Call Us Today! 1.800.704.3394|info@clearwatercompliance.com

Call for State Privacy Laws to Align with HIPAA

Home/Compliance and Information Risk Management Blog /Call for State Privacy Laws to Align with HIPAA

In December 2016, the National Governors Association (NGA) released a report calling for improvements in the exchange of clinical information among healthcare providers in different states. Current conflicting and restrictive state laws, in addition to market barriers, have resulted in incomplete or delayed diagnosis and/or treatment for patients. State privacy laws supersede HIPAA and can be complex and confusing, resulting in fear of liability for illegal sharing. Market impediments include the absence of any economic incentives to share information, in addition to the deliberate blocking of information exchange by providers, insurers, and IT vendors who prefer maintaining proprietary control over the data and the patient.

 

By aligning state privacy laws with HIPAA and creating standardized consent forms, states could facilitate information exchange, reducing confusion and legal costs. Some states have passed laws allowing providers to share patient information across state lines in accordance with HIPAA, including Hawaii, Kansas, Wisconsin and Utah. Others have taken the smaller step of exempting electronic exchange of health information from the more stringent state privacy laws.

 

Possible approaches states could use to ensure health information is available where and when it’s needed for patient care include undertaking quality initiatives and creating Medicaid payment policies to create incentives for interstate information exchange.

 

Some state legislatures will find it difficult to adopt many of these recommendations. Some state laws currently limit exchange, having deemed that sharing of certain types of health information requires explicit patient consent, such as diagnosis of a sexually transmitted disease, mental health information, and history of drug abuse. In other cases, there may be existing economic incentives or other controls to protect privacy or patient safety that don’t support information exchange.

 

The NGA report includes a detailed roadmap for advancing information flow between providers, including the following steps.

 

Assemble a Core Team

In order to achieve the maximum benefit of information flow, a cross-functional team committed to the goals and objectives should be formalized. NGA suggests that team members include representatives from the governor’s office, Medicaid, privacy counsel, senior policy officials, state health IT, public health, the state attorney general’s office, and the state employee health benefits agency, including senior state officials with decision-making authority. An advisory board consisting of health care practitioners, health system leaders, privacy and consumer advocates, health information organizations, and academic experts should be established to guide the core team and make recommendations to the state.

 

Conduct Legal and Market Analyses

Before determining a strategy, an analysis of the legal and market landscapes should be conducted to inform what challenges and opportunities exist. The legal needs from the state regulatory perspective, healthcare community perspective, patient perspective, and privacy community perspective should be assessed using data reviews, focus groups, surveys, and informal interviews. The market landscape can be assessed by considering the payment structure and incentives of the state Medicaid program, the state IT vendor perspective on data sharing, and the preponderance of information blocking.

 

Determine Primary Barriers

Analyzing barriers is key to selecting strategies, with those that are essential to progressing the exchange of health information as having the highest priority.

 

Select Strategies

Multiple strategies may need to be undertaken in order to improve health information exchange. Examples include training for providers if regulations are changed and technology resources for providers if economic incentives for Medicaid are changed.

 

Implement and Evaluate

The evaluation plan requires measures to assess progress on implementation plans in achieving goals. Measures for short-term outcomes would include the improvement in information flow in addition to provider experiences with health information sharing. Longer-term measures should include outcomes such as improvement in the quality and efficiency of patient care.

 

The 77-page report includes background information on the current state of information sharing among providers, steps for assessing a state’s current environment, examples of changes already made to some state regulations, and state challenges and opportunities in enhancing information exchange.

 

Following up with recommended compliance guidance and education regarding intent and execution to ensure awareness of the changes, the NGA report suggests that states can accelerate understanding and adoption of the changes and reduce turmoil and costs.

 

By participating in focus groups, surveys, and informal interviews, healthcare finance leaders can inform their core teams and advisory boards of the challenges that their organizations currently face and may face given proposed strategies. For example, the full costs associated with complying with current or proposed legislation may be prohibitive. Finance leaders also should address the repercussions associated with current or proposed changes in the Medicaid payment structure and whether new or updated technology will be necessary.

 

Healthcare finance leaders should contact their state governor’s office to learn how they can become involved in alignment initiatives. The goal of this process is to increase the flow of clinical information between providers to improve patient safety and quality of care. If economic incentives and uniform information exchange standards can be addressed, and legal barriers lessened, the use of data to optimize patient care will accelerate to the benefit of all health care organizations, and to the patients they serve.

 


Mary Chaput is CFO, Clearwater Compliance , Nashville, Tenn.

 

*hfma Publication Date: Tuesday, February 07, 2017

About the Author: Mary Chaput

Mary Chaput

Mary has 35 years of international and domestic business experience spanning the healthcare, information services, manufacturing and venture capital consulting industries. She is Clearwater’s CFO and Compliance Officer. As an experienced corporate CFO and risk manager, Mary works actively with customers and prospects to identify and prioritize their risks and to develop effective remediation plans within their budgets.

Subscribe for News

MostWiredClearwater.png