Blog

Category

API Management Articles Clinical Terminology Cloud Solutions Articles EMPI Articles FHIR Articles Health IT Security News & Resources HL7 Articles Interoperability Articles Lyniate Press Releases Lyniate Product News Public Health Articles Public Health by Region Radiology Articles Regulatory Compliance Articles Uncategorized
Lyniate Team

HIPAA Versus EHR Certification, HIMSS13 Session Review

March 13, 2013

After enjoying HIMSS13 last week, I am writing one blog per day this week to review the educational sessions I thought were most insightful.

The education session that peaked my interest the most was Session 118, which compared the criteria of HIPAA to those of EHR Certification. The presenters were Rich Cohan from Providence Health and Adam H. Greene from Davis Wright Tremaine, and the title was “Privacy and Security Challenges of Meaningful Use.”

Based on the title, I went into the session looking to gain insight on privacy and security from a major health system. What immediately caught my attention were the comparisons drawn between the HIPAA rules as compared to EHR Certification criteria. As a vendor, I have been intimately involved in meeting the privacy and security requirements for EHR Certification. However, it has been very difficult to figure out how the EHR Certification criteria relate (or don’t relate) to the HIPAA requirements that providers must follow. This presentation summed it up beautifully.

Mr. Greene presented a table which included the following data in each row:

  • Privacy and security criteria for 2011 EHR Certification
  • The equivalent privacy and security criteria for 2014 EHR Certification
  • The HIPAA document number that corresponds to the EHR Certification criteria
  • Whether the criteria was a requirement under HIPAA rules or not 

this is a great take-a-way from the presentation. i can now utilize this table anytime i need to investigate how a specific ehr certification criterion applies to a specific hipaa rule.

the presentation also compared meaningful use objectives for patient access to data. this included the timeframes for making the data available per meaningful use and also the amount of data that must be made available. in general the timeframes are much shorter for the meaningful use criteria, but the amount of data that must be presented to the patient is much more comprehensive for hipaa rules. in addition, hipaa requires that all patient requests are fulfilled, while meaningful use only requires a percentage.

many other facets of hipaa and meaningful use were explored as well, including transport of summary of care documents, public health reporting, and patient reminders. the slides from this presentation are a resource that i will utilize when privacy and security questions arise.

for complete information on all the concepts that were covered, you can download the slides here.

Related Blogs

Dmitri Kitaynik

Corepoint 7.5.3 features Administration REST API, enhances auditing and configuration

Corepoint product manager Dmitri Kitaynik explains new Administration API, other enhancements for Corepoint 7.5.3 release

Read more

Lyniate Team

Medrics scales patient engagement app globally with Lyniate Rhapsody

Medrics uses Lyniate Rhapsody to integrate healthcare data from disparate sources for improved patient experiences and outcomes.

Read more

Melanie Medina

Caresyntax CTO shares how he relies on fully managed integration services to help provider customers improve surgical outcomes

Caresytnax relies on fully managed services from Lyniate to maintain integrations between its platform and its provider customers.

Read more