Medicaid Program; Mechanized Claims Processing and Information Retrieval Systems (90/10). Final rule.

This final rule will extend enhanced funding for Medicaid eligibility systems as part of a state's mechanized claims processing system, and will update conditions and standards for such systems, including adding to and updating current Medicaid Management Information Systems (MMIS) conditions and standards. These changes will allow states to improve customer service and support the dynamic nature of Medicaid eligibility, enrollment, and delivery systems.

Technical solution for data collection, data safety and data privacy legislation: experiences from the SWEET study.

BACKGROUND: One of the most important tasks of the SWEET study is benchmarking the data collected. Information on the occurrence of the disease of diabetes, the treatment, and their outcomes in children from the different member states of European Union (EU) is crucial. How the collection of data is realized is essential, concerning both the technical issues and the results. The creation of SWEET Centers of Reference (CoR), all over Europe will be facilitated by the access to safe data collection, where legal aspects and privacy are ascertained. OBJECTIVE: To describe the rationale for- and the technical procedure in the data collection implementation, in the SWEET study. SUBJECTS: Selected data on all patients treated at SWEET CoR are collected. METHODS: The SWEET project data collection and management system, consists of modular components for data collection, online data interchange, and a database for statistical analysis. CONCLUSION: The SWEET study and the organization of CoR aims for the goal of offering an updated, secure, and continuous evaluation of diabetes treatment regimens for all children with diabetes in Europe. To support this goal, an appropriate and secure data management system as described in this paper has been created.

Exemption of certain systems of records under the Privacy Act. Final rule.

This final rule exempts four systems of records (SORs) from subsections (c)(3), (d)(1) through (d)(4), (e)(4)(G) and (H), and (f) of the Privacy Act pursuant to 5 U.S.C. 552a(k)(2): The Automated Survey Processing Environment (ASPEN) Complaint/ Incidents Tracking System (ACTS), HHS/CMS, System No. 09-70-0565; the Health Insurance Portability and Accountability Act (HIPAA) Information Tracking System (HITS), HHS/CMS, System No. 09-70-0544; the Organ Procurement Organizations System (OPOS), HHS/CMS, System No. 09-70- 0575; and the Fraud Investigation Database (FID), HHS/CMS, System No. 09-70-0527.

Patients' safety, privacy and effectiveness--a conflict of interests in health care information systems?

Information technology (IT) is finding its way into daily clinical work. IT is primarily seen as a tool for providing quality of service, cutting costs and promoting efficiency in every aspect of health care, but improvements for patients' safety are also a driving force. IT-solutions can be found both at an administrative and a clinical level, supporting everything from documentation, distribution and storing of patient data to workflows, monitoring and decision making. However, the increasing use of IT in health care raises questions. What is the impact on patients' rights and privacy? Does the law benefit IT-solutions in health care, or does it raise barriers for optimized use? Which interests does the law safeguard in the health care sector, and in the light of an increasing use of IT, do any of these identified interests collide? In conjunction with a governmental national project (InfoVU) during 2001-2004, the Swedish National Board of Health and Welfare (NBHW) had to address these issues and other legal aspects of IT use in health care. The agency's analysis was published in November 2005. The purpose of this article is to present some of the agency's conclusions on legal issues pertaining to the management and processing of patient data. It will show, from a Swedish legislative point of view, the need for a common information security strategy for health care information management as well as discussing other legislative issues in order to meet both the patients' and the health care provider's interests in an electronic environment.

[Extraction of management information from the national quality assurance program]. / Gewinnung von Managementinformationen aus der externen vergleichenden Qualitätssicherung.

BACKGROUND: Starting with clinically motivated projects, the national quality assurance program has established a legislative obligatory framework. Annual feedback of results is an important means of quality control. MATERIAL AND METHODS: The annual reports cover quality-related information with high granularity. A synopsis for corporate management is missing, however. Therefore, the results of the University Clinics in Greifswald, Germany, have been analyzed and aggregated to support hospital management. RESULTS: Strengths were identified by the ranking of results within the state for each quality indicator, weaknesses by the comparison with national reference values. The assessment was aggregated per clinical discipline and per category (indication, process, and outcome). CONCLUSION: A composition of quality indicators was claimed multiple times. A coherent concept is still missing. The method presented establishes a plausible summary of strengths and weaknesses of a hospital from the point of view of the national quality assurance program. Nevertheless, further adaptation of the program is needed to better assist corporate management.

[Twenty years' experience with the information system "biopsy" used in the work of a department of morbid anatomy].

The long-term use of the information system "Biopsy" has shown its efficiency in improving the organization of the department of morbid anatomy in a large hospital. Its advantages are the availability of materials and necessary information for the shortest period. The introduction of an electronic signature and the storage of signed documents are new real steps to the creation of paper-free technology, including the so-called electronic case history base. Automated exchange of orders for tests and their results not only reduces the time of their obtaining, but also lowers costs and enhances the efficiency of work pf a biopsy laboratory.

Anesthesia information management systems.

Documentation is the last component of anesthesia patient management to be affected by technology. Anesthesia information management systems (AIMS) have been introduced in a limited number of practice sites. The automated systems provide unbiased reporting of most patient information. This results in improved patient care and possible medical legal advantages. AIMS also allow anesthesia departments to monitor their business related activity.

Decreto Nro. 378: Plan nacional de gobierno electrónico

Texto completo del decreto, y anexo que contiene lineamientos estratégicos para la puesta en marcha del plan nacional de gobierno electrónico y de los planes sectoriales del gobierno

Decreto Nro. 378: Plan nacional de gobierno electrónico

Texto completo del decreto, y anexo que contiene lineamientos estratégicos para la puesta en marcha del plan nacional de gobierno electrónico y de los planes sectoriales del gobierno

HIPAA strengthens business case for electronic report distribution systems.

HIPAA may finally force healthcare organizations to make long-postponed decisions to increase the use of automation and technology for report distribution. For most, the direct benefits will far outweigh the costs.

Countdown to HIPAA compliance.

As compliance deadlines for the Health Insurance Portability and Accountability Act close in, the author details specific actions that must be taken to ensure that covered entities are indeed compliant with all of the Act's provisions.

Addressing HIPAA across the continuum.

HIPAA is an issue in hospitals across the nation, but what about other kinds of facilities--such as long-term care, behavioral health, or home care organizations? They, too, need to address HIPAA. We asked three HIM professionals who work in these settings to briefly address how HIPAA is changing the way they work.

HIPAA--a real world perspective.

An effective and realistic approach to HIPAA compliance requires healthcare organizations to achieve a fundamental shift in attitude, awareness, habits and capabilities in the areas of privacy and security. They must create a sense of accountability among staff, and even patients, for the safeguarding of patient information. Only when this culture shift has occurred, along with the required technological advancements, can HIPAA compliance be realistically achieved. There is still ample time to create the organizational shift necessary, along with technological enhancements, to meet HIPAA requirements. Beyond compliance, HIPAA will benefit the healthcare industry by promoting administrative simplification--the original intention of the Act. And it will require the healthcare industry, in an abbreviated timeframe, to upgrade its level of sophistication in managing information. HIPAA certification springs from an organizational compliance method that has been underway in government for the past two decades. The HIPAA playbook is taken lock, stock and barrel from other Federal guidelines. HIPAA's legislative lineage includes the Healthcare Reform Act of 1993, Paperwork Reduction Act of 1980, Computer Security Act of 1987 and the Privacy Act of 1974. HIPAA means that public and private sector healthcare organizations are going to be required by law to adopt the same information-handling practices that have been in effect in the Federal government for years. That boils down to two things: Standardized formatting of data electronically exchanged between providers, payers and business partners (EDI) Federalization of security and privacy practices within private-sector healthcare information management The key to making HIPAA compliance achievable within a practical timeframe, as well as instituting the culture changes that go with enhanced privacy and security standards, is a process that is largely unfamiliar in the private sector, called administrative certification and accreditation. Certification is an organizational change-management methodology that drives accountability for security down to that level in the organization where it will concretely and tangibly get done. It is a comprehensive managerial assessment of the technical and non-technical security features and other safeguards of a system associated with its use and environment. The assessment seeks to establish and document the extent to which a particular system meets a set of specified security requirements. HIPAA accreditation occurs when all functional managers in an organization have completed reports of what they know they need to do in their areas. They submit that information to an executive official within the organization who functions as the accrediting official for the organization. Accreditation is the formal declaration that an information system is approved to operate in a particular security mode using a prescribed set of safeguards and should be strongly based on the solvable vulnerabilities and residual risks identified during certification. Institutionalizing a practical and formal HIPAA certification program is important to support business activities and can provide several benefits including increased communication within an organization.