Press release from AHIMA:
“While AHIMA continues to applaud federal government support for the ideal of protecting patients’ health information rights, the proposed rule-making for HIPAA privacy, security and enforcement by HHS has a number of requirements that we do not believe the industry is ready to undertake; especially as it gears up for Meaningful Use. Today AHIMA is releasing its recommendations to the HHS Office of Civil Rights (OCR) that speak to the issues we believe are most critical to the patients of America, the healthcare industry and the best practice of health information management.
“As staunch supporters of patients’ health information rights, AHIMA agrees the single most contentious issue in the proposed regulation is the ability of individuals to restrict the information held by their healthcare providers from being shared with their health plan. While AHIMA believes an individual’s control over this data flow is valid, data flow restrictions in the HHS proposal creates unintended repercussions for data integrity, data processing and other elements within the current US reimbursement system.
“Many AHIMA members are engaged in providing patients’ individual and aggregate data for a variety of approved uses. There is a continued discussion within the profession on how to best cover the costs of the retrieval, analysis and release of information within the context of the privacy and security regulations, patient restrictions; and the need to verify the requesting individual as a means of keeping released information available to a necessary minimum. Additionally, we remain concerned the charges permitted by states or HIPAA do not cover all costs and ultimately raise the cost of health care.
“AHIMA also questions the sale of patient health information when an organization is being absorbed by a second organization. The OCR’s approach, while practical, raises the issue of whether consumers have the right to determine if their health information should be transferred with the ownership of a health organization.
“Finally, AHIMA feels strongly that the OCR needs to provide greater clarification regarding the definition of ‘agents’ as it relates to covered entities and who should be covered by HIPAA, including its hybrid organizations.”