made by the Bill, as Reported

Chapter 7

To Amend Title XI of the Social Security Act to Promote Testing of Incentive Payments for Behavioral Health Providers for Adoption and Use of Certified Electronic Health Record Technology(

Committee Action

Oversight Findings and Recommendations

Congressional Budget Office Estimate

Opioid Legislation

Summary

Uncertainty

Direct Spending and Revenues

Spending Subject to Appropriation

Mandates Affecting Public and Private Entities

Mandates Affecting Private Entities

Statement of General Performance Goals and Objectives.

Duplication of Federal Programs.

Notes:

Includes index.

Description based on print version record.

ISBN:

1-5361-6710-X

OCLC:

1145550239