TATA KELOLA SISTEM INFORMASI DAN KESEHATAN PERTEMUAN Ke – 12
Learning Objectives
• Describe a justification for government intervention in business processes.
• List five major types of government intervention into healthcare business, and explain the need for government to invest in
healthcare information management/information technology (IM/IT). • Describe the eight components of the administrative simplification
portion of the Health Insurance Portability and Accountability Act. • Assess your organization’s readiness for transactions and code set
development.
• Analyze why privacy and security are important and why IM/IT has a key role in protecting privacy and security.
Government’s Role in Healthcare IM / IT
•
Three questions must be asked in
assessing the role of government in
healthcare IM/IT:
–
Why does the government (at any level) get
involved in regulating healthcare or any
business practice? Is there justification for
government intervention?
–
If yes, how much and what types of
interventions are justified?
Government Intervention in the
Healthcare Field
Government and Business Practice
• Good business practice dictates that much of what come sunder the guise of government intervention should be followed irrespective of the regulations.
• Without a direct government role, healthcare organizations will adopt technology slowly and in a haphazard fashion. Blumenthal (2006) provides three business arguments justifying government intervention.
– First, no compelling business case exists for investment in health information technology
– Second, for real system benefits to be seen, all components of the fragmented U.S. healthcare delivery system must participate.
Health Insurance Portability and
Accountability Act HIPAA
Cont.
• The electronic medium also raised concerns with security and privacy that the government felt it should address.In simple terms, administrative simplification had five elements (CMS 2005b):
– Standards
– Provider and health plan mandate – Privacy
Eight Major Components of HIPAA
Administrative Simplification Provisions
• Employer identifier standard • Enforcement
• National provider identifier standard • Security standard
• Transaction and code sets standard
• Place of service codes for HIPAA transactions
The Need for Information Privacy and
Security
Consequently, clinical information systems require comprehensive programs to protect the privacy of patient medical records. The following three categories of clinical systems must be considered:
Cont.
• Public health information systems support disease prevention and surveillance programs. Protecting public health requires the acquisition and storage of health-related information about individuals. Public health benefits sometimes conflict with threats to individual privacy. Breaches of privacy of sensitive information can potentially lead to discrimination in employment or insurance eligibility. Individuals concerned about privacy who avoid clinical tests and treatments may endanger the health of others in the community. For example, sexually transmitted infections can be spread by failure to test and/or report the presence of the infections in certain patients.
Cont.
They also report a number of common elements important for others to consider in the development of privacy policies across organizational entities, including the following:
•Privacy policies are local .
•Organizations participating in the RHIO will influence the privacy policies.
•Privacy policies need to be developed early and revisited often. •Work on privacy policies is ongoing.
•Privacy policies are unique to the environment; thus, there are not yet best practices to follow.
•Building consensus on privacy policies takes time.
Healthcare IM / IT Leadership Roles
• Determine breadth and scope of impending or actual legislation • Assess current organizational readiness for impact
• Perform gap analysis within the organization
• Recommend strategies to meet legal/regulatory changes – Develop staffing and critical expertise needed to address
changes
– Specify hardware and software needs
– Estimate total financial implications of recommendations
• Identify clinical and other resources within the organization that will be necessary in meeting standards
Protecting Information Privacy and
Confidentiality
• Access rights—who has access and for what reasons • Release of information to the patient, other healthcare
providers, and third parties
• Special handling, if any, for specific information (e.g., HIV results, psychiatric notes)
• Special handling, if any, for particular patients (e.g., employees or VIPs)
• Availability of medical information, including retention policies • Integrity of medical information, including authentication,
completeness, and handling of revisions or addenda
Summary
The chapter presents three major ideas. First, it presents and explores government’s role in healthcare IM/IT. There is a
justification for governmental intervention in business processes if markets fail in their role of allocating scarce resources.
Understanding why government gets involved will assist the reader in responding to legislation and anticipating future actions. In healthcare, there are compelling reasons for the government intervention, including a weak business case for information technology investment by providers, system