The two final rules for HITECH Stage 2, Electronic Health Record Incentive Program, which address encryption and other privacy and security issues, were released on the Federal Register Electronic Public Inspection Desk recently. The two rules for Stage 2 HITECH ePHI Incentive Program that eligible professionals (EPs), eligible hospitals, and critical access hospitals (CAHs) must meet in order to qualify for Medicare and/or Medicaid electronic health record (EHR) incentive payments are:
1. Meaningful EHR User – participants must address encryption/data security while preforming a risk analysis.
Our Dexcomm Experts have developed a complimentary eBook to help you navigate risk analysis and recovery HIPAA Threats and Breaches, click here to find out more.
2. Software Certification Rule – requires that EHR software be designed to encrypt, by default, electronic health information stored locally on end-user devices.
Hospitals and physicians must use electronic medical records to qualify for a second round of Medicare incentives (payments), beginning in 2014. If the medical practice wants to participate in Stage 2 of the HITECH Act incentive program, the software that the medical practice uses must pass Stage 2 software certification. The only action a small medical practice can take is to request from their software vendor that the EHR software meets the certification rule. Or switch software packages. Click here to read the full story.