The transformation of federal regulations covering all entities that manage patient information has accelerated a bit in the past six years, with the 2009 enactment of the Health Information Technology for Economic and Clinical Health Act being one of the more important new releases. However, the Health Information Portability and Accountability Act is still very much in motion, and medical firms need to ensure that their own novel strategies remain in compliance with the statutes therein.
Newer bills and legislative decisions have impacted the ways in which HIPAA is handled, governed and enforced, meaning that the rules of engagement are far from being entirely solidified, but rather remain in a state of relative flux. As such, medical firms must ensure that they are keeping up with the progression of compliance adjustments and maintaining tight control of patient records every step of the way to avoid breaches and penalties.
A new bill introduced in Congress will likely have some impacts on HIPAA in the coming years, and any firm that handles patient health information will need to keep its ears to the ground to see how this plays out. The bill has been titled 21st Century Cures, and is essentially a novel piece of legislation that hopes to improve medical research from both accuracy and speed perspectives, thus working to support the progression of patient care.
Health IT Security recently reported that the main component of HIPAA that might be transformed by the 21st Century Cures bill relates back to the disclosure of patient health information, which has long been governed in strict fashion. According to the news provider, whereas HIPAA did contain conditions that would allow firms to share PHI without consent in the past, the new bill will give researchers a bit more freedom when they are looking to gather this data.
The source stated that so long as the researchers are maintaining reasonable safeguards for privacy and security, as well as not creating copies and further sharing the information with others, no consent will be needed once this bill is passed. While this might send chills up the spines of many consumers - and perhaps even medical professionals and health care administrators - it is meant to dramatically improve the speed to market of new and progressive treatments.
Proponents of the bill asserted that it is a necessary movement to ensure that researchers have the freedoms they need to innovate.
"We have dedicated scientists and bold leaders at agencies like the NIH and the FDA, but when our laws don't keep pace with innovation, we all lose," Representative Diana DeGette of Colorado said, according to Health IT Security. "That is why, for the first time ever, we in Congress are going to take a comprehensive look at what steps we can take to accelerate the pace of cures in America. We are looking at the full arc of this process - from the discovery of clues in basic science, to streamlining the drug and device development process, to unleashing the power of digital medicine and social media at the treatment delivery phase."
The security angle
FierceHealthIT pointed out that privacy advocates appear to be a bit off-put by this new bill, fearful that it will create an environment in which information can be exposed more easily. However, it is worth noting that the health care sector has not been the best performer when it comes to privacy and security to begin with, and this could potentially get more firms involved in improving their practices.
With email encryption, secure cloud and other reliable managed services, this bill can be obliged in stride while maintaining compliance with HIPAA.