2009 Health Information Technology Act

THE 2009 Health Information Technology Act
The 2009 Health Information Technology Act
True Financial Incentives or More Government Control?
Sara Small
Mt St Mary's College
A Thesis Presented to the Faculty of the Graduate School of Business
December 13, 2009

The 2009 Health Information Technology Act ii
ACKNOWLEDGMENT
Thank you to Dr Mark Alhanati, Dr Janet Robinson, Dr. Peter Antoniou and to Katherine
Whitman for the honor of participating in the first MBA Cohort at Mount St Mary’s College. This
creative and dynamic curriculum has provided a wealth of experience and knowledge within a unique
and stimulating learning environment. The MBA program allowed me to return to the classroom after
a 33 year hiatus and also afforded me the opportunity to experience my first international trip!
The successful completion of this thesis would not have been possible without the help and
support from my faculty advisor, Dr. David Burkitt. His advice, guidance and direction allowed me
to remain focused and on track during the short time frame allowed for the completion of this thesis.
His academic and professional career experience was invaluable. Thank you, David for helping me
over the rough spots and guiding me through a complex process.
Finally, my thanks to my husband, Ben who provided constant assistance and domestic
support that enabled me to spend countless hours away from home working with other students,
completing projects and studying. Ben’s encouragement to pursue my studies often pushed his loyal
support to the limits! The completion of this degree would not have been possible without his
unconditional love and commitment. Thank you, husband!

Abstract
SMALL, S.P., The 2009 Health Information Technology Act-True Financial Incentives- or
More Government Control? Master of Business Administration, Mount St. Mary’s College,
December 2009.
The computerization of medical records has been recommended as a means to reduce
medical errors as well as costs, paperwork, time and redundancy. In addition to creating and
maintaining medical records electronically, linking those records through interoperable data
exchange is seen as a primary requirement toward increasing the efficiency and safety of care
delivery. Interoperability is viewed as a solution that will allow providers in any location instant
access to a patient's health and treatment history.
There are significant challenges facing Health Information Technology and electronic health
records, including structural, technical, financial and social/cultural issues. Although none of these
represent insurmountable barriers, they all require viable solutions. To promote adoption of these
technologies, the federal government has passed legislation designed to move toward their goal of
creating an electronic health record for each person in the United States by 2014.
The purpose of this qualitative study of the 2009 Health Information Technology Act is to
determine if Hospital Chief Executive Officers perceive the financial incentives as a welcome
opportunity to modernize their information management systems, or is a basis for the Government to
increase their control of healthcare. A grounded theory model was utilized to analyze the results from
multiple data sources to finalize this theory.

The 2009 Health Information Technology Act iv
List of Tables
Table 1: The State of Health Information Technology in California ….……... 11
Table 2: Summary of Federal Government Health IT ………………….……… 15
Table 3: Cost of Healthcare Facility Regulations………………………………. 16
Table 4: Medicare Hospital Incentives……………………………………….…. 57
Table 5: Medicare Hospital Incentives……………………….…………………. 59
Table 6: Medicare Penalties…………………………………….…………..….… 60
Table 7: Medicaid Incentives for Hospitals………………….………………….. 63
Table 8: Top Issues Confronting Hospitals……………….…………………….… 70
Table 9: Literature review open coding model………………..……………..…… 82
Table 10: Excessive government regulations…………………………………….. 83
Table 11: The ARRA adds increased layers of bureaucratic regulation………..… 84
Table 12: Implementation of a “certified” electronic record ..……………..……. 85
Table 13 Identification of required standards…………………………..……….... 86
Table 14: Uniform standards defining clinical care protocols………..………… 87
Table 15: The ARRA is in reality the outline for total government control…… 89
Table 16: The stimulus money outlined in ARRA is a benefit………………… 89
Table 17: The government requirements and regulations……………………… 90
Table 18: The increased regulatory agencies…………………………………… 91

Table 19: E H R will make it easier for organizations………………….……… 92
Table 20: Linking the patient healthcare records of our organization………… 93
Table 21: Government penalties for failing to implement……………………… 94
Table 22: Respondent Location ………………………………………….…..… 95
Table 23: Number of years in this occupation…………………..……………… 95
Table 24: Respondents Gender…………………………………………..….…... 96
Table 25: Respondent Age Range ……………………………………..….….…. 96
Table 26: Healthcare Organization’s Tax Status of Respondents……………….. 97
Table 27: Has your organization implemented an electronic medical record?........ 97

The 2009 Health Information Technology Act vi
GLOSSARY OF TERMS
AHIMA. American Health Information Management Association

AHRQ. Agency for Healthcare Research and Quality
ANSI. American National Standards Institute
ANSI-ASC. American National Standards Institute, Accredited Standards Committee
ARRA. American Recovery and Reinvestment Act of 2009
AS. Administration Simplification Act
ASC. Accredited Standards Committee
Business Associate. A person or organization that performs a function or activity on behalf of a
covered entity but is not part of the covered entity’s workforce
CCHIT. Certification Commission for Healthcare Information Technology
CDC. Centers for Disease Control and Prevention
CDS. Clinical Decision Support
CEO. Chief Executive Officer
Certificate of Need. Laws which control building of new healthcare facilities and services.
CFR. Combined Federal Register
CHARITY CARE. Healthcare provided for free or at a reduced cost to low income patients.
CHHS. California Health and Human Services Agency
CIM. Clinical Information Management
CIO. Chief Information Officer
CIS. Clinical Information System
Clearinghouse. Electronic entity that translates nonstandard formatted data into standard data
elements or into a standard transaction format.
CMS. Centers for Medicare & Medicaid Services
Covered Entity. A health plan, clearinghouse, or a health care provider that transmits health
information in an electronic form.
CPOE. Computerized Physician Order Entry
DISA. Data Interchange Standards Association
Disclosure. Release of information by an entity to persons or organizations outside of that entity.
EDI. Electronic Data Interchange
E H R. Electronic Health Record- health related information for an individual that can be accessed
by more than one health care organization.
EHNAC. Electronic Healthcare Network Accreditation Commission
EMC. Electronic Medical Claim
EMR. Electronic Medical Record – synonymous with Electronic Patient Record (EPR), and
Computerized Patient Record (CPR). Patient health record of services within one health care
organization
EMTALA. Emergency Medical Treatment and Labor Act. This act requires hospitals to provide
emergency treatment to individuals, regardless of insurance status or their ability to pay.
FACA. Federal Advisory Committee Act
FALSE CLAIMS ACT. Act which allows individuals to file a complaint against an entity that files
false claims for medical care to the Government.
FAST. Federal Adoption of Standards for Health IT.
FDA. Food and Drug Administration
FEA. Federal Enterprise Architecture
FFP. Federal Financial Participation
FHA. Federal Health Architecture
FHIPR. Federal Health Information Planning and Reporting
FHISE. Federal Health Information Sharing Environment
FHITSOP. Federal Health IT Standards Organization Participation
FSS. Federal Security Strategy
FSWG. Federal Security Work Group
FTF. Federal Transition Framework
Functionality. Systems that can support the activities and perform the functions for which they were
intended.
GAO. Government Accounting Office
HCFA. Health Care Finance Agency, responsible for oversight of the U.S. Medicare Program
HI. Health Information
HIE. Health Information Exchange
HEDIS. Health Plan Employer Data and Information Set (Measures managed care program
performance indicators)
HIMSS. Health Information Management Systems Society
HIO. Health Information Organization
HIPAA. Healthcare Insurance Portability and Accountability Act of 1996 (Public Law 104-191)
The 2009 Health Information Technology Act viii
HISB. Health Informatics Standards Board

HISE. Health Information Sharing Environment
HISPC. Health Information Security and Privacy
HIT. Health Information Technology
HITECH Act. Health Information Technology for Economic and Clinical Health Act
HITPC. Health Information Technology Policy Council.
HITSP. Health Information Technology Standards Panel
HL7. Health Level Seven - Founded in 1987, HL7 is a not-for-profit Standards Developing
Organization (SDO) that specializes in developing standards for the exchange of clinical data among
disparate health care computer applications the American National Standards Institute accredits HL7.
HOSPITAL CONVERSION REGULATIONS. Laws regulating the conversion of for profit
hospitals to non profit status.
ICD- International Classification of Diseases
Interoperability. Ensuring that systems implement the recognized standards and can exchange
information and work with other systems.,
IRB. Institutional Review Board
IT. Information Technology
ITA. Information Technology Architecture
ISO. International Organization for Standardization
ISO/TC215. International Organization for Standards, Technical Committee 215 - Health
Informatics
JCAHO. Joint Commission for the Accreditation of Health Care Organizations
Limited English Proficiency. Laws which require hospitals to provide interpreter services to
patients that do not speak English.
Meaningful Use. “Meaningful users” of an electronic health record to be defined by the Federal
Government as a requirement for receiving stimulus dollars.
MUMPS. Massachusetts General Hospital Utility Multi-Programming System. A healthcare
programming language created in the late 60’s.
NAHDO. National Association of Health Data Organizations

NCQA. National Committee for Quality Assurance
NCVHS. National Committee on Vital and Health Statistics
NHIE. Nationwide Health Information Exchange
NHIN. Nationwide Health Information Network
NIH. National Institutes of Health
NLM. National Library of Medicine

OCR. Office of Civil Rights
OIG. Office of Inspector General.
OIS. Office of Interoperability and Standards
OMB. Office of Management and Budget
ONC. Office of the National Coordinator (preferred abbreviation for ONCHIT).
ONCHIT. Office of the National Coordinator for Health Information Technology
PHC. Personalized Health Care
PHI. Personal Health Information
PHR. Personal Health Record
PHSA. Public Health Services Act
PITAC. President’s Information Technology Advisory Committee
RHIO. Regional Health Information Organization.
SAMSA. Substance Abuse and Mental Health Services Administration
SDO. Standards Development Organization
Security. System protection of personal health information
SLHIE. State Level Health Information Exchange Consensus Project
SMHP State Medicaid HIT Plan
SNOMED. Systemized Nomenclature of Medicine
VHA. Veterans Health Administration
The 2009 Health Information Technology Act x
The 2009 Health Information Technology Act 1
TABLE OF CONTENTS
Page
DEED OF DECLARATION …………………………………………… ii
APPROVAL SHEET …………………………………………………… iii
ACKNOWLEDGMENT . . . . . . . . . . . . . . . . . . . . . . . . …….. . . . . . . . iv
ABSTRACT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . … . . . . . . . . . v
LIST OF TABLES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . … .. . . . vi
GLOSSARY OF TERMS……………………………………………….. viii
Chapter 1: INTRODUCTION. . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . 4
Background of the Study .......................... . 4
History of Electronic Health Record…………………………… 7
Statement of the Problem. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 2: LITERATURE REVIEW……………………………………. 10
Current State …………………………………………………… 10
American Recovery and Reinvestment Act……………………… 12
Purpose of Recovery Act HIT Incentives………………………… 14
Federal Regulatory Issues and Requirements……………………… 15
Health Information Privacy………………………………… 20
Civil Rights……………………………………………….. 26
Food and Drugs…………………………………………… 27
Fraud & Prevention Detection……………………………. 28

Information Management…………………………………. 29
Medical and Healthcare…………………………………… 31
Other Federal Laws……………………………………….. 32
Regulatory Agencies and Responsibilities ………………………… 36
California Legislation and Action Plans…………………………. 47
Medicare –Centers for Medicare and Medicaid Services (CMS) 56
State Medicaid………………………………………….. 60
Costs…………………………………………………………. 64
Savings………………………………………………………….. 65
Benefits…………………………………………………………. 66
Barriers………………………………………………………….. 69
Privacy Concerns……………………………………………….. 72
Chapter 3: RESEARCH METHODOLOGY……………………… 74
Grounded Theory Model……………………………………… 74
Data Sources…………………………………..……………… 76
Study population for survey…………………………… 76
Literature Review…………………………….……….. 78
Data Collection………………………………………………. 79
Data Analysis…………………………….……………..……. 80
Chapter 4: ANALYSIS…………………………..……………… 82
Literature Coding Results……………………………………. 82
Survey Results ………………………………………………. 83

Chapter 5 CONCLUSION ……………………………………… 98
References…………………………………………………………….. 103
Appendix
Appendix A Privacy Sections in Order of Appearance in ARRA.. 123
Appendix B Literature Review: Open Coding Model……………. 124
Appendix C Title 42 Federal Public Health Regulations ………… 127
Appendix D Public Health Services Act………………………….. 130
Appendix D “Meaningful Use” Documents………………………. 132
Appendix E Certified Inpatient E H R Products………………….. 133
Appendix F Hospital CEO Survey………………………………... 135
Appendix G MSMC IRB Exemption Letter………………………. 138

Chapter 1
INTRODUCTION
Background to the Study
Health Information Technology-Electronic Health Records (HIT-EHR) is a broad term
that refers to the generation, storage, and transmission of electronic health information.
Information management is central to the healthcare system, and HIT-EHR is widely viewed as
the necessary step to bring healthcare into the 21st century. It is argued that HIT-EHR will reduce
overall healthcare costs, improve quality, and increase efficiency throughout the healthcare
system. However many are still skeptical as to its real impact given the substantial investment
required to implement it.
To put this in context, U.S. healthcare spending was $2.1 trillion in 2006, and at least
$250 billion in California. U.S. spending is projected to grow to $4 trillion by 2015, with direct
administrative costs accounting for more than 7 percent of the total U.S. health spending.
However, when the administrative costs of hospitals and doctors are added to those of insurers
and Government, the administrative costs are estimated to be 31 percent of total health care
spending. These administrative costs are estimated to be 30 to 70 percent higher than in other
countries that also have mixed public-private systems (Department of Health, 2009).
The leading nations in adopting HIT-EHR, such as Britain and New Zealand, have
achieved 98 percent participation by primary care physicians. In the United States about 28
percent of primary care physicians use HIT-EHRs and less than 20% of hospitals (The
Commonwealth Fund, 2009). Other sectors of the U.S. economy (for example, banking) have
successfully digitalized their operations, but healthcare has been slow to make the transition.
While the development and wide-scale use of HIT-EHR has experienced obstacles, it is gaining
ground in both the public and private sectors (Girosi, 2004).
For decades, hospitals and other medical service providers have been enticed by the
prospect of establishing electronic health record systems to improve the efficiency of their
medical care and reduce medical errors. Automating the health record process has the potential to
provide a host of benefits, most notably by reducing medical errors. For example, as many as
98,000 Americans die each year as a result of preventable medical records (Taylor, 2005).
Electronic medical record systems could significantly reduce this number. A much cited 2005
Rand Corp (Rand 2005) study of the use of medical record automation found that a savings of
$77 billion annually could be realized. However, it is widely believed that the cost of
implementing electronic health records systems is responsible for low adoption rates (Rand,
2005).
The United States health care system is at risk due to increasing demand, spiraling costs,
inconsistent and poor quality of care, and inefficient, poorly coordinated care systems. Some
evidence suggests that health information technology can improve the efficiency, cost
effectiveness, quality, and safety of medical care delivery by making best practice guidelines and
evidence based databases immediately available to clinicians, and by making computerized
patient records available throughout a health care network (The Markle Foundation, 2009).
However, much of the evidence is based on a small number of systems developed at academic
medical centers, or studies using mixed models to project organizational changes, costs, and the
time required for implementation (Hillestad, 2005).. Definitive information regarding the true
value of systems is not widely identified within the literature. (Price Waterhouse, 2009).
Most medical records are still stored on paper which means that they cannot be used to
coordinate care, routinely measure quality or reduce medical errors. It is important to understand
the barriers to implementation of these technologies. Most often, capital cost is cited as an
impediment to adoption of medical information technology; however, the story grows more
complicated in the framework of the complex American health care system where government
sources pay for the majority of health care services (Acker, 2004). One Commentator has noted:
“most HIT-enabled savings go to insurers and patients, while most adoption and care
improvement costs are borne by providers” (Ferman, 2006). Thus, it would seem that the
incentives to adopt health information technology are misaligned.
Successful implementation of an electronic medical record requires overcoming more
than the financial burden. Additional barries include a lack of standards, ill defined certification
requirements, privacy concerns, and lack of clarity regarding the anticipated government
regulations (Garrido, 2004). To address the financial burden, the federal government has recently
offered a solution in the form of public funding, grants and payment incentives. The law creates
two key concepts to determine whether providers qualify for the HIT incentives: they must
demonstrate “meaningful use” of HIT and use a “qualified or certified” E H R (AHHR, 2009).
The formal definition of “meaningful use” has yet to be defined. The overarching Nationwide
goals of HIT investments are to improve healthcare quality, reduce growth in costs, stimulate
innovation, and protect privacy (Health Information, 2009). However, there remains concern
regarding the lack of standards, incomplete defining of “meaningful use and the qualifications of
“certified” records. This ambiguity puts resources at risk and has the potential to leave healthcare
organizations in a vulnerable position as they attempt to navigate through the regulatory
minefield.
Regulations impose a considerable burden on the U.S. healthcare system. Some of these
include EMTALA (Emergency Medical Treatment and Labor Act), HIPAA (Health Insurance
Portability and Accountability Act), Charity Care, hospital conversion regulations, limited
English proficiency requirements, fraud and abuse reporting requirements, False Claims Act,
Medicare and Medicaid antifraud statutes, Stark I and II laws, medical record regulations,
Certificate of Need regulations, Medicare Conditions of Participation, pharmaceutical price
regulations and quality related regulations to name a few. Hospitals bear considerable expense to
insure compliance with these types of regulations, which adds a significant financial burden to an
already ailing system (Conover, 2004).
History of Electronic Health Records (EHRs)
The first known medical record was developed by Hippocrates, in the fifth century B.C.
He prescribed two goals:
• A medical record should accurately reflect the course of disease.
• A medical record should indicate the probable cause of disease (NIH, 2005).
These goals are still appropriate. Electronic health record systems can also provide
additional functionality, such as interactive alerts to clinicians, interactive flow sheets, and
tailored order sets, all of which cannot be done with paper-based systems (Amatayakul, 2005).
The first EHRs began to appear in the 1960s. “By 1965, Summerfield and Empey reported that at
least 73 hospitals and clinical information projects and 28 projects for storage and retrieval of
medical documents and other clinically-relevant information were underway”(Asp, 2003).
Many of today’s EHRs are based on the pioneering work done in academic medical
centers and for major government clinical care organizations. These early projects had
significant technical and programmatic issues, including non-standard vocabularies and system
interfaces, which remain implementation challenges today. But they led the way, and many of the
ideas they pioneered (and some of the technology, such as the MUMPS language) are still used today
(NIH, 2005).
Problem Statement
This study will strive to answer the following questions:
1. Will the advantage of accessing the stimulus money be perceived as a true benefit,
or will the increased regulations for health care providers be another
barrier that prevents adoption?
2. Is the goal of the stimulus plan intended to simply motivate health care
organizations and providers to transition to an electronic record or is it the
beginning of government run healthcare services?
To further develop the understanding of the question, the American Recovery and
Reconciliation Act of 2009, introduces much needed financial incentives for implementing an
electronic medical record, but it also adds significant regulatory requirements, as well as extends
the oversight of the government into new areas of the healthcare delivery system. Over the past
decade, HIT has been a voluntary initiative for healthcare providers. The ARRA is a federal law
that identifies increased funding and regulations with stricter privacy laws and more onerous
fines. The Office of the National Coordinator (ONC) is granted broad new powers and an
additional $2 billion in funding (American Medical Association, 2009). Electronic medical
records are intended to allow healthcare providers to improve the quality of care, decrease costs
and improve patient safety within a framework that allows all providers to jointly share and
manage the health care information of its citizens (Brailer, 2009).
The very low levels of adoption of electronic health records in U.S. hospitals suggest that
policymakers face substantial obstacles to the achievement of healthcare performance goals that
depend on health information technology. The federal stimulus bill promises billions of dollars in
incentive payments to doctors and hospitals that buy and use the systems, with penalties starting
in 2015 for those who don't make the switch (Beatty, 2009). In the hospital setting, the Chief
Executive Officer is traditionally the “decision maker.” What impact has the ARRA had on their
decision to implement (or not) an electronic medical record system? Is the role of the
government within the healthcare setting appropriate? What is the perception of these executives
regarding the impact of the financial stimulus for adoption and use of Health Information
Technology by the federal government? These are the questions this study will review and
answer.
CHAPTER 2
REVIEW OF RELATED LITERATURE
Current State
U.S. health care providers make minimal use of HIT compared to other health systems in
the industrialized world. Per a white paper published by The Commonwealth Fund in 2009: 17%
of U.S. Physicians and 8-10% of U.S. Hospitals have at least a basic electronic health record. In
most European countries, as well as New Zealand and Australia 80-100% of primary care
physicians have electronic healthcare records (EHRs) (The Commonwealth Fund, 2009).
Healthcare is among the least automated industries in the nation. Studies have estimated
that the healthcare industry as a whole is almost 20 years behind the rest of the nation’s
industries with respect to digitalization. Limitations in software, hardware and networking
technologies has made electronic healthcare records difficult to affordably implement
(Blumethal, 2009).
According to the Centers for Disease Control (CDC, 2007 ), 29.2% of physicians said
they use full or partial clinical EHRs, however only 4% said they used a fully functional record
system ( Hing, 2007). The majority of the research indicates that very few hospitals have a
comprehensive electronic system for recording clinical information and only a small minority
have even a basic system. However, many institutions have parts of an electronic-records system
in place, suggesting that policy interventions could increase the prevalence of electronic health
records in U.S. hospitals faster than our low adoption levels might suggest (HIMSS, 2009).
From a national interoperability perspective, much of the infrastructure is not in place.
Key components have not yet been defined. This includes:
• The rules that specify how to send information back and forth,
• Legal business rules in place to guide organizations in order for them to exchange
data,
• Identified standards for health care organizations to use as a model for
implementing an electronic medical record system,
• Clinical standards for electronic systems,
• The ability to allow patient medical records to be shared or moved about in the
system.
• Software flexibility and customization capabilities due to out-dated programming
technology(American Hospital Association, 2007).
Table 1
The State of Health Information Technology in California
Fully Implemented 13%
Partially Implemented 42%
Not Implemented 45%
Source: California HealthCare Foundation. January 2007
Health IT is moving from a voluntary initiative over the past decade to a highly regulated
one with new rule-making government committees, stricter privacy laws and more onerous fines.
With billions in new funding and government regulations, the health IT market should quickly
expand far beyond the provider segment, providing new opportunities for health plans,
pharmaceutical companies and other vendors (Argawal, 2002).
Less than 2% of acute care hospitals have a comprehensive electronic-records system,
and, (depending on the definition used), between 8 and 12% of hospitals have a basic electronic-
records system. The official definition requires the system to include the presence of
functionalities for physicians' notes and nursing assessments. Information systems in more than
90% of U.S. hospitals do not even meet the requirement for this type of basic electronic-records
system (HIMSS, 2007).
The majority of U.S. hospitals are in the early stages of EMR transformation (AHA,
2007). Although levels of adoption of electronic health records are low, various components that
underlie electronic record systems have been widely implemented. A sizable proportion of
hospitals reported that laboratory and transcribed reports, radiological images (PACS),
medication lists, and some decision-support functions are available in electronic format
(American Hospital, 2007). Others reported that they plan to upgrade their information systems
to an electronic-records system by adding functionalities, such as computerized provider-order
entry (CPOE), physicians’ notes and nursing assessments (Jha, 2009).
The American Recovery and Reinvestment Act of 2009
On February 17, 2009, President Barack Obama signed into law the American Recovery
and Reinvestment Act of 2009, H.R. 1 (ARRA, 2009). More commonly referred to as ARRA or
the Recovery Act, this provides substantial financial incentives to assist providers with the
purchase and implementation of HIT systems. In addition to assisting with financing, a key
element to the widespread adoption and use of HIT is the development of uniform electronic
standards that allow various systems to communicate with each other (American Medical
Association, 2009). ARRA requires the Department of Health and Human Services (HHS) to
develop standards by December 31, 2009 (AHRQ ,2009) .
The Recovery Act includes financial incentives and penalties to be paid through the
Medicare program with very specific time frames for implementation. In addition, ARRA,
includes over $20 billion to aid in the development of a robust IT infrastructure for healthcare
and to assist providers and other entities in adopting and using health IT. Total funding for health
IT is as follows:
• $2 billion for the Office of the National Coordinator ,
• $20.819 billion in incentives through the Medicare and Medicaid reimbursement
systems to assist providers to adopting EHRs,
• $4.7 billion for the National Telecommunications and Information
Administration’s Broadband Technology Opportunities Program,
• $2.5 billion for the U.S. Department of Agriculture’s Distance Learning,
Telemedicine, and Broadband Program,
• $1.5 billion for construction, renovation, and equipment for health centers through
the Health Resources and Services Administration,
• $1.1 billion for comparative effectiveness research within the Agency for
Healthcare Research and Quality (AHRQ), National Institutes of Health (NIH),
and the Department of Health and Human Services (HHS),

• $85 million for health IT, including tele-health services, within the Indian Health
Service,
• $500 million for the Social Security Administration,
• $50 million for information technology within the Veterans Benefits
Administration ,
• In addition, it establishes HIT Policy and Standards Committees that are
comprised of public and private stakeholders to provide recommendations on the
HIT policy framework, standards, implementation specifications, and certification
criteria for electronic exchange and use of health information (Department of
Health, 2009).
Purpose of Recovery Act HIT Incentives
The primary purpose of this Act is to stimulate the economy through investments in
infrastructure, unemployment benefits, transportation, education, and healthcare (ARRA, 2009).
With respect to healthcare, one of the goals is to reduce long-term costs by modernizing
healthcare through the use of information technology.
The majority of the funds are incentive payments that will go to Medicaid and Medicare
providers that are able to demonstrate "meaningful use" of health information technology. The
requirements that define “meaningful use” have not yet been published. Providers that serve
patients from both programs will be required to choose one source of reimbursement only
(AHRQ, 2009).
Medicare: Eligible hospitals will receive a base funding of $2M with additional funds
provided according to a statutorily prescribed formula related to discharge data. The program
also creates a penalty system which begins in 2015 (CMS, 2009).
Medicaid: The purpose of the 100 percent provider incentive payments to certain
eligible Medicaid providers is to encourage the adoption and meaningful use of certified EHR
technology (CMS, 2009).
While the incentive payments are expected to be used for certified EHR technology and
support services, including maintenance and training necessary for the adoption and operation of
such technology, the incentive payments are not direct reimbursement for such activities. They
are intended to serve as an incentive for eligible providers to adopt the use of “certified” EHR
technology (Binder, 2009).

T ab le 2
S u m m a ry of F ed era l G overn m en t H ea lth IT S tra teg ic G oa ls a n d O b jectives: 2 0 0 8 -2 0 1 2

Goal 1. Patient-focused Health Objective 1.1: Objective 1.2: Objective 1.3: Objective 1.4:
Care
F a c ilita te e le c tr o n ic e x c h a n g e , E n a b le th e m o v e m e n t o f e le c tr o Pn ic
r o m o te n a tio n w id e d e p lo y m eEnsta
t b lish m e c h a n ism s fo r m u lti-
a c c e ss, a n d u se o f e le c tr o n ic h e ah lth
e a lth in fo r m a tio n to su p p o r t o f e le c tr o n ic h e a lth r e c o r d s sta k e h o ld e r p r io r ity - se ttin g a n d
in fo r m a tio n , w h ile p r o te c tin g th ep a tie n ts’ h e a lth a n d c a r e n e e d s.( E H R s) a n d p e r so n a l h e a lth d e c isio n - m a k in g .
p r iv a c y a n d se c u r ity o f p a tie n ts’ r e c o r d s ( P H R s) a n d o th e r
h e a lth in fo r m a tio n . c o n su m e r h e a lth I T to o ls.
Goal 2. Population Health Objective 2.1: Objective 2.2: Objective 2.3: Objective 2.4:
A d v a n c e p r iv a c y a n d se c u r ity E n a b le e x c h a n g e o f h e a lth P r o m o te n a tio n w id e a d o p tio n Eostaf b lish c o o r d in a te d o r g a n iza tio n a l

p o lic ie s, p r in c ip le s, p r o c e d u r e s, ina nfodr m a tio n to su p p o r t p o p u la tio nte- c h n o lo g ie s to im p r o v e p r o c e sse s su p p o r tin g in fo r m a tio n u se
p r o te c tio n s fo r in fo r m a tio n a c c e ss o r iein n te d u se s. p o p u la tio n a n d in d iv id u a l h e a lth
fo r. p o p u la tio n h e a lth .
p o p u la tio n h e a lth .
Source: Federal Health IT Strategic Plan 2008-2012
Federal Regulatory Issues and Requirements
There is much debate as to the role that the federal government should play in the
promotion of HIT-EHR. Some argue that HIT-EHR development should be left completely to the
private sector. Middleton believes that the market has failed given the current state of HIT-EHR
adoption, and that government guidance and standardization is necessary to jumpstart

widespread implementation ( Walker et al., 2005). Both Bower and Taylor, et al., suggest that
major government intervention is the only hope of success, in the form of subsidies, mandates,
and substantial policy directives. (Taylor, 2005)
According to a study by the Cato Institute (Conover, 2004), the burden of regulation in
the health care industry is staggering. The study provides a detailed analysis of the cost of
regulation in the health care sector, prior to the current slew of new agencies and regulations
recommended for implementation of the electronic medical record. This study (Conover, 2004)
identifies the cost of regulation of health facilities, health professionals, health insurance, drugs
and medical devices, and the medical tort system, including the costs of defensive medicine. The
calculations include a deduction of identifiable tangible benefits of regulation. With that said,
the estimate is considerable, amounting to $169.1 billion annually. The study suggests that the
cost of health service regulation outweighs benefits by a two to one cost. (Conover, 2004).
Table 3
Cost of Health Facilities Regulation (millions of 2002 dollars)

Costs Benefits
Type of Regulation Expected Minimum Maximum Expected Minimum Maximum Net Cost Percent
Access $11,755 $2,184 $29,544 $3,805 $700 $8,928 $7,950 31.7%

EMTALA $4,436 $1,261 $10,965 $2,146 $421 $4,930 $2,290 9.1%
Hospital uncopensated care pools $6,678 $698 $16,591 $1,524 $233 $3,601 $5,154 20.6%
Hospital community service requirements $317 $123 $961 $135 $46 $397 $182 70.0%
Limited English proficiency requirements $324 $102 $1,027 $0 $0 $0 $324 0.0%
1.3%
Costs $14,130 $11,948 $273,339 $14,837 $20,748 $27,094 -$707 -2.8%
Health care fraud and abuse $3,209 $2,224 $9,945 $2,154 $1,808 $2,912 $1,055 4.2%
Facility medical records (incl privacy) $1,068 $696 $92,178 $1,222 $996 $1,450 -$154 -0.6%
Organ transplant regulation $1,815 $1,653 $1,785 $1,804 $280 $4,644 $11 0.0%
Certificate of need $110 $26 $157,859 $0 $5,067 $0 $110 4.0%
Hospital rate setting $69 $57 $3,023 $51 $4,421 $0 $18 0.4%
Pharmaceutical price regulation $7,626 $7,163 $8,149 $9,606 $8,176 $18,088 -$1,980 0.1%
Other cost-related facilities regulations $233 $129 $400 $0 $0 $0 $233 -7.9%
0.9%
Quality $21,798 $9,595 $57,592 $3,973 $3,973 $3,973 $17,825 71.1%
Hospital accreditation/ licensure $8,640 $833 $31,885 $0 $0 $0 $8,640 34.5%
Nursing home accreditation/licensure $3,581 $1,963 $6,821 $3,973 $3,973 $3,973 -$392 -1.6%
Other facilities accreditation/licensure $2,078 $465 $7,447 $0 $0 $0 $2,078 8.3%
Peer Review $2,063 $1,314 $5,481 $0 $0 $0 $2,063 8.2%
Clinical Laboratory Improvement Act (CLIA) $3,236 $3,065 $3,466 $0 $0 $0 $3,236 12.9%
Other quality-related facilities regulations $2,200 $1,955 $2,492 $0 $0 $0 $2,200 8.8%
GRAND TOTAL $47,683 $23,727 $360,475 $22,615 $25,421 $39,995 $25,068 100%
Source: Cato Institute (Conover, 2004)

Subsequently, the ARRA has been signed. The Recovery Act includes significant funding
for the implementation and management of the incentive program as well as the ongoing support
for providers meeting the qualifications of a certified electronic medical record system, and
additional funding for the required regulatory reporting agencies. The new law requires the
Department of Health and Human Services, and the Office of the National Coordinator for
Health Information Technology (ONC), to adopt a rule-making process of initial standards,
implementation specifications and certification criteria by December 31, 2009 (AMA, 2009).
The new regulatory requirements are a complex array of additional governmental layers.
When reading the following, consider the depth and comprehension level required to administer
a successful electronic system while complying with the regulations that are integrated into the
newly defined HITECH landscape. A clear understanding of all applicable laws and regulations
is a basic requirement for holding a position of leadership in a Hospital, particularly at the Chief
Executive Officer level.
Health Information Technology for Economic and Clinical Health Act (HITECH)
On February 17, 2009 the American Recovery and Reinvestment Act of 2009 commonly
referred to as “the Stimulus Bill,” was signed into law by the federal government. Included in
this law is $19.2 Billion which is intended to be used to increase the use of Electronic Health
Records (EHR) by physicians and hospitals; this portion of the bill is called, the Health
Information Technology for Economic and Clinical Health Act, or HITECH Act. The
government firmly believes in the benefits of using electronic health records and is ready to
invest federal resources to proliferate its use. (Ways and Means, 2009).
Meaningful Use
Two important elements have yet to be defined. This includes the official definition of
“meaningful use,” and the specifications required for becoming a “certified” electronic health
record (Health IT, 2009). The meaningful use workgroup of the HIT Policy Committee has
released its initial recommendations for a definition of "meaningful use" of electronic health
records. The definition is important because under the economic stimulus law, providers must
"meaningfully use" EHRs to receive financial incentives from Medicare and Medicaid (Health IT
Committee, 2009).
These initial recommendations do not include a formal definition of meaningful use.
They include the initial recommendation of the functionalities that will be required by 2011
when incentive payments begin. "This is the beginning of a conversation that will continue for
some time," said David Blumenthal, M.D., the National Coordinator for Health Information
Technology, during a meeting of the HIT Policy Committee, a public-private advisory group.
Blumenthal added that "there is a long way to go" before a final definition of meaningful use is
achieved (Goedert,2009).
The workgroup's initial recommendations include 22 objectives--most covering inpatient
and outpatient care for EHRs in 2011. These include, among others:
• Use CPOE for all order types including medications,
• Implement drug-drug, drug-allergy and drug-formulary checks,
• Maintain an up-to-date problem list,
• Generate and transit permissible prescriptions electronically,
• Maintain an active medication allergy list,

• Send reminders to patients per their preference for preventive and follow-up-care,
• Document a progress note for each encounter,
• Provide patients with an electronic copy or electronic access to clinical
information such as lab results, problem list, medication lists and allergies,
• Provide clinical summaries for patients for each encounter,
• Exchange key clinical information among providers of care,
• Perform medication reconciliation at relevant encounters,
• Submit electronic data to immunization registries where required and accepted,
• Provide electronic submissions of reportable lab results to public health agencies,
• Provide electronic surveillance data to public health agencies according to
applicable law and practice, and,
• Comply with federal and state privacy/security laws and the fair data sharing
practices in HHS’ Nationwide Privacy and Security Framework, released in
December 2008 (Health Information Technology, 2009).
“Certified” Electronic Health Record
The rules and regulations for meeting the requirements of a “certified” electronic health
record are still under discussion, with preliminary models identified for 2011 (Health IT, 2009).
The Certification Commission launched its updated and new 2011 Certification Programs on
October 7, 2009. In addition to its established, CCHIT Certified Comprehensive Certification
Programs, the Commission also launched a more limited ARRA certification program(health
Information, 2009).
The CCHIT Certified 2011 program inspects products against comprehensive

functionality, interoperability, and privacy and security criteria using the Commission’s
published methods. Products must be fully compliant. They must also meet or exceed
applicable proposed Federal standards for certified EHR technology to support the 2011-2012
incentives under the American Recovery and Reinvestment Act of 2009 (Health IT, 2009)
The ARRA certification component of both programs is considered preliminary because
the definitions of meaningful use, criteria, and standards have been proposed but not yet finalized
by the US Department of Health and Human services(Certification Commission, 2009).
Health Information Privacy
ARRA layers on new privacy protections and prosecution powers to discourage
unauthorized access to patient information. Under ARRA, even a brief unauthorized look at a
medical record can result in large monetary fines for individuals and facilities. Through a wide
range of provisions, Congress used ARRA as an attempt to increase patient trust that the
healthcare industry will protect their personal information (Healy, 2009).
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The Privacy Rule provides federal protections for personal health information held by
covered entities and gives patients an array of rights with respect to that information. At the same
time, the Privacy Rule is balanced so that it permits the disclosure of personal health information
needed for patient care and other important purposes.
The Act is defined as follows:
“The Standards for Privacy of Individually Identifiable Health Information
(“Privacy Rule”) establishes, for the first time, a set of national standards for the
protection of certain health information. The U.S. Department of Health and Human
Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health
Insurance Portability and Accountability Act of 1996 (“HIPAA”).1 The Privacy Rule
standards address the use and disclosure of individuals’ health information—called
“protected health information” by organizations subject to the Privacy Rule — called
“covered entities,” as well as standards for individuals' privacy rights to understand and
control how their health information is used. Within HHS, the Office for Civil Rights
(“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect
to voluntary compliance activities and civil money penalties” (Department of Health and
Human Services, 2009).
The ARRA has tightened existing Privacy Rules to meet the demands of the electronic
Medical Record. The privacy and security of electronic health information must be ensured as
this information is maintained and transmitted electronically. (OCR, 2009).
The Uniform Healthcare Information Act
The National Conference of Commissioners on Uniform State Laws has promulgated a
standard state privacy statute known as the Uniform Healthcare Information Act. The Act is
supported by the American Medical Association.
The main thrust of the Uniform Act is:
• Medical records may be released only with the patient’s consent,
• A subpoena may be required to release medical information in a legal context,
• Patients have access to their own records.
The Act sets forth stern penalties for noncompliance. Of great interest to third party
payers is the provision of many of the state statutes which deals with fraud and health care
records. The statutes of some states prevent a provider from testifying for or against a patient
without the patient’s consent. These are called privileged communication statutes (National
Conference, 1985).
Data Breach
The data breach notification regulations are the first of the ARRA privacy provisions to
take effect. The Department of Health and Human Services(HHS), will oversee organizations
that qualify as covered entities and business associates under HIPAA. The Federal Trade
Commission (FTC) will oversee everyone else, including vendors of personal health records. The
law requires both HHS and the FTC to create and publish final interim regulations by August 16,
2009. The provisions become effective 30 days after publication (ARRA, 2009).
Administrative Simplification: Title II, Subtitle F. (HIPAA)
This section grants authority to mandate the use of standards for the electronic exchange
of healthcare data, to specify what medical and administrative code sets should be used within
the standards (Health Insurance, 1996).
Accounting for Disclosures
ARRA requires healthcare facilities using EHR systems to provide patients with a fuller
accounting of disclosures, including disclosures for treatment purposes and other routine
healthcare operations. This is a significant change from the current HIPAA laws, which exempt
treatment, payment and business operations disclosure (Appendix A).
Restrictions of Certain Disclosures
ARRA gives patients the right to prevent the disclosure of health data to their health
insurance plans if they paid for treatments out of their own pockets. EHR systems will have to
adapt to accommodate such requests (Appendix A).
Electronic Copies
ARRA requires any provider using an EHR system to produce an electronic copy of a
patient’s health record upon request. Under HIPAA, providers are required to give a copy of a
patient’s record in the format requested, but only if documents are “readily producible” in that
format. Many EHR systems in use are not up to that challenge (Appendix A).
Liability for Business Associates
ARRA has several provisions that extend HIPAA privacy, security, and administrative
requirements to business associates. Business Associates (BA) are individuals or an organization
that performs a function or activity on behalf of a covered entity, but is not a part of the covered
entity’s workforce. Covered entities must update their business associate agreements to
incorporate these new provisions. Among the changes, ARRA requires business associates to
respond to any privacy noncompliance on the part of the covered entities. Security breach,
restrictions and disclosures, sales of health information, consumer access, business associate
obligations and agreements (OCR, 2009).
Improved Enforcement
The Recovery Act carries a number of items Congress lumped together as” improved
enforcement”. Many of these also relate to Section 1177(a) of the Social Security Act (42
U.S.C. 1320) which established the penalties as we currently know them (ARRA, 2009).
Noncompliance Due to Willful Neglect
Increased penalties due to willful neglect is a violation for which the Secretary is required
to impose a penalty. For the penalty to be levied, the Secretary must formally investigate any
complaint of a violation of a provision of HIPAA privacy. When the investigation indicates a
violation due to willful neglect a penalty will be imposed. This change will apply to penalties
that occur more than 2 years after the enactment date. The Secretary is to publish final
regulations related to this requirement not later than 18 months after the ARRA enactment
(ARRA, 2009).
Distribution of Certain Civil Monetary Penalties Collected
This provision calls for any civil monetary penalty (or monetary settlement collected with
respect to an offense punishable under ARRA privacy provisions or the Social Security Act
(HIPAA) to be transferred to the HHS Office of Civil Rights for the purpose of enforcing the
provisions of these ARRA provisions. The Government Accounting Office (GAO) is to submit a
report to the Secretary within 18 months of enactment, with recommendations for a methodology
under which an individual who is harmed by an act that constitutes an offense to the ARRA
provisions or HIPAA may receive a percentage of any civil monetary penalties or monetary
settlement collected. Then, within three years of enactment, the Secretary shall establish
regulations based on the GAO recommendations. The methodology will apply with respect to
civil monetary penalties or monetary settlements imposed on or after the effective date of the
regulation (ARRA, 2009).
Tiered Increase in Amount of Civil Monetary Penalties
The ARRA modifies the Social Security Act Penalties. In this case a tiered set of
penalties is established as follows:
Where there is a violation that it is established when the person did not
know (and by exercising reasonable diligence would not have known) that such
person violated a provision, a penalty for each violation will be at least $100 for
each violation, not to exceed $25,000 (ARRA, 2009, p.158).
Where there is a violation and the violation was due to reasonable cause
and not to willful neglect, a penalty for each such violation will be at least $1,000
for each violation, not to exceed $100,000 for each violation (ARRA, 2009).
Where there is a violation and violation was due to willful neglect: If the
violation is corrected, a penalty of $10,000 will be required for each violation, not
to exceed $250,000. If the violation is not corrected as described, a penalty in the
amount of $50,000 will be required not to exceed $1,500.000 (ARRA, 2009).
The Nationwide Privacy and Security Framework for Electronic Exchange of
Individually Identifiable Health Information:
The principles of the Nationwide Privacy and Security Framework for Electronic
Exchange of Individually Identifiable Health Information establishes a single, consistent
approach to address the privacy and security challenges related to electronic health information
exchange through a network for all persons, regardless of the legal framework that may apply to
a particular organization (ONC, 2009).
CMS Security Standards:
The Administrative Simplification provisions of the Health Insurance Portability and
Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human
Services to establish National Standards for the security of electronic health care information.
The final rule adopting HIPAA standards for security was published in the Federal Register on
February 20, 2003. This final rule specifies a series of administrative, technical, and physical
security procedures for covered entities to use to assure the confidentiality of electronic protected
health information. (CMS, 2009).
Civil Rights
Title VI of the Civil Rights Act of 1964
While ARRA has not modified awardees’ civil rights obligations, which are referenced in
the HHS Grants Policy Statement, these obligations remain a requirement of Federal law.
Recipients and sub-recipients of ARRA funds or other federal financial assistance must comply
with Title VI of the Civil Rights Act of 1964 (prohibiting race, color, and national origin
discrimination) (Title VI, 1964).
Section 504 of the Rehabilitation Act of 1973
Requires hospitals to validate that they protect patients from disability discrimination
(Rehabilitation, 1973).
Title IX of the Education Amendments of 1972
Requires hospitals to insure that they prohibit sex discrimination in education and
training programs, discrimination on the basis of sex in Federally supported education programs
is also prohibited (Title IX, 1972).
The Age Discrimination Act of 1975
Prohibits hospitals from age discrimination in the provision of services (Age, 1975).
Public Health Service Act
Titles VI and XVI of the Public Health Service Act require health facilities that received
certain Federal funds (“Hill-Burton” funds) to provide certain services to members of its
designated community (Appendix D)

Section 542 of the Public Health Service Act, as amended, bars discrimination in
admission or treatment against substance abusers suffering from medical conditions by
Federally-assisted hospitals and outpatient facilities (Appendix D).
Food and Drugs
The Food and Drugs Act of 1906
The first of more than 200 laws that constitute one of the world's most comprehensive
and effective networks of public health and consumer protections (Pure, 1906).
The Federal Food, Drug, and Cosmetic Act of 1938
Among other provisions, the law authorized the FDA to demand evidence of safety for
new drugs, issue standards for food, and conduct factory inspections (FDA, 2009).
The Kefauver-Harris Amendments of 1962
Inspired by the Thalidomide tragedy in Europe, this amendment strengthened the rules
for drug safety and required manufacturers to prove their drugs' effectiveness (FDA, 2009).
The Medical Device Amendments of 1976
The law applied safety and effectiveness safeguards to new devices (FDA, 2009).
Food and Drug Administration Amendments Act of 2007.
This law represents a very significant addition to FDA authority. Among the many
components of the law, the Prescription Drug User Fee Act (PDUFA) and the Medical Device
User Fee and Modernization Act (MDUFMA) have been reauthorized and expanded. These
programs will ensure that FDA staff has the additional resources needed to conduct the complex
and comprehensive reviews necessary to approve new drugs and devices (FDA, 2007).
Electronic Records: Electronic Signatures

The regulations in this part set forth the criteria under which the agency considers
electronic records, electronic signatures, and handwritten signatures executed in electronic
records to be trustworthy, reliable, and generally equivalent to paper records and handwritten
signatures executed on paper (Electronic, 2003).
Fraud Prevention & Detection
Safe Harbor Regulation
The Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA),
identifies the final rules for Safe Harbor under the anti-kick back statute to protect certain
arrangements involving goods, items, services, donations, and loans provided by individuals and
entities to certain health centers that are funded under section 330 of the Public Health Service
Act. The goods, items, services, donations, or loans must contribute to the health center’s ability
to maintain or increase the availability, or enhance the quality, of services available to a
medically underserved population (OIG, 2006)
Provider Self-Disclosure Protocol
The Self-Disclosure Protocol is intended to be a vehicle under which the provider
community can voluntarily disclose self-discovered evidence of potential fraud in an attempt to
avoid the costs and disruptions that may be associated with a Government-directed investigation
and with civil or administrative litigation. The Office of the Inspector General (OIG) verifies the
information contained in the provider's submission and evaluates the matter for potential fraud
issues.. While the OIG does not speak for the Department of Justice or other agencies, they are
consulted, as appropriate, regarding the resolution of Self-Disclosure Protocol matters (Levinson,
2009).
HHS Recovery Act Oversight
The American Recovery and Reinvestment Act of 2009 (Recovery Act) provides the
Office of Inspector General (OIG), with $17 million in funding for oversight and review. The
Recovery Act provided an additional $31,250,000 to the OIG for the purpose of ensuring the
proper expenditure of funds under Medicaid. OIG will assess whether HHS is using the $165.4
billion in Recovery Act funds in accordance with legal and administrative requirements and that
they are meeting the accountability objectives defined by the Office of Management and Budget
(OIG, 2009).
Whistleblower Protections under the Recovery Act
The ARRA , provides protections for certain individuals who make specified disclosures
relating to Recovery Act funds. Any non-federal employer receiving recovery funds is required
to post a notice of the rights and remedies provided under this section of the Act (OIG, 2009).
Information Management
HHS Recovery Act
The purpose is to increase access to health care, protect those in greatest need, create
jobs, expand educational opportunities, lay the groundwork for successful health reform, and
provide immediate relief to states and local communities. HHS has been entrusted with carefully
investing $167 billion of taxpayer’s funds for these purposes, and is committed to making every
dollar count (Federal Health, 2009).
The HHS Recovery Act lays a solid foundation for health reform, and makes a down
payment on the President’s “Zero to Five” plan of early care and education of children by
promoting access to health insurance and increasing the number of health care professionals
through
• Additional grants to healthcare workforce training institutions,
• Computerizing Americans’ health records, which will improve the quality of
healthcare,
• reduce medical errors, and prevent unnecessary health care spending,
• Advancing scientific and biomedical research and development related to health
and human services,
• Promoting economic and social well-being of individuals, families, and
communities,
• Strengthening necessary healthcare services for medically underserved
individuals ,
• Providing healthcare services to American Indians and Alaska Natives
(Department of Health, 2009).
Freedom of Information Act (FOIA)
This is a federal statue that allows individuals to request access to Federal agency
records, except to the extent records are protected from disclosure by the Freedom of
Information Act (Justice Department,2009).
§ 482.24 Condition of Participation: Medical record services.
Every hospital that accepts payment for Medicare and Medicaid patients must comply
with the Center for Medicare and Medicaid Conditions of Participation. This regulation includes
specific instructions for hospitals as well as defining criteria and standards for medical records.
This includes the organization and staffing requirements for the medical records department, the
standardized format and the retention requirements for the records. It also identifies each of the
specific types of documents that must be present, as well as the required content and
documentation standards (CMS, 2009).
Substance Abuse Rules
Federal laws relating to substance abuse records came into being due to the sensitivity of
such information. These special rules apply where the facility has any special substance
abuse care unit. General medical care is not affected. There are stern monetary penalties for non-
compliance (SAMSA, 2004).
Joint Commission on Accreditation of Healthcare Organization Standards
Specifically defines required standards for hospitals and healthcare organizations with
respect to the content of the medical record, including IM.2.20 –data integrity, IM.2.30 addresses
continuity and disaster recovery for both hard copy and electronic records, and a myriad of other
very specific requirements for organizations seeking accreditation. This accreditation process is
required for all Medicare providers (The Joint Commission, 2009).
Medical and Healthcare
Title 42: Public Health
Specific portion of the United States Code that identifies requirements for public health,
social welfare, and civil rights. Specific requirements for hospitals and record keeping
regulations are outlined (See Appendix C).
Section 3012 of the Public Health Service Act
The Health Information Technology Extension Program (Extension Program), authorized
by Section 3012 of the Public Health Service Act as amended by ARRA - will establish a
collaborative consortium of Health Information Technology Regional Extension Centers
facilitated by the national Health Information Technology Research Center. The Extension
Program will offer providers across the nation, technical assistance in the selection, acquisition,
implementation, and “ meaningful ” an EHR to improve health care quality and outcomes
(Public Health, 2009).
Federal Medical Care Recovery Act (FMCRA)
The Medical Care Recovery Act provides that, when the government treats or
pays for the care of a military member, retiree, or dependent, it may recover its expenses
from any third party legally liable for the injury or disease. The key to understanding the
complexities of the FMCRA is to realize that the Federal Government operates one of the
largest health care systems in the world (MCRA, 2007).
Other Federal Laws
In addition to being subject to HIPAA and Substance Abuse Confidentiality
Requirements, healthcare organizations may be subject to several federal laws that touch in some
way on privacy of health information. The Preamble to the Privacy Rule lists the following
applicable laws: Privacy Act of 1974, Family Educational Rights and Privacy Act, Freedom of
Information Act, Employee Retirement Income Security Act of 1974 (ERISA), Gramm-Leach-
Bliley Act, federally funded health programs regulations, Food, Drug and Cosmetic Act, Clinical
Laboratory Improvement Amendment, federal disability and non-discrimination laws, and U.S.
Safe Harbor Privacy Principles. In addition, many federal regulations require disclosure of
specific PHI for specific purposes in specific circumstances (Miller, 2007).

Federal Rule of Evidence, Article VIII
Defines the requirements that a record must have to meet the federal and state rules of
evidence to stand as a legal business record (Federal Rule, 1997).
ONC’s Federal HIT-EHR Strategic Plan: 2008-2012:
This plan brings together all HIT-EHR Federal efforts in a coordinated fashion, setting a
number of goals, objectives, and strategies. The goals include privacy and security,
interoperability, widespread adoption, and collaborative governance. The plan catalogs activities
from many Federal agencies that focus on HIT (Federal Health,2008).
The Patient Safety and Quality Improvement Act of 2005 (PSQIA)
Establishes a voluntary reporting system to enhance the data available to assess and
resolve patient safety and health care quality issues. To encourage the reporting and analysis of
medical errors, PSQIA provides Federal privilege and confidentiality protections for patient
safety information called patient safety work product. Patient safety work product includes
information collected and created during the reporting and analysis of patient safety events
Stark Laws
Congress included a provision in the Omnibus Budget Reconciliation Act of 1989
(OBRA 1989) which barred self-referrals for clinical laboratory services under the Medicare
program, effective January 1, 1992. This provision is known as "Stark I". The law included a
series of exceptions to the ban in order to accommodate legitimate business arrangements. A
number of observers recommended extending the ban to other services and programs. The
Omnibus Budget Reconciliation Act of 1993 (OBRA 1993) expanded the restriction to a range of
additional health services and applied it to both Medicare and Medicaid; this legislation, known
as "Stark II," also contained clarifications and modifications to the exceptions in the original law.
Minor technical corrections to these provisions were included in the Social Security
Amendments of 1994 (Centers for Medicare, 2009).
On August 1,2006 Health and Human Services (HHS) Secretary Mike Leavitt
announced the issuance of final regulations(published in the Federal Register on August 8, 2006)
creating new information technology exceptions under the Federal Stark law and safe harbors
under the Federal Anti-Kickback statute. The issuance of these regulations substantially increases
the ability of hospitals and other providers of Medicare and Medicaid services to donate
information technology to physicians without violating the Stark law or Anti-Kickback statute.
The changes include:
• Provision of Information Technology Items or Services to Physicians at Fair
Market Value,
• Pre-Existing Exception for Community-Wide Health Information Systems,
• Electronic Prescribing Items and Services,
• Electronic Health Records Items and Services,
• Interoperability Requirement,
• Receipt of Items or Services Not Condition for Doing Business with Donor,
• Prohibition Against Eligibility for Items or Services Based on “Volume or Value
of Referrals” (O’Brien, 2006).
Physician Payment of 15% of Donor’s Cost under EHR Exception
Under the EHR exception, perhaps the most significant change from the proposed
regulations is a requirement that the physician pay 15% of the donor’s cost for the EHR items
and services, before receipt of the items and services (CMS, 2009).
Donated Technology Not Equivalent to Technology Physician Already Possesses
The donated technology must not be technically or functionally equivalent to technology
that the physician already possesses.
Parallel Safe Harbors Under Federal Anti-Kickback Statute
The final information technology safe harbors under the Federal Anti-Kickback statute
are essentially identical to the information technology exceptions under the Federal Stark law. If
the Federal Stark law applies (because there is a financial relationship between a physician and a
provider of designated health services), any referral of a Medicare or Medicaid patients for
designated health services is prohibited, unless the referral falls within one of the Stark
exceptions. Only such referrals as qualify under one of the exceptions is permitted(CMS, 2009).
The Federal Anti-Kickback statute prohibits the offer, payment or receipt of any financial
inducement in exchange for the referral of Medicare or Medicaid patients. The safe harbors
provide immunity for arrangements that satisfy their requirements. The failure to qualify for a
safe harbor, however, does not mean that an arrangement is unlawful.
Risk to Tax-Exempt Status: Prohibitions Against Private Benefit and Inurement
In order to prevent or minimize the risk to a hospital’s tax-exempt status, the hospital
should be able to document and demonstrate the benefit which it or the community derives from
the donation arrangement. For example, it can be argued that providing information technology
items or services to physicians on its medical staff furthers the provision of safer and more
effective patient care and advances the overall health of the community served by the hospital.
The issuance of the subject final regulations substantially increases the ability of hospitals
and other providers of Medicare or Medicaid services to donate information technology to
physicians without violating the Federal Stark law and the Federal Anti-Kickback statute. Such
arrangements will need to be carefully structured with appropriate agreements compliant with the
subject exceptions and safe harbors (O’Brien, 2006).
The Federal Advisory Committee Act (FACA)
This federal law governs the behavior of federal advisory committees. Specifically, the
Act restricts the formation of committees to those that are deemed essential, limits their powers
to provision of advice to officers and agencies in the executive branch of the Federal
Government and also limits the length of their term (Federal Advisory Committee, 1994).
Regulatory Agencies and Their Responsibilities
Multiple federal and state regulatory agencies play key roles in the implementation,
strategy and management of this program. The individual agencies and their role are outlined as
follows:
Agency for Healthcare Research and Quality (AHRQ)
AHRQ is a significant funding source for research and development across the HIT-EHR
spectrum, with $166 million in grants and contracts specific to this effort. Funding is awarded to
collect HIT-EHR data and to stimulate investment in HIT-EHR products. The Agency for
Healthcare Research and Quality's mission is to improve the quality, safety, efficiency, and
effectiveness of healthcare for all Americans. Information from AHRQ's research helps people
make more informed decisions and improve the quality of healthcare services. AHRQ was
formerly known as the Agency for Health Care Policy and Research (AHRQ, 2009).
The American Health Information Community
The American Health Information Community (AHIC) is a federal advisory body,
chartered in 2005, to make recommendations to the Secretary of the U.S. Department of Health
and Human Services on how to accelerate the development and adoption of health information
technology (American Health, 2005).
American National Standards Institute (ANSI)
This organization accredits various standards-setting committees, and monitors their
compliance with the open rule-making process they are required to follow to obtain ANSI
accreditation. HIPAA prescribes that the standards mandated under it be developed by ANSI-
accredited bodies (American National, 2009).
The Centers for Disease Control and Prevention (CDC)
To improve and support state health departments’ capacity for rapid scale of healthcare
associated infections (HAI) prevention, dissemination of HHS evidence-based practices within
hospitals, targeted monitoring and investigation of the changing epidemiology. Also require
access to healthcare data and voluntary reports of hospital-related infections to the Centers for
Disease Control and Prevention (CDC, 2007).
Certification Commission for Healthcare Information Technology (CCHIT)
CCHIT is a collaboration among three industry associations that are developing federal
certification criteria and an inspection process for HIT-EHR under a three-year contract awarded
in 2005 from HHS. Interoperability and security standards are central to certification. The
Commission to date has certified over 100 ambulatory and inpatient systems as meeting federal
guidelines (Certification, 2011).

The eHealth Initiative,
A nonprofit organization that is dedicated to the promotion of HIT-EHR development.
This organization is the best-known funding source for regional HIT efforts (eHealth, 2009).
Electronic Healthcare Network Accreditation Commission (EHNAC)
This organization tests transactions for consistency with the HIPAA requirements and
subsequently accredits healthcare clearinghouses (State Alliance, 2009).
Federal Communications Commission (FCC)
As directed in the American Recovery and Reinvestment Act of 2009, the Federal
Communications Commission will develop a national broadband plan and consult with the
National Telecommunications and Information Administration of the Department of Commerce
in their implementation of the Broadband Technology Opportunities Program. The Secretary of
Commerce, in consultation with the FCC and following Congressional notification, may transfer
funds to the FCC for carrying out these responsibilities.
Federal HealthCare Architecture (FHA)
The Federal Healthcare Architecture is responsible for ensuring that federal agencies can
seamlessly exchange health data between and among themselves, with state, tribal and local
governments; and with private sector healthcare organizations.
In addition, they leverage federal expertise in creating a cross-agency health information
interoperability architecture framework that provides a common vocabulary, simple tools and
lifecycle processes (Federal Healthcare, 2009).
Food and Drug Administration (FDA)
The FDA will receive data from existing reporting systems regarding adverse events, as
well as provide support and regulatory guidance for pharmaceuticals and medical devices. They
are responsible for regulations related to electronic signatures used in electronic medical records
(Food and Drug, 2009).
Health Informatics Standards Board (HISB)
An ANSI-accredited standards group has developed an inventory of candidate standards
for consideration as possible HIPAA standards (Health Informatics, 2009).
The Health Information Security and Privacy Collaboration (HISPC)
Established in June 2006 by RTI International through a contract with the U.S.
Department of Health and Human Services, HISPC originally comprised 34 states and territories.
HISPC phase 3 began in April 2008, and now comprises 42 states and territories. This
organization’s goal is to address the privacy and security challenges presented by electronic
health information exchange through multi-state collaboration. Each HISPC participant
continues to have the support of its state or territorial governor and maintains a steering
committee and contact with a range of local stakeholders to ensure that developed solutions
accurately reflect local preferences (Health Information, 2009).
Health Information Technology Regional Centers
A Federal Register Notice and Request for Comments has been published announcing
the draft description of the program for establishing regional extension centers to assist providers
seeking to adopt and become meaningful users of health information technology, as authorized
by the American Recovery and Reinvestment Act of 2009 (Health Information, 2009).
Health IT Policy Committee
The ARRA provides that the HIT Policy Committee be created under the Federal
Advisory Committee Act (FACA) and charged this committee with making recommendations to
the National Coordinator for Health Information Technology. They are responsible for the
development of a policy framework for the implementation and adoption of a nationwide health
information infrastructure, including standards for the exchange of patient medical information.
Among the areas for infrastructure standards, the Policy Committee is to consider:
• Implementation specifications shall include named standards, architectures, and
software schemes for the authentication and security of individually identifiable
health information and other information as needed to ensure the reproducible
development of common solutions across disparate entities,
• Technologies that protect the privacy of health information and promote security
in a qualified electronic health record including the segmentation and protection
from disclosure of specific and sensitive individually identifiable health
information,
• To minimize the reluctance of patients to seek care (or disclose information about
a condition) because of privacy concerns,
• To develop technologies that allow individually identifiable health information to
be rendered unusable, unreadable, or indecipherable to unauthorized individuals
when such information is transmitted in the nationwide health information
network or physically transported outside of the secured, physical perimeter of a
health care provider, health plan, or healthcare clearing house (HIT Policy, 2009).
Health IT Standards Committee
The ARRA requires the HIT Standards Committee be created under FACA and charged
with making recommendations to the National Coordinator for Health Information Technology
on standards, implementation specifications, and certification criteria for the electronic exchange
and use of health information. Initially, the HIT Standards Committee will focus on the policies
developed by the Health IT Policy Committee (HIT Standards, 2009).
Health Resources and Services Administration (HRSA)
This agency of the U.S. Department of Health and Human Services, is the principal
Federal Agency charged with increasing access to health care for those who are medically
underserved (Health Resources, 2009).
The Healthcare Information Technology Standards Panel (HITSP)
This is a cooperative partnership between the public and private sectors. The Panel was
formed for the purpose of harmonizing and integrating standards that will meet clinical and
business needs (Healthcare Panel, 2009).
HHS Patient Safety Task Force
Federal and state agencies, accrediting bodies and other organizations collect data that
can provide insights into the causes of medical errors and strategies to increase patient safety, but
these separate sources of information are difficult to compare and analyze. In April 2001,
Secretary Thompson created the HHS Patient Safety Task Force to coordinate the efforts of these
various data-collection sources to promote more consistent, effective use of the information
Inspector General (IG)
Each federal agency has an Inspector General (IG) responsible for overseeing how
federal funds are spent and for working with the agency to minimize fraud, waste, and abuse. IGs
for agencies who received Recovery Act funds are reviewing their stimulus spending to ensure
Recovery-related projects meet legal and administrative requirements. The IGs are also
reviewing their agencies administrative practices to ensure that effective controls are in place for
managing Recovery funds (Inspector General, 2009).
National Center for Health Statistics (NCHS)
A federal organization within the CDC that collects, analyzes and distributes health care
statistics. The NCHS maintains the ICD-9 CM codes (National Center, 2009).
National Association of Health Data Organizations (NAHDO)
The National Association of Health Data Organizations (NAHDO) is a national, not-for-profit
membership organization dedicated to improving health care through the collection, analysis,
dissemination, public availability, and use of health data.
NAHDO provides leadership in health care information management and analysis,
promotes the availability of and access to health data, and encourages the use of data to make
informed decisions and guide the development of health policy. NAHDO provides information
on current issues and strategies to develop a nationwide, comprehensive, integrated health
information system, sponsors educational programs, provides assistance, and serves as a forum
to foster collaboration and the exchange of ideas and experiences among collectors and users of
health data (National Association, 2009).
National Committee on Vital and Health Statistics (NCVHS)
The National Committee on Vital and Health Statistics was established by Congress to
serve as an advisory body to the Department of Health and Human Services on health data,
statistics and national health information policy. It fulfills important review and advisory
functions relative to health data and statistical problems of national and international interest,
stimulates or conducts studies of such problems and makes proposals for improvement of the
Nation’s health statistics and information systems. In 1996, the Committee was restructured to
meet expanded responsibilities under the Health Insurance Portability and Accountability Act of
1996 (National Committee, 2009).
The National Health Information Network (NHIN):
To provide a secure, nationwide, interoperable health information infrastructure that will
connect providers, consumers, and others involved in supporting health and healthcare (National
Health Information, 2009).
National Committee for Quality Assurance (NCQA)
This organization accredits managed care plans or HMOs. Their role will expand to
include certification of those organizations to insure they are compliant with HIPAA
requirements. This organization maintains the (HEDIS) Health Employer Data and Information
Sets (National Committee, 2009).
National Uniform Billing Committee (NUBC)
This organization is chaired and hosted by the American Hospital Association. They
maintain the UB04 institutional billing form and the data element specifications for both the
hardcopy form and the electronic format. The NUBC has a formal consultative role under
HIPAA for all transactions affecting institutional healthcare services (National Uniform, 2009).
Office for Civil Rights (OCR)
Responsible for the enforcement of Health Insurance Portability and Accountability Act
(Office of Civil Rights, 2009).

Office of the Inspector General (OIG):
The mission of the Office of Inspector General (OIG), as mandated by Public Law 95-
452 (as amended), is to protect the integrity of Department of Health and Human Services
programs, as well as the health and welfare of the beneficiaries of those programs. Within this
capacity they maintain legal access to all health records throughout the United States (Office of
the Inspector, 2009).
The Office of the National Coordinator for Health Information Technology (ONC)
The ONC serves as the resource for the entire health system to support the adoption of
health information technology for the promotion of nationwide health information exchange to
improve healthcare. ONC is organizationally located within the Office of the Secretary for the
U.S. Department of Health and Human Services. (Office of the Inspector, 2009).
ONC is the principal Federal entity charged with coordination of nationwide efforts to
implement and use the most advanced health information technology and the electronic exchange
of health information. The position of National Coordinator was created in 2004, through an
Executive Order, and legislatively mandated in the Health Information Technology for
Economic and Clinical Health Act [HITECH Act] of 2009. The Coordinator’s responsibilities
include: drafting HIT-EHR policy, establishing strategic action plans, and acting as a guiding
force in nationwide electronic healthcare record development (Office of the Inspector, 2009).
Office of Recovery Act Coordination
This Office will ensure that HHS fully implements the Act’s requirements. This includes
ensuring that programs are designed to meet the Recovery Act’s objectives, that reporting due
dates are met, performance outcomes are established and tracked, risks of fraud and abuse are
mitigated, and that the public is kept informed through the Web and other means of
communication.
Once programs are in place, this office will be responsible for reporting, auditing, and
investigating for fraud and abuse; and protecting the confidentiality and integrity of HHS data
systems (Monegain, 2009).
Recovery Accountability and Transparency Board
The Recovery Board oversees Recovery Act spending and prevents and detects fraud,
waste and mismanagement of the recovery fund expenditures (Recovery Board, 2009).
Regional Health Information Organizations (RHIOs)
These are entities in which local healthcare providers and plans agree to communicate
health information over a standardized electronic network. It is estimated that there are between
100 and 200 RHIOs nationwide. They range in size from statewide structures to local city efforts
and are mainly funded by federal funds, regional providers, and philanthropic grants (Regional
Health, 2009).
State Alliance for eHealth:
The State Alliance was created through an HHS contract with the National Governors
Association (NGA) in 2006. The State Alliance for e-Health is a consensus-based, executive-
level body of state elected and appointed officials, formed to address the unique role state
governments can play in facilitating adoption of interoperable electronic HIE. It is also intended
to be a forum through which stakeholders can work together to identify new inter- and intrastate-
based policies and best practices and explore solutions to programmatic and legal issues related
to the exchange of health information (State eHealth, 2009).

State Level Health Information Exchange Consensus Project
The State-level Health Information Exchange Consensus Project is managed through a
contract with American Health Information Management Association’s Foundation of Research
and Education. The project’s main objective is to provide a forum for ONC to work with states
to ensure all health information exchange activities throughout the Unites States align. This is a
forum that enables ONC to disseminate information about the national agenda and for the states
based efforts to inform the federal government thereby enabling a nationwide alignment of all
health information exchange activities (State Level, 2009).
United States Department of Health and Human Services (HHS)
To coordinate and manage the complexity of HHS’ role in the Recovery Act, HHS
established an Office of Recovery Act Coordination (United States Department of Health, 2009).
United States Department of Agriculture (USDA)
The Rural Development Broadband Program supports the expansion of broadband service in
rural areas through financing and grants to projects that provide access to high speed service to
facilitate economic development in locations without sufficient access to such service (USDA,
2009)
Veterans Administration
To provide software development, staff, and associated supplies and equipment to support
implementation of the Post-9/11 GI Bill and to support upgrades to other VHA systems. The
VHA Office of Information also provides use of an electronic medical record through their demo
system that is down loadable on their website (VA, 2009).

California Legislation and Action Plans
Achieving electronic health information exchange (HIE) through the application
of health information technology (HIT) is one of the cornerstones of the overall healthcare
reform strategy in California. This includes implementation of interoperable HIE, key strategies
to achieve the goals of better health care outcomes, efficiencies in the delivery of healthcare, and
strengthening emergency and disaster response preparedness.
The California Health and Human Services Agency (CHHS) serves as the lead,
coordinating all HIE and HIT issues for the State. CHHS works with the State Chief Information
Officer (OCIO), the Department of Managed Care and the Transportation and Housing Agency
to oversee the State’s HIE and HIT related efforts (Wulsin, 2008).
The structure for achieving these goals is as follows:
Governance
Establish a governance structure that achieves broad-based stakeholder collaboration with
transparency, buy-in and trust. Set goals, objectives and performance measures for the exchange
of health information that reflect consensus among the health care stakeholder groups, and
finalize requirements related to meaningful use criteria to be established by the Secretary through
the rulemaking process (California health, 2009).
The governance structure is also responsible for:
• Ensure the coordination, integration, and alignment of efforts with Medicaid and
public health programs through efforts of the State Health IT Coordinators,
• Establish mechanisms to provide oversight and accountability of HIE to protect
the public interest,

• Account for the flexibility needed to align with emerging nationwide HIE
governance that will be specified in future program guidance.
Finance
Develop the capability to effectively manage funding necessary to implement the State
Strategic Plan. This should include establishing financial policies and implementing procedures
to monitor spending and provide appropriate financial controls.
Develop a path to sustainability including a business plan with feasible public/private
financing mechanisms for ongoing information exchange among health care providers and with
those offering services for patient engagement and information access (California HIE, 2009).
Technical Infrastructure
Develop or facilitate the creation of a statewide technical infrastructure that supports
statewide HIE. While states may prioritize among these HIE services according to its needs, HIE
services to be developed include:
• Electronic eligibility and claims transactions
• Electronic prescribing and refill requests
• Electronic clinical laboratory ordering and results delivery
• Electronic public health reporting (immunizations, notifiable laboratory
results) .
• Develop or facilitate the creation and use of shared directories and
technical services, as applicable for the state’s approach for statewide
HIE(California HIE, 2009).

Business and Technical Operations
• Provide technical assistance as needed to HIOs and others developing HIE
capacity within the state,
• Coordinate and align efforts to meet Medicaid and public health requirements for
HIE and evolving meaningful use criteria,
Monitor and plan for remediation of the actual performance of HIE throughout the
state,
• Document how the HIE efforts within the state are enabling meaningful use
(California HIE, 2009).
Legal/Policy
These issues include the identification and harmonization of the federal and state legal
and policy requirements that enable appropriate health information exchange services that will be
developed in the first two years.
Implement enforcement mechanisms that ensure those implementing and maintaining
health information exchange services have appropriate safeguards in place and adhere to legal
and policy requirements that protect health information, thus engendering trust among HIE
participants (California HIE, 2009).
Ensure policies and legal agreements needed to guide technical services prioritized by the
state are implemented and evaluated as a part of annual program evaluation (California HIE,
2009).
To facilitate the implementation of this plan, a variety of multidisciplinary workgroups
have been organized to coordinate the efforts. These include:

EHR Loan Programs (LOAN)
The EHR Loan Programs Workgroup seeks ways to provide capital to assist physicians
and hospitals purchase and upgrade certified electronic health records, and train staff and
personnel to become meaningful users of EHRs. They also will investigate how to provide
capital to support the secure exchange of health information. Finally the work group will
develop a business plan, sustainability model, ROI, underwriting and solvency requirements for
the loan fund (E H R Loan, 2009).
Regional Health IT Extension Program (REC)
The REC work group aims to facilitate the purchase and meaningful use of electronic
health records by 85% of physicians and 55% of hospitals including 45% of critical access
hospitals by 2014 to meet Federal goals. It will also identify centers to provide services to
improve healthcare quality, safety and efficiency, including sharing and disseminating best
practices in health IT adoption and use. Finally, it will establish governance, operational,
business, and sustainability models for the REC that will meet the needs of the diverse group of
priority audiences (Regional Health, 2009).
Research And New Technologies (RNT) Workgroup
The RNT workgroup’s overarching goal is to innovate and apply technology to maximize
integration, utilization, effectiveness and efficiency of electronic healthcare information. It will
also seek to maximize the potential for stimulus funding for research meaningful to achieve
California HIT objectives by creating a powerful, broad-based multi-disciplinary consortium.
Finally the workgroup will establish a process for disseminating knowledge, technology,
education and training from Healthcare Information Enterprise Integration Research Consortium
(HIEIRC) efforts (Research and New, 2009).
Workforce Training and Development (Workforce)
This work group will develop plans to ensure an ample and adequately trained workforce
exists to support broad dissemination of HIT to improve the quality and safety of healthcare. It
is also charged with the goal of expanding medical health informatics programs for healthcare
and IT students, with a preference for existing programs less than 6 months in length. Finally the
workgroup seeks to maximize federal stimulus funding payments to create and support the HIT
workforce in California (California Workforce, 2009).
Broadband/Telehealth Workgroup
The purpose of this workgroup is to ensure that the State's Health IT and Exchange
Strategic Plan includes the critical issues of Broadband and Telehealth/Telemedicine services in
California (California broadband, 2009).
California Office of HIPAA Implementation
Effective August 1, 2008, the California Office of HIPAA Implementation (CalOHI)
changed its name to the Office of Health Information Integrity (CalOHII). This change was made
to reflect the Office's expanding new role supporting the Health and Human Services Agency’s
health information exchange (HIE) initiatives (California Office, 2209).
California Privacy and Security Advisory Board
The California Privacy and Security Advisory Board (CalPSAB) provides private and
public collaboration to address and coordinate health information exchange (HIE) privacy and
security efforts in California. The CalPSAB's four committees; Privacy, IT Security, Legal, and
Education will analyze issues, develop and evaluate the effectiveness of alternative solutions,
and present recommendations to the CalPSAB. The CalPSAB will prioritize the work of the
committees, review and approve their recommendations, and present approved recommendations
for consideration by the Secretary of the California Health and Human Services Agency
(California Privacy, 2009).
CalPSAB Security Committee
The California Privacy and Security Advisory Board (CalPSAB) Security Committee will
develop and propose security standards for the protection of electronically exchanged health
information. The standards will define the level of protection healthcare entities and their
systems that exchange health information will require. The standards will also serve to provide
entities specific and clear guidance on the level of protection necessary for their information
systems that engage in electronic health information exchange. The Security Committee will
also address security practices and functions that may impede the progress of interoperable
electronic health information exchange (California Security, 2009). The Security Committee’s
primary tasks are:
• Examine national security standards promulgated by Standards Development
Organizations (SDOs) applicability to interoperable electronic health information
exchange in California,
• Identify security standards gaps for California not addressed by national
standards,
• Recommend security standards for California to the Privacy & Security Advisory
Board (PSAB), and
• Develop an implementation strategy for the proposed solutions.

CalPSAB Privacy Committee
The California Privacy and Security Advisory Board (CalPSAB) Privacy Committee will
establish and maintain patient privacy standards for the exchange of health information
consistent with California and federal laws (California Privacy, 2009).
The California Privacy and Security Advisory Board (CalPSAB) Legal Committee
The Legal Committee is responsible for recommending methods to harmonize applicable
state and federal laws concerning privacy and security standards for the exchange of health
information and to recommend a legal structure to support the protection of individual privacy in
an electronic health exchange. The committee consists of attorneys and other individuals from a
broad spectrum of private and public entities and concerned community members (California
Privacy, 2009).
Education Committee Overview
The California Privacy and Security Advisory Board (CalPSAB) Education Committee
will develop educational strategies for entities engaged in health information exchange (HIE).
Implementation of these strategies will increase understanding of how the standards work and
ultimately increase confidence in the HIE systems. The Committee’s work will provide a
framework for entities to develop their own educational strategies. The Committee will identify
educational opportunities and tools, and determine how to target stakeholder audiences with
specific training communication (Drumm, 2009).
The California Regional Health Information Organization
California Regional Health Information Organization (CalRHIO) is a non profit statewide
organization seeking to create a secure HIE network. It is currently in Phase I of implementation

to establish a Statewide Online On Demand Information Service that offers: a master patient
index, record locator service, e-Rx, and a query for medication history. The Service will include
an integration hub that has the ability to translate data across different EHR systems and an EHR
gateway, which will provide physician EHR systems with national lab data. CalRHIO is
collaborating with Hewlett Packard, Medicity, Perot Systems, EHR systems, and most recently
Cisco Systems, in order to build the $300 million structure. CalRHIO anticipates enabling
electronic access for providers and patients to 90 percent of Californians’ health information by
2014.(Wulsin & Doughtery, 2008).
The California HealthCare Foundation (CHCF) has developed ELINCS, an electronic
exchange for patients’ laboratory data, and is encouraging its statewide adoption. CHCF also
offers grants and technical assistance to providers interested in adopting the system.(California
Healthcare Foundation, 2007)
On a local level, several communities around the state are attempting to develop
HIEs for their providers. Specific efforts include the Securing Health Access and Record
Exchange in Mendocino County and the Santa Cruz RHIO. The Santa Barbara County Care Data
Exchange, one of the first and most widely known HIEs in the United States, recently lost
funding from CHCF after eight years of development and was never fully implemented. A
common pitfall of grant-funded systems like the Santa Barbara Exchange is the inability to
become self sustainable within a restricted grant period. Long Beach recently received an HHS
award for an HIE trial called the Long Beach Network for Health (Health Management
Technology, 2009). The initial goal of this program is to link the Emergency Departments of five
Los Angeles metropolitan hospitals and to build a database of patients’ electronic records. Easier
access to these hospital records is expected to substantially reduce emergency room wait times
and limit medical errors (California HIE, 2009).
Patient Privacy
State laws cover several areas related to privacy of health information. These include
regulation of health insurance, regulation of organizations that perform certain administrative
functions such as utilization review or third-party administration, licensure requirements for
various medical specialties and medical organizations (including requirements for record-
keeping and disclosure), access to medical records by patients, guardians and other interested
parties, reporting of information to the state and local authorities, for example, birth and death or
disease incidence, use of information for quality assurance and health care operations, issuance
of notices of privacy practices, and reporting and providing access to law enforcement
authorities. In recent years many states have also passed confidentiality laws related to specific
conditions or types of health information. Examples include laws related to mental health
records, HIV/AIDS, reproductive rights and genetic testing (HIMSS,2009).
The HIPAA legislation explicitly addresses interaction between federal and state law.
Generally, "covered entities" are required to comply with both HIPAA and state law whenever
possible. If it is not possible to comply with both, HIPAA preempts any contrary provision of
state law, including state law provisions that require written records rather than electronic ones
(HIPAA, 1996). State law is not preempted in the following circumstances:
• When state law is necessary for regulation of insurance or health plans,

• prevention of fraud and abuse, or reporting on health care system operations and
costs,
• When state law addresses controlled substances,
• When a state law relates to reporting of disease or injury, child abuse, birth, or
death, public health surveillance, or public health investigation or intervention,
• When a provision of state law is more stringent than the requirements of the
federal Privacy Rule (HIMSS, 2009).
Medicare-Centers for Medicaid and Medicare Services (CMS)
Medicare is the Federal health insurance program that covers most people age 65 and
older. Some younger people who are disabled or who have End-Stage Renal Disease (permanent
kidney failure) are also eligible for coverage. As the largest purchaser of healthcare in the United
States, there have been numerous calls for Medicare to invest in HIT-EHR. CMS recently
invested $150 million in HIT-EHR demonstration projects, and in June 2008 announced the
selection of twelve community partners to assist in this effort. Over a five-year period, the
project will give bonus payments to as many as 1,200 providers who use CCHIT certified HIT-
EHR products. It will provide financial incentives for improved quality of care through their use
of HIT-EHR. CMS encourages other private and public payers to offer similar financial
incentives. (CMS, 2009).

Medicare Incentives for Hospitals
Table 4
Medicare Hospital Incentives

Incentive Payments for a Typical 500 Bed Hospital with
An Average Occupancy Rate of 85%
Payment Incentive per Year 1 Year 2 Year 3 Year 4 Cumulative

Component Unit 100% 75% 50% 25% Total
Base Pay $2,000,000.00 $2,000,000.00 $2,000,000.00
(1st year
only)
Bonus per
d/c 1,150 $200 $4,370,000 $3,227,500 $2,185,000 $1,082,500 $10,865,000
(min)-
23,000(max
TOTAL $6,370,000.00 $3,227,500.00 $2,185,000.00 $1,082,500.00 $12,865,000.00
Incentive payments are provided, beginning with October 2010, for eligible hospitals and
Payment Incentive Year 1 Year 2 Year 3 Year 4 Cumulative

Component Per Unit 100% 75% 50% 25% Total
Base
payment $2,000,000 $2,000,000 $2,000,000
(Year 1 only)
Bonus per
discharge
from $200 $4,370,000 $3,227,500 $2,185,000 $1,082,500 $10,865,000
1,150(min) to
23,000 (max)
discharges
TOTAL 6,370,000 $3,227,500 $2,185,000 $1,082,500 $12,865,000

critical access hospitals (CAHs) that are meaningful EHR users. An eligible hospital that is a
meaningful EHR user could receive up to four years of financial incentives payments, beginning
with fiscal year 2011. There will be no payments to hospitals that become meaningful EHR users
after 2015. The incentive payment for each eligible hospital would be calculated based on the
product of (1) an initial amount, (2) the Medicare share, and (3) a transition factor. The initial
amount is the sum of a $2 million base year amount plus a dollar amount based on the number of
discharges for each eligible hospital The Medicare share is a fraction based on estimated
Medicare fee-for-service and managed care inpatient bed days divided by estimated total
inpatient bed-days and modified by charges for charity care (CMS, 2009). The transition factor
phases down the incentive payments over the four-year period.
The factor equals 1 for the first payment year, ¾ for the second payment year, ½ for the
third payment year, and ¼ for the fourth payment year, and zero thereafter. The Secretary has
discretion to use other data if the required data to calculate the incentive payment formula does
not exist.
The transition factor is modified for those eligible hospitals that first become meaningful
EHR users beginning in 2014. Such hospitals would receive payments as if they became
meaningful EHR users beginning in 2013 (for example, if a hospital were to begin EHR
meaningful use in 2014, the transition factor used for the year would be ¾ instead of 1, ½ for the
second year, ¼ for the third year, and zero thereafter ) (CMS, 2009).
Table 5
Medicare Hospital Incentives
Incentive Payments for a Typical 100 Bed Hospital with an Average
Occupancy Rate of 50%
Payment Incentive Year 1 Year 2 Year 3 Year 4 Cumulative

Component Per Unit 100% 75% 50% 25% Total
Base payment
(Year 1 only) $2,000,00 $2,000,000 $2,000,000
0
Bonus per
discharge from
1,150(min) to $200 $563,400 $422,550 $281,700 $140,850 $1,408,500
23,000 (max)
discharges
TOTAL $2,563,400 $422,550 $281,700 $140,850 $3,408,500
Market Basket Adjustments for Hospitals that are not Meaningful Users
Eligible hospitals that are not meaningful users for a fiscal year would receive a net reduction of ¼, ½, and ¾ of the
market basket update that would apply in 2015, 2016, 2017 and thereafter, respectively (CMS, 2009). CMS defines a
“Market Basket” as:
“ The market basket is described as a fixed-weight index because it
answers the question of how much more or less it would cost, at a later time, to
purchase the same mix of goods and services that was purchased in a base period.
As such, it measures "pure" price changes only. A market basket is constructed in
three steps. First, a base period is selected and total base period expenditures are
estimated for mutually exclusive and exhaustive spending categories based upon
type of expenditure. Then the proportion for total costs that each spending
category represents is determined. These proportions are called cost or
expenditure weights. The second step is to match each expenditure category to an
appropriate price/wage variable, called a price proxy. In the third and final step,
the price level for each spending category price proxy is multiplied by the
expenditure weight for that category. The sum of these products (that is, weights
multiplied by proxied index levels) for all cost categories yields the composite
index level in the market basket in a given year” (CMS, 2009).
Table 6
Loss in Medicare Reimbursement for 500-Bed Hospital that Fails

to Implement a Government-Certified E H R
Year Penalty
2015 $ 966,000.00
2016 $ 2,054,000.00
2017 $ 3,177,000.00
Source: PriceWaterhouseCooper, 2008
The Secretary of HHS may, on a case-by-case basis, exempt a hospital if requiring the
hospital to be a meaningful EHR user would result in a significant hardship Centers for Medicare
(2009).
State Medicaid
Medicaid is a federal/state partnership program that provides health benefits to certain
low-income Americans, including children, their parents, pregnant women, the elderly and
people with disabilities. Over the course of this fiscal year, some 51 million people who would
otherwise not have access to regular health care rely on Medicaid (Centers for Medicare and
Medicaid, 2009).
Because Medicaid is a partnership, states and the Federal Government each have a role in
designing and paying for each state's program. While states have some flexibility in determining
what benefits they provide, who will be eligible and how much they will pay health care
providers, they must work within federal guidelines. In turn, the federal government pays a
portion of each state's Medicaid costs. These matching dollars are referred to as Federal Medical
Assistance Percentage (FMAP) payments (CMS, 2009).
The amount of FMAP a state gets is based upon the state's relative wealth, with lower per
capita income states receiving higher FMAP’s. Medicaid funding percentages can range from a
minimum of 50 percent of costs, to as high as 83 percent. (For FY2009, the highest state
matching rate is nearly 76 percent, for Mississippi). FMAP funding is adjusted incrementally
each year based on economic changes in the states, but Congress can increase funding across the
board at any time (CMS, 2009).
As part of the American Recovery and Reinvestment Act of 2009, Congress acted to
temporarily increase FMAP payments for all states during the current recession. Each state will
get a general 6.2 percent increase in its FMAP and States with relatively high growth in
unemployment rates will receive additional increases based on quarterly unemployment statistics
(Centers for Medicare, 2009). Funding increases will be in effect from FY 2009 until the first
quarter of FY 2011.
The Recovery Act establishes 100 percent Federal Financial Participation (FFP) for
States to provide incentive payments to eligible Medicaid providers to purchase, implement, and
operate (including support services and training for staff) certified EHR technology. It also
establishes 90 percent FFP for State administrative expenses related to carrying out this provision
(CMS, 2009).
Medicaid Incentive Program Qualifications
Certain classes of Medicaid professionals and hospitals are eligible for incentive
payments to encourage the adoption and use of certified EHR technology. Eligible
professionals include physicians, dentists, certified nurse-midwives, nurse practitioners,
and physician assistants who are practicing in Federally Qualified Health Centers (FQHCs) or
Rural Health Clinics led by a physician assistant (CMS, 2009)
Eligible professionals must meet minimum Medicaid patient volume percentages, and
must waive rights to duplicative Medicare EHR incentive payments. Eligible professionals may
receive up to 85 percent of the net average allowable costs for certified EHR technology,
including support and training (determined on the basis of studies that the Secretary will
undertake), up to a maximum level, and incentive payments are available for no more than a 6-
year period (CMS, 2009).
To be eligible for incentive payments not associated with the initial
adoption/implementation/upgrade of EHR technology, the provider must demonstrate
meaningful use of the EHR technology through a means approved by the State and acceptable to
the Secretary. In determining what is “meaningful use,” a State must ensure that populations
with unique needs, such as children, are addressed. A State may also require providers to report
clinical quality measures as part of the meaningful use demonstration. In addition, to the extent
specified by the Secretary, the EHR technology must be compatible with State or Federal
administrative management systems.

Table 7
Medicaid Incentives for Hospitals
Example: If E H R Cost = $5,000,000 and Medicaid Patient Volume = 15%
Transition
Year Factor Factor x Cost Total
Year 1 1 1 x $5,000,000 $ 5,000,000.00
Year 2 3/4 3/4 x $5,000,000 $ 3,750,000.00
Year 3 1/2 1/2 x $5,000,000 $ 2,500,000.00
Year 4 1/4 1/4 x $5,000,000 $ 1,250,000.00
Total 4 year sum $ 12,500,000.00
Aggregated payment maximum = Total 4 year sum x Medicaid Share

Medicaid Share= Medicaid Patient Volume
15% x $12,500,000 = $1,875,000.00
50% of aggregatedpayment maximum could be received in one year
OR
90% could be received in a two-year period
10% administrative fee for State match, including tracking of meaningful use
conducting oversight, and pursuing initiatives to encourage adoption.
Eligible providers may not receive an incentive under both Medicare and Medicaid in a
given year. CMS and the States will develop means to prevent such duplicate payments. CMS
expects that the prevention of duplicative payments will be addressed more fully through notice
and comment rulemaking (CMS, 2009).
In addition to the incentive opportunities for providers, State Medicaid programs are
eligible for funding to administrate the incentive program. The rules and regulations for meeting
the qualifications for that funding are extensive as well as inordinately detailed. This information
is available for further review on the CMS website (CMS, 2009).
Costs
A 2005 study focuses on the benefits and costs that would accrue to and be sustained as a
result of widespread adoption of HIT. The benefits of health information technology are clear in
theory, but adoption rates lag in the United States, and real statistical results have been limited
(Hilstead, 2005).
Rand researchers Federico Girosi et al., calculated a model which demonstrated a cost of
$98 billion for hospitals based upon a 90 percent national implementation of HIT-EHR over a
fifteen-year period. Using similar extrapolation data, the study estimated that a full-scale hospital
HIT-EHR system would cost between 1.8 percent and 3 percent of total yearly expenditures over
a four-year implementation period. This calculation equates to a national cost of $6.5 billion per
year, or $97.4 billion over a fifteen year time frame (Girosi et al, 2005).
Multiple researchers noted that providers are identified as bearing the majority of the cost
(including the direct software and hardware purchases, expenses associated with implementation,
training, maintenance, and productivity recovery), while the insurers and patients reap most of
the financial benefits from HIT-EHR adoption (Argawal, 2002).
An increasing number of studies measure the value and cost effectiveness of CPOE,
EHR, bar coding, e-prescribing and other types of HIT. These reviews tend to focus on patient
safety improvements, financial benefits from quality and efficiency improvements, and the
development of a business case for HIT (Brown, 2005). These types of studies in particular, can
play an important role in supporting the adoption of financial incentive programs. In addition,
they emphasize the misalignment of costs and benefits among individual stakeholders adopting
technology and provide actuarial analyses and evidence for development of a business case and
ROI for HIT. There continues to be minimal information available regarding the real cost of
adoption within with the majority of research. In addition, they tend to use models incorporating
inordinately high (90-100%) implementation by providers within their models (Taylor, 2005).
According to a study by Christopher Conover for the Cato Institute, the cost of health
service regulations dwarf other costs imposed by government intervention in the health care
sector, and cannot be dismissed as a key factor in driving the cost of implementation of a
national electronic infrastructure out of reach for most providers (Conover,2004).
Savings
RAND researchers used empirical evidence to estimate potential cost savings from
implementation of HIT-EHR at a national level. They found an immediate potential savings of
$80 billion (following a hypothetical and optimist overnight 100% adoption rate) with an annual
mean savings of $40 billion over the next fifteen years. In-patient care accounts for roughly three
quarters of the savings These savings are attributable to reductions in length of stay and
increased nurse and doctor productivity. These numbers are based exclusively on models built
with projected assumptions by these researchers, and not on any available real time data.
(Hillestad et al., 2005)
The Rand study estimates the healthcare savings through 2016, as a direct result of
increased productivity and compares it to other industries that converted to an electronic system.
Wide-scale HIT-EHR adoption resulting in a productivity improvement of 1.5 percent (similar to
productivity gains from IT investments in retail/wholesale) would result in cumulative spending
decreases in healthcare spending through 2016, of $346 billion. If implementation instead
increased productivity by four percent (equal to half of the telecommunication industry increase),
cumulative healthcare spending through 2016, would decrease by about $813 billion. The
cumulative potential efficiency savings by 2016 would be almost $468 billion for hospital
systems. In light of the high costs attributable to regulatory overlay, these savings seem overly
optimistic (Hillestad et al, 2005).
Benefits
The AHRQ funded a study to systematically review the benefits and costs of HIT-EHR in
order to better provide payers and providers with an understanding of its value. After an
extensive literature search of over 4,000 articles, the study ultimately utilized 257 articles to
determine an analysis of the affects of HIT-EHR implementation (Southern California Evidence,
2006). Southern California Evidence-Based Practice Center highlight five major themes
addressing improvement opportunities in both quality and efficiency. They included:
Quality
• Increased delivery of patient care by physicians that adheres to evidence-based

guidelines and protocols, most often as a result of automated reminders and
computerized decision supports,
• Improvements in care in conformity to guidelines ,
• Enhanced capacity of providers and plans to perform surveillance and monitoring
for disease conditions and care delivery,
• Able to assist with identification of adverse drug events, examine their cause, and
develop programs to decrease their frequency ,
• marked decreases in identification time of county-based disease outbreaks (2.5
day decrease) as well as hospital acquired infections (65 percent decrease from
130 hrs to 46 hrs) with HIT-EHR systems,
• Reduction in medical errors.
Benchmark hospitals showed various improvements with HIT-EHR implementation,
including a decrease in the number of antibiotic-associated adverse drug reaction events , a
decrease in hospital lengths-of-stay for these patients and a decrease in hospital costs per patient
from improved medication dosing (prescribed dosing within recommended range, centered on
antibiotics and anticoagulation drugs).
Efficiency
• Reduced utilization of unnecessary care
• Decreases in lab and radiology testing
Other researchers argue that increases in quality of care generally reduce utilization of
services thus benefiting insurers – without an effective payment reward system to physicians and
hospitals, due to a reduction in volume. It is unclear who will ultimately reap the cost savings
benefits of HIT-EHR investments: the plan, the providers, or the ultimate payers (government,
employers, and individuals buying coverage (Hackbarth & Milgate, 2005).
HIT is seen by many as a pre requisite to improving quality of healthcare delivery and
containing costs in a $2.4 trillion health care economy. (Acker, 2004). Benefits identified by
other research sources include:
• Reduced medical and medication errors
• elimination of duplicative testing and unnecessary paperwork
• Making the cost and quality of health care services more transparent;
• Access to information;
• View of comparative effectiveness of treatments;
• Elimination of payment for ineffective treatments;
• Improved public health monitoring;
• Improved patient outcomes;
• Decreased emergency department encounters;
• Improve security and privacy;
• Allow providers and patients to make informed decisions;
• Practice evidence based medicine;
• Decreased deaths due to medical errors (Hillestad, 2005)
Research also indicates that implementation will create a more efficient and convenient
delivery of care, without having to wait for the exchange of records or paperwork, and without
requiring unnecessary or repetitive tests or procedures, earlier diagnosis and characterization of
disease, with the potential to thereby improve outcomes and reduce costs and a reduction in
adverse events through an improved understanding of each patient’s particular medical history,
potential for drug-drug interactions, or (eventually) enhanced understanding of a patient's
metabolism or even genetic profile and likelihood of a positive or potentially harmful response to
a course of treatment (Goodman, 2001).
Other identified benefits include increased efficiencies related to administrative tasks,
allowing for more interaction with and transfer of information to patients, caregivers, and clinical
care coordinators and monitoring of patient care, increased public health monitoring and disease
management, and improved emergency care (Lohr, 2009).
Research predicts that the major gains from HIT will come from its potential to
effectively exchange health care information. Studies suggest that the overall business case for
HIT depends on the degree to which health data can be efficiently exchanged between different
computer systems. Without this capability, health data cannot follow patients as they obtain care
from different providers. Although broad scale use of HIT applications such as electronic health
records can provide direct benefits such as eliminating illegible handwriting,. EHR adoption
alone won’t ensure that digital health data can be exchanged (Amatayakul, 2005).
A growing body of literature has emerged that is focused on healthcare quality in the US
including the potential of HIT to reduce medical errors, improve patient safety, and improve the
overall quality of care. Many healthcare stakeholders view HIT as an integral part of the quality
movement in this country (Battani, 2009).
Barriers
A variety of barriers to HIT adoption and quality improvements continue to persist in the
health care system including (AHA, 2007).

• High HIT implementation costs,
• Physician resistance,
• Technical and infrastructure obstacles.
Table 8
Top Issues C onfronting Hospitals: 2008
ISSUE 2006 2007 2008

Financial C hallenges 72% 70% 77%
Patient Safety and Q uality n/a n/a 43%
C are for the Uninsured 37% 38% 41%
Physician/Hospital relations 40% 35% 32%
Source: American College of Healthcare Executives

respondents: Hospital C EO 's
In addition, a significant increase in regulations, a lack of clarity regarding key issues, and
confusion over ownership of the medical record in a multi-system information exchange network
continue to be viewed as significant concerns and barriers (Beatty, 2009).
The existing fragmented provider system also makes it difficult to implement
comprehensive quality improvements through the use of HIT. For example, over an extended
period of time, patients may use multiple providers or healthcare facilities in a variety of
geographic settings. Unless each provider or facility maintains compatible technologies,
providers and patients are unable to benefit from health information exchange and the resultant
improvements in safety, efficiency, and overall quality of care (Goodman, 2009).
Health care stakeholders are becoming increasingly aware that financial incentives may
help overcome some of these barriers to HIT adoption and promote improvements in quality.
However, despite evidence that is beginning to show a positive correlation between the use of
external incentives (for example, bonus payments for improved quality outcomes, direct
compensation for HIT investments) and technology uptake in physicians’ offices (disease
registries, CPOE, e-prescribing), adoption of HIT incentive programs is not yet wide spread
(Hing, 2007).
For some, the investment is not worth the expense. In one survey of healthcare
information technology executives, 20% of respondents cited lack of adequate financial support
as the most significant barrier to successfully implementing information technology at their
organization (California Healthcare 2007).
Physicians are skeptical of the value of EMRs. On the physician and provider side, there
are concerns about how information technology may affect the provider role and the disruption
to their workflow. Other concerns include the increased time needed to enter data and the
potential for a system to have limited usability at the point of care (Tanner, 2005).
Consumers are concerned about security breaches. Ensuring the security and privacy of
EMR systems remains a substantial challenge, one that will be central to continued system
adoption, as there is little doubt that improved system security will help drive automation (Cohen
2008).
Institutions have to make big changes in the way they do business. Transitioning to an
EMR system will require extensive changes in a healthcare organization’s business processes, as
well as in the computer hardware and software needed to support and run the EMR (Taylor,
2005).
Technical issues abound. The proprietary basis of many EMR products raises key issues
regarding the interoperability of systems, including the need for standard underlying reference
vocabularies and presentation formats for clinical data. EMR adoption must be able to grow with
the information technology and healthcare environment, including new technologies such as
handheld devices, wireless communications, biometrics, continuous speech recognition, new
imaging techniques, web access, and personal health record support via the Internet (Stead,
2005).
Privacy Concerns
Privacy and security also are constant liabilities in the development of digitalized
personal health information. Shared data must be de-identified and encrypted in transit, then re-
identified for proper use by the receiver. Although information available on a network or
database can be secured, many still fear its vulnerability. Numerous federal and state
organizations are working to develop standards and best practices (AIS, 2009). The Health
Insurance Portability and Accountability Act (HIPAA) plays an important role. HIPAA
Transaction and Code Sets (TCS) standards are the security cornerstone of HIT-EHR systems
(HIPAA, 1996).
A study conducted by researchers at MIT and the University of Virginia, found that EMR
adoption is often slowest in states with strong regulations for safeguarding the privacy of medical
records (Miller, 2007).
On average, the number of hospitals deploying EMR systems is as much as 30% lower in
states where healthcare providers are forced to comply with strong privacy laws than it was in
states with less stringent privacy requirements. The strict privacy rules often make it more
difficult and more expensive for hospitals to exchange and transfer patient information, thereby
reducing the value of an EMR system (Miller & Tucker, 2007):

"Despite EMR's effectiveness at reducing medical errors and improving baseline
indicators of patient health, hospitals are deterred from adopting it by strong
health care privacy laws."
The results of the research, which looked at EMR adoption in 19 states over a 10-year
period, suggests that there's a trade-off between achieving fast adoption of EMR technology and
strong health care privacy laws. "Policy-makers are going to have to choose how much EMR
adoption they want and at what cost to patient privacy" (Tucker, 2007).
Among the welcomed provisions in the ARRA, are those that require health care
organizations and professionals to implement better controls over who can access and share
different categories of medical information. Also seen as long overdue is a provision that
prohibits health care providers from selling protected health information in electronic medical
records and imposes limitations on the marketing of such data. Such requirements have been
considered long overdue in the health care sector. "However, if the end result of Obama's new
privacy legislation is to add extra layers of complexity and necessitate hospital-specific
customization of privacy filters, then there is the potential for there to be a negative effect,"
(Tucker, 2007)..
If a state law allows only specific groups of people within an organization to access
specific kinds of medical information, a hospital might need to implement filters and access
controls to comply with the requirement. This customization can greatly add to the cost of
implementation, often resulting in slower adoption of an EMR (American College, 2009).

CHAPTER 3
RESEARCH METHODOLOGY
Grounded Theory Model
The design of this research was qualitative using the Grounded Theory Model. Grounded
theory is a strategy of inquiry in which the researcher derives a general, abstract theory of a
process, action, or interaction grounded in the views of participants. (Cresswell, 2009) This
model uses multiple stages of data collection. Data collection for this study, included surveys
submitted to Hospital Executives and a comprehensive review of the applicable literature.
This research method operates in a reverse fashion from traditional research. In lieu of
beginning by researching and developing a hypothesis, the first step is data collection, through a
variety of methods. From the data collected, the key points are marked with a series of codes,
which are extracted from the text. The codes are grouped into similar concepts in order to make
them more workable. From these concepts, categories are formed, which are the basis for the
creation of a theory.(Denzin, 1994). This contradicts the traditional model of research, where the
researcher chooses a theoretical framework, and only then applies this model to the study.
Grounded theory research looks for meaning and understanding to build an innovative
model. Data collection and sources are directed by the findings of the analyzed data, rather then
by specification prior to collecting data. The process involves a three part coding strategy:
1. Open Coding-the data is broken down and clustered into descriptive categories.
2. Axial Coding: The descriptive categories identified in the open coding phase are
re-evaluated for their relationships
3. Selective Coding: Categories gradually evolve into a more specific order. (Glaser,
1995).
The model can best be further clarified by the words:
GROUNDED: Rooted in behavior, words and actions of those under study
THEORY: A relationship model that usefully and pragmatically links diverse facts ( the
connection must represent the best fit with the data )
The theory must ultimately meet three criteria: it must (1) fit, (2) be relevant and (3)
adaptable (Strauss, 1990).
1. Fitness is defined as follows:
The categories (elements) of the theory must (1) fit the data, the data can
not be forced in to pre-existing categories and the categories must emerge
from the data and be modified by the data
2. The theory must be relevant. This is defined as follows:
A theory should be able to explain what happened, predict what will happen
and interpret what is happening
3. Finally the theory must be adaptable-
which means it must be modifiable based on new data..
Theoretical sampling is an active process in which discoveries (made during data
gathering, observation, and literature review) direct the researcher to the next area of inquiry or
potential data source. Glaser explains theoretical sampling:

“Theoretical sampling is the process of data collection for generating theory whereby the analyst
jointly collects, codes, and analyzes his data and decides what data to collect next and where to
find them, in order to develop his theory as it emerges. This process of data collection is
controlled by the emerging theory. The initial decisions are not based on a preconceived
theoretical framework”. (Glasser & Strauss, 1967)
Data Sources
Study Population
Hospital Chief Executive Officers were chosen as the subjects to be queried via a survey.
This level of leadership was selected due to their position within the organizational structure.
Traditionally, the final decision making process (for example, whether the organization should
purchase an electronic medical record) traditionally resides at this leadership level. Chief
Executive Officers are in a unique position that requires an objective review and oversight of key
findings and information to insure they guide their organization in the best direction while
remaining compliant with regulatory issues.
The survey included six questions related to demographic information. The purpose of
these questions was to validate the diversity of responses. The candidates were chosen through
“purposeful sampling.” “Purposeful sampling is a method of selecting participants for the study
who are identified as being expert informants who can help the researcher best understand the
research question” (Creswell, 2009). The sample size was determined as a result of the nature of
the grounded theory method, which does not require a large subject sample in order to generate a
theory. The subjects’ ages ranged from 40 to over 60. There were 29% female and 71% male
subjects.
• All survey candidates were advised that their responses would remain
confidential.
• Subjects who participated were chosen when they responded to the survey.
• The subjects were either known to the researcher, or were recommended by peers
within the health care industry.
• Those subjects who responded self-reported that they matched the inclusion
criteria.
• Subjects work in the hospital setting, holding the position of Chief Executive
Officer.
• Demographic location of participants is varied.
Confidentiality was maintained by the researcher on behalf of the respondents. All
responses to the survey questions were received directly by the researcher without any personal
identifying information. This was accomplished by sending the survey via U.S. mail, with a
return self addressed envelope enclosed. The survey did not request the name of the respondent
or the name of the facility that employs them.
Consideration with respect to word choice was reviewed to insure that questions were
unambiguous and that respondents were able to read the questions smoothly. The length of the
survey was kept to a minimum to insure that respondents were able to complete their responses
as quickly as possible. Questions were developed to insure a clear response as well as to insure
that there was no implication of bias in the data gathering process. The questions were designed
to focus on formulating and categorizing key research questions regarding the perception of the
government’s role in the implementation of an electronic medical record and the value of the
proposed stimulus dollars available to hospitals.
The design of the survey was based on findings identified in the literature review. The
survey was developed within the context of achieving my research goals. In keeping with that
goal, the survey addressed the following:
• Demographic information
• Perceived benefits of the stimulus dollars for implementation of an electronic
medical record
• Perceived role of the government in regulating healthcare delivery.
Literature Review
Literature pertinent to the emerging themes in the qualitative data ( for example,
government regulation of electronic medical records and related fields) was sampled, as well.
The “traditional” literature review that is typical of health services research papers becomes a
part of the data collection in a grounded theory study. This approach is valuable to the generation
of theory because it “…transcends, organizes, and synthesizes large numbers of existing studies”
(Glaser, 1992,p. 34). In addition, grounded theorists recommend distancing oneself from
predefined problems and concerns found in the literature when beginning a grounded theory
study (Glaser, 1998). Although it is important to know the literature well enough to define a
research question, a researcher must maintain openness throughout the data gathering phase of
the research study.
Grounded theory research contrasts with quantitative inquiries in that there is no review
of the literature in the area of the study before data collection. The rationale for this argument is
to avoid biasing the investigators’ attempts to develop concepts and ideas from the data that
actually fit the data. Selective sampling of the literature is recommended and generally follows
or takes place concurrently with data analysis. As theory begins to emerge, researchers carry out
a literature review to learn what has been published about the emerging concepts (Creswell,
2009).
Data Collection
The data collection was separated into three parts. The first was a comprehensive review
of the literature related to all components of the ARRA and its anticipated impact on the
implementation of an electronic medical record in the hospital setting. This was conducted via
open coding. This form identifies concepts and theories, allowing for an identification of key
issues.
The next form of data collection was through the development of a survey to be
submitted to hospital chief executive officers. This survey was developed based upon axial
coding of the issues and theories that were identified in the literature review. The questions were
close ended. Surveys were distributed to Hospital Chief Executive Officers, due to their
leadership and decision making role in the hospital setting. Each subject was asked to respond to
a series of questions concerning the government's role in the implementation and development of
the electronic medical record.
The first section of the survey included demographic information: age, number of years
in the field, the tax status of their facility, and the current status of their healthcare organization
with respect to implementation of an electronic medical record. There were six questions related
to demographic information.
The second part of the survey included specific questions that were developed as an
outcome of the literature review. These questions emerged from the readings in the literature as
well as the open coding model. The survey was submitted to the Mount St. Mary’s College
Internal Review Board, and was identified as ‘exempt’ (Appendix G).
The researcher developed a set of initial questions which were then discussed and refined
by the thesis advisor. The responses to the survey were reviewed and prioritized based upon a
statistical review of the responses
Data Analysis
Building a theory from data using the grounded theory method includes a tactic proposed
by Glaser and Strauss (Glaser, 1967) called the Constant Comparative Method. This is a process
in which data is “broken down, conceptualized, and put back together in new ways” (Strauss &
Corbin, 1990b, p. 57). The literature was initially reviewed using open coding. This method
involves identifying, naming, categorizing and describing phenomena found in the text.
Essentially, each line, sentence and paragraph is read with an intent to answer the repeated
question “what is this about?”
The initial review of the literature resulted in the identification of basic categories. This
was accomplished by identifying topics, key phrases and concept, giving each distinct idea or
incident a name. All similar ideas or incidents were given the same name as every concept was
categorized into an exclusive and distinct group. The analysis of the text from the survey
responses will be compared until a consistent number of categories emerge.
After the initial concepts were discovered and categorized, the second level of analysis,
known as axial coding, was used to determine the relationship between categories and the
conditions that gave rise to it. The topic study is traditionally identified through this form of
coding (Creswell, 2009). It provides for an opportunity to obtain a deeper understanding of the
representative subjects by researching them in detail. This is traditionally a basic framework of
generic relationships. Finally, selective coding is used. This allows the researcher to analyze the
results to identify and draw conclusions based upon the information gleaned (Denzin, 1994).
Some of the tools that were used to aid in this process were 3” by 5” lined index cards, a
number of different colored highlight pens, post-it-notes and a memo process to differentiate the
concepts. Survey results were put into an excel spreadsheet, with the responses calculated
statistically to identify trends. A theoretical notation process was used which utilizes a post- it-
note to identify anything found in the text or codes that relates to the literature. The final theory
and conclusion is essentially the integration of all these data elements.

Chapter 4
Analysis
This purpose of this study of the 2009 Health Information Technology Act is to determine
if the incentives are perceived as intrusive or manipulative to health care provider’s business
decisions or a correction of a reimbursement anomaly that is welcomed as an opportunity to
modernize their information management systems and transform the care they deliver.
Literature Coding Results
The open coding of the literature revealed the following topics and categories:
Table 9
Literature Review Open Coding Model
Identified Topics
Barriers Cost Implementation
Basics Definition Privacy
Benefits Impact of Stimulus Regulations
Standards Status Status in Hospitals
Strategy Timing Stimulating Adoption
Source: Appendix B
Survey Results
The identified theories and topics revealed by the literature were used to develop the
survey questions. Closed- ended questions were used in the survey. Closed-ended questions
have a finite set of answers from which the respondent chooses. The benefit of closed-ended
questions is that they are easy to standardize and data gathered lends itself to statistical analysis.
Closed-ended questions also allow the respondent to complete the survey quickly which insured
that the imposition was kept to a minimum. The closed ended questions used on the survey and
the responses received were as follows:
Table 10
Excessive government regulations have created a formidable barrier

for healthcare organizations and providers to treat patients
Strongly Agree 43%
Agree 53%
Strongly Disagree 4%
96% of the responses to this survey question affirmed that government regulations in
place today create barriers for hospitals to treat their patients. This question validates the degree
to which hospital leadership perceives the regulations as a negative burden in the delivery of
patient care. Health care organizations must provide services to patients while remaining
compliant with a vast array of regulations. In addition, they are focused on improving efficiency
and reducing costs while insuring they meet all of the regulatory standards. Healthcare
organizations must be engaged in strategic thinking about how they will be positioned to meet
the requirements and regulations within a changing and complex landscape.
Table 11
The ARRA adds increased layers of bureaucratic regulation and cost to

an industry that is already over-regulated and suffering a severe economic crisis
Strongly Agree 30%
Agree 66%
Ninety Six percent of respondents agreed that the ARRA adds even more layers of
bureaucratic regulations and costs. This is a significant concern during the current economic
recession which is creating financial challenges for hospitals. Although historically hospitals
have been recession proof, this is not the case in 2009. This is due primarily to the downturn in
the market and the adverse impact on hospital’s bond ratings and borrowing capacity. The
recession has caused decreased operating margins, decreases in cash, declines in patient revenues
and investment loses. The cost for hospital’s to meet regulatory requirements is significant. The
goals outlined in the ARRA will add additional expense to hospitals as they work toward meeting
the new regulations.
Table 12
Implementation of a “certified” electronic record within the time frame identified

in the ARRA will ultimately benefit the financial health of our organization
Strongly Agree 33%
Agree 57%
Although the legal definition of a “certified” electronic medical record is not yet
complete, 91% of the respondents agree that implementation of an electronic medical record
within the required time frame will benefit their financial health. This is a valid answer given the
financial incentives ($2 Million for base year, and up to $12 million based upon individual
facility Medicare patient volumes). In addition, failure to complete the implementation within
that time frame will result in financial penalties of up to $3 million per year by 2015.
Organizations that treat Medicare and / or Medicaid patients that are not compliant will suffer
financial penalties. In general, hospitals face financial gain through incentive payments, but face
a significant negative impact on their financial health through penalties should they fail to meet
the required deadlines. Regardless of the ultimate components identified within certification, it is
in the financial best interest of all health care organizations to meet the deadlines.
Table 13
Identification of required standards for all aspects of the electronic
Health care record should be the responsibility of the federal government.
Strongly Agree 14%

Agree 52%
The information architecture that has been outlined as a goal in ARRA is to facilitate the
sharing of patient information among providers, payers and others. The federal government
foresees a national health information network consisting of regional health information
organizations that freely exchange information. The ability to meet this goal requires
standardized code sets . 68% of the respondents to this survey believe this should be done at the
Federal Government level. This will ultimately need to be recognized by non-government payers
as well, which would in all likelihood require further federal legislation. Organizations that have
a system in place may be in a vulnerable position if their existing system does not meet these
requirements, which have not yet been defined.

Table 14
Uniform standards defining clinical care protocols should become a
national model identified by the federal government as a component of the
“certified” electronic medical record.
Strongly Agree 24%

Agree 52%
Clinical Protocols are a series of action items for a particular patient based explicitly upon
that patient’s medical record. Clinical Protocols are sometimes referred to as treatment guidelines
and are based upon accepted standards of care. The protocols typically are displayed to a
physician during the charting process within the EMR and optimally offer a physician the choice
between applicable options or may identify an alert based upon the patient’s condition. The use
of standardized protocols will reduce medical risks and afford much better care for patients.
When these standards are designed correctly, it affords the physician a tremendous edge when it
comes to patient care. It improves the quality of care and minimizes errors.
In the past, historical knowledge was passed on through experience and hands-on training
in medical education programs. Today evidence-based decision support, high quality literature
studies and clinical practice guidelines are seen as the most comprehensive method to
disseminate information. Physicians in general prefer not to use this type of a template, and there
remains much controversy over which clinical standards should be certified, and who should be
responsible for the selection of the applicable criteria.

Eighty-one percent of the respondents indicated that the uniform clinical model should be
specified by the Federal Government. Opponents believe that the standards should be designed
by clinical care givers based on research outcomes and accepted standards of practice within
each medical sub-specialty. The Federal Government will spend $1.1 Billion to create the
Federal Coordinating Council for Comparative Effectiveness Research. This council will
provide advice to the federal government about the value of various medical treatments.
According to the summary featured in a discussion draft to the bill,” interventions that are found
to be less effective and in some cases more expensive will no longer be prescribed.” (Tanner,
2009). The HHS website further identifies the roll of this council:
“Comparative effectiveness research provides information on the relative

strengths and weakness of various medical interventions. Such research will give
clinicians and patients valid information to make decisions that will improve the
performance of the U.S. health care system”
The responses were evenly balanced between Strongly Agree (24%) and Strongly
Disagree (24 % ). The varied responses may be reflective of either the lack of specific
knowledge regarding the requirements for an electronic medical record, or the preference to
provide a standardized framework for the delivery of care. There is a significant level of concern
among healthcare providers that relying on the government to identify these standards puts the
decisions into a strictly financially driven model, rather than a utilizing the results from strong
methodologies identified through the analysis of medical evidence research and clinical trials.
Table 15:
The ARRA is in reality the outline for total government control of the
Health care delivery system in the United States.
Strongly Agree 14%

Agree 34%
52% of the responses strongly disagreed with this statement that the purpose of
the ARRA is an outline for total government control of healthcare. The response is inconsistent
with the answers outlined in Table 10 and 11 in which hospital leadership see government
regulations as excessive and that the ARRA adds increased layers of bureaucratic regulations.
Based upon the current heavily regulated healthcare environment, coupled with a lack of clarity
on many of the requirements, my expectation would have been a marked increase in strongly
agree responses.
Table 16
The stimulus money outlined in ARRA is a benefit that has caused us
to implement an electronic healthcare system in a shorter time frame than
originally planned,.
Strongly Agree 28%

Agree 52%
81% indicated that they initiated their E H R process in a shorter time frame due
to the financial incentives outlined in the incentive package. In light of the amounts available to
hospitals, I would expect this to be 100% strongly agreed, however the receipt of the incentive
dollars does not necessarily align with the financial outlay required to install a system. Access to
capital may still be a reason for delay, as well as some of the more common barriers to
implementation which are identified in Table 8.
Table 17
The government requirements and regulations outlined for a “certified”
EMR are appropriate
Strongly Agree 24%

Agree 57%
The regulations continue to change and are not yet finalized. It is anticipated that the
published criteria will be further adjusted to meet the final 2011 “meaningful use” objectives
required by the U.S. Dept of Health and Human Services to qualify for ARRA funding. Many of
the E H Rs in place today may not meet those requirements. At present there are approximately
17 in-patient hospital electronic medical record systems that are certified ( see Appendix F). The
current criteria includes:

(A) includes patient demographic and clinical health information, such as medical
history and problem lists; and
B) has the capacity—
(i) to provide clinical decision support;
(ii) to support physician order entry;
(iii) to capture and query information relevant to health care quality; and
(iv) to exchange electronic health information with, and integrate such
information from other sources.
81% of the respondents to this question agreed that the requirements for achieving
“certification” of their electronic medical records by the Federal Government are appropriate.
Table 18
The increased regulatory agencies required to implement and monitor
the HIT initiatives add layers of unnecessary government expense
Strongly Agree 33%

Agree 57%
A significant component of the funds assigned to ARRA for electronic medical records
is to support various regulatory agency activity. Ninety percent of responses indicated that this
funding represents unnecessary spending. The amount of monies allocated to regulatory

agencies is of concern in light of the current economic recession, coupled with the
overwhelming pressure on healthcare organizations to decrease the cost of care to provide
treatment to their patients.
Table 19
E H R will make it easier for organizations to be compliant with the new
security and privacy regulations.
Strongly Agree 33%

Agree 57%
The new privacy and security regulations will add significant administrative requirements
to hospital organizations. In addition to traditional patient privacy requirements, they will now
need to track and record all types of entities that access a patient record. This includes users that
are allowed to access the record under existing laws. This is an extraordinary burden that would
not be possible without an electronic system. In light of the changes to these laws, the response
of 90% to the question is appropriate. Electronic records will allow organizations to more readily
establish tracking systems to monitor all access to records.

Table 20
Linking the patient healthcare records of our organization into a
regional or national database will adversely impact the financial health of our
organization through decreased reimbursement
Strongly Agree 10%

Agree 43%
The ability to link health care records into any type of a national database does not yet
exist. Studies show that improving documentation, which is driven by standards built within an
electronic medical record, increase reimbursement. In addition, decreasing unnecessary tests,
which is filtered through the clinical standards defined within the electronic medical record,
decreases costs. Whether linking of the patient records in a national database will impact
reimbursement, is not known. Studies indicate that utilization of an electronic medical record
increases reimbursement for hospitals. Although 53% of the respondents agreed that they
anticipated decreased reimbursement, in general they may not be familiar with this detail. This is
a potential limitation of the study.

Table 21
Government penalties for failing to implement an electronic health
record that meets all the requirements by 2015 is not realistic.
Strongly Agree 33%

Agree 43%
Transitioning to an electronic medical record system that meets all the requirements is not
an application that can be purchased off the shelf and installed immediately. This is an
inordinately difficult process for any healthcare organization. The benefits and barriers have been
previously identified. Although the objective is appropriate, the vast number of hospital systems
that are not utilizing electronic medical record systems further impacts the ability of the industry
to meet the goals and deadlines identified in this time frame. This coupled with the number of
“certified” systems and the ability of those vendors to provide the requisite goods and services
will also contribute toward the success of meeting the goals.
76% of the respondents to the survey question agreed that the deadline was not realistic.
Demographics
The demographics of the hospital CEO’s that participated were as follows:

Table 22
Respondent Location:
California 61% Illinois 5%
Nevada 9% Arizona 5%
Illinois 5% Tennessee 5%
Arizona 5% Washing 5%
The majority of respondents reside in California. California healthcare is burdened by
additional regulations due to the bipartisan nature of the state legislature. In light of their
typically larger portion of government payer case mix the response rate is somewhat indicative
of that dependence.
Table 23
Number of years in this occupation:
Less than 1 5% 6-10 Years 4%
16-20 years 5% Greater than 20 years 86%

The majority of respondents have extensive experience in the healthcare industry which
is expected given the qualifications required for this position. The lengthy tenure in this industry
has exposed them to multiple economic downturns as well as participating in an industry that
has undergone significant changes due to technology. Their experience is significant with respect
to knowledge of the industry.
Table 24
Respondents Gender
Female 29%
Male 71%
Although 78% of the workforce in health care is women they remain under representing
in executive leadership positions. The gender breakdown for this survey is higher than national
estimates, which report that 12% of hospital chief executive officers are women.
Table 25
Respondent Age Range
41.50 14%
51-60 62%
Greater than 60 24%

The age range is expected given the number of years of experience in the industry
identified by the prior question.
Table 26
Healthcare Organization’s Tax Status of Respondents
Not for Profit 100%
In light of the increased regulatory reporting requirements for non profit organizations, I
would have expected a stronger level of concern from these respondents regarding the question
that the ARRA is an opportunity for the Federal Government to take ownership of the healthcare
system. The response to many of the questions in light of their tax status is all the more
interesting.
Table 27
Has your organization implemented an electronic medical record?
Yes we are preparing now 31%
We’re in the process of implementing 48%
Yes we have a system in place that meets the 21%
Guidelines outlined in the ARRA
All respondents have chosen to implement an electronic medical record.

CHAPTER 5
CONCLUSION
The ARRA introduces much needed financial incentives for implementing an electronic
medical record, but it also adds significant regulatory requirements, as well as extends the
oversight of the government into new areas of the healthcare delivery system. Although the
incentive payments will not match the costs, hospitals will adopt the required technology to
maintain their financial health. This is primarily the result of the anticipated penalties outlined
for organizations that do not implement a certified E H R within the required time frame.
Within a grounded theory study, theory is shaped by the data as the information is
analyzed and categorized. The intent of modeling the data sources is to identify a theory or
result. To return to the initial questions stated previously for this study, “ will the advantage of
accessing the stimulus money be perceived as a true benefit, or will the increased regulations for
health care providers be another barrier that prevents adoption?” All respondents indicated that
they agreed that excessive government regulations have created a formidable barrier for their
organization and their ability to treat patients. In addition, they agreed that the increased
regulatory agencies required to implement and monitor the HIT initiatives add layers of
unnecessary government expense.
Based upon the results of the study, the perception of hospital leaders is that the stimulus
money is a true benefit. For a facility that treats Medicare and Medicaid patients,
implementation of an electronic medical record is essentially a financial requirement due to the

anticipated monetary penalties. The dependence upon Government reimbursement is a key
driver of behavior, as hospital leadership insures that the appropriate infrastructure is in place to
provide services to this patient population The stimulus monies motivated 81% of the
respondents to implement EHRs in a shorter time frame- but was not the reason for the
implementation. The perception of hospital leadership is that the incentive payments are a
welcome benefit.
An additional purpose of the study was to determine if the perception of hospital leaders
was that the goal of the stimulus plan is in reality an attempt by the federal government to
increase their control over health care services. In spite of the agreement by respondents that the
ARRA adds increased regulation to an already over-burdened system (96%), the majority (81%)
agreed that the requirements and regulations outlined for a “certified” E M R are appropriate
In addition, 66% indicated that identification of required standards should be the
responsibility of the federal government, while 81% also agreed that the federal government
should also be responsible for defining the clinical care protocols of an electronic record. In
addition, the perception of the respondents is that the ARRA is not an outline for increased
government control of healthcare.
The establishment of clinical care standards is a contentious issue between providers and
payers. One argument is that standards cannot be defined because each patient is unique, the
variables are often complex and that the deductive reasoning and creative process leads to a
successful diagnosis and treatment. On the other side, formal standards define a set of
expectations that are known in advance. This standardized road map reduces liability and cost.
To date the development of clinical standards has not been widely defined, and is currently based
upon the choices of individual providers or healthcare organizations. Physician groups contend
that the standards should not be defined by any payer, government or otherwise. This is due to a
concern that standards will be financially driven in lieu of appropriate clinical methodologies
based upon evidence based research. The respondents had previously agreed that health care is
over regulated, and yet the majority also agrees that this additional task should be added to the
list of regulatory activities.
Finally, regarding their perception that the ARRA is in reality the outline for total
government control of the healthcare delivery system in the United States, only 14% strongly
agreed, 38% agreed, and 52% disagreed strongly with that statement. The response to this
question is in contrast to the overall general ratings of the other questions. The increased
regulations and additional expense allotted to new regulatory agencies would seem to indicate
that the Federal Government is usurping additional control over the healthcare delivery system.
The American Recovery and Reinvestment Act of 2009 contains 407 pages of rules,
regulations, and restrictions and increased government spending. The stated intent is to:
Make supplemental appropriations for job preservation and creation, infrastructure
investment, energy efficiency and science, assistance to the unemployed, and
State and local fiscal stabilization, for the fiscal year ending September 30,
2009, and for other purposes.(ARRA,2009)
Is the goal of the healthcare portion of the stimulus plan intended to simply motivate
healthcare organizations and providers to transition to an electronic record or is it the beginning
of government run healthcare services? The perception of healthcare leaders is that the plan is as
stated, a motivator for health care organizations to transition to an electronic healthcare system
that is defined by the Federal Government, but not controlled by the Federal Government.
Medicare and Medicaid represent approximately 60% of the patient population receiving
services in U.S. hospitals. These organizations impose a financial burden placed on healthcare
organizations to meet the regulatory requirements coupled with a disparity in payment amounts
that rarely covers the cost of care continues to grow.
Healthcare is one of America’s most controlled and socialized industries. The
benchmarks and goals used to measure the effectiveness of a Hospital Chief Executive Officer
continues to change on a continuous basis. The identification of very specific standards,
electronic and clinical, provide hospital leaders with a very clear black and white roadmap. This
format will allow them to more clearly identify which services they will get paid for, how much
they will get paid, and what the requirements are. Although this view is contrary to that of other
stakeholders, the identified perception of hospital Chief Executive Officers aligns with their role
within the organization and provides them with an opportunity to improve their leadership role
within a complex industry.
Recommendations for Additional Research
Discussions of healthcare costs traditionally place the blame on the shoulders of those
that provide care. In reality the cost of health services regulation outweigh the benefits by two-
to-one and cost the average household over $1,500.00 per year (Conover, 2004). These estimates
are based upon regulations in place prior to those identified in this study.
The current administration has determined that adding additional regulations and
regulatory agencies will provide the assistance necessary to dramatically reduce the financial
cost of healthcare. Today Americans are debating whether we ought to continue with a policy of
greater government control over health care decisions, or should the control be returned back to
the consumer. At present, whoever controls the health care dollars will ultimately make the key
health care decisions. The government spends almost 50 cents out of every health care dollar
(Goodman, 2009). The concentration of economic power in healthcare resides with the
government. Historically, government-funded health care has resulted in increased administrative
cost to providers, and a rationing of care to patients.
The incentives are sending the wrong message as are the potential penalties. The high
cost of health services regulation is responsible for more than seven million Americans lacking
health insurance (Conover, 2004). The focus should be on reduction of government agencies and
spending with respect to the elimination of excess cost of healthcare services at the State and
Federal level. This housecleaning and intensive review of monetary waste should be an urgent
priority for policymakers.

References
Acker,B., Adams, D., Cole, K et al . (2004). The strategic importance of electronic health record
management. American Health Information Management Association. Journal of
AHIMA, (75:9),October 2004 :80C-E.
Age Discrimination Act of 1975. 42. U.S.C. Sections 6101-6107. (1975). Retrieved from:
http://www.dol.gov/oasam/regs/statutes/age_act.htm.
Agency for Healthcare Research and Quality .(2009). Overview of the American Recovery and
Reinvestment Act of 2009. Retrieved from U.S. Department of Health & Human Services:
http://www.ahrq.gove/fund/cefarra.htm.
AIS Compliance. (2009). Compliance risks grow with electronic medical record systems. AIS
Compliance. Retrieved from
http://www.aishealth.com/Compliance/ResearchTools/RMC_Compliance_Risks_EMRs.h
tml.
Agrawal, A.(2002). Return on investment analysis for a computerized-based patient record in the
outpatient clinic setting. Journal of the Association for Academic Minority Physicians.
(13:3);61-65.
Amatayakul, M., & Work, M. (2005). Best practices in electronic health records. [White paper].
AHIMA. Retrieved from
http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_032055.pdf#page
%3D2
American College of Foot and Ankle Surgeons. (2009). Growing concerns as physicians move
forward with electronic medical records. Retrieved from
http://www.acfas.org/practicemang/bus-tech/emr-concerns.html.
American Health Information Community. (2005). Retrieved from
http://www.google.com/search?
source=ig&hl=en&rlz=1R2TSHB_en&q=american+health+information+community&aq
=f&oq=&aqi=g2.
American Health Information Management Association. (2009). Analysis of health care
confidentiality, privacy, and security provisions of the American Recovery and
Reinvestment Act of 2009. , Public Law 111-5. March 2009. Retrieved from AHIMA:
http://ahima.org/dc/documents/AnalysisofARRAPrivacy-fin-3-2009a.pdf.
American Health Information Management Association. (2003). A vision of the e-HIM future.
Chicago, Ill. Retrieved from:
http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_020477.pdf.
American Hospital Association. (2007). Continued progress: hospital use of information
technology. Washington, D.C. Retrieved from:
http://www.aha.org/aha/content/2007/pdf/070227-continuedprogress.pdf.
American Medical Association. (2009). H.R.1. the American Recovery and Reinvestment Act of
2009, explanation of health information technology (HIT) provisions. Retrieved from:
http://www.ama-assn.org/ama1/pub/upload/mm/399/arra-hit-provisions.pdf.
American National Standards Institute. (2009). Retrieved from: www. Ansi.org.
American Recovery and Reinvestment Act of 2009.( 2009). Authenticated by the
U.S.Government GPO, H.R.1. Retrieved from http://frwebgate.access.gpo.gov/cgi-

bin/getdoc.cgi?dbname=111_cong_bills&docid=f:h1enr.pdf.
Anderson, J. K., Handler, M., Matyas, D.E., Valiant, C. (2009). FY 2009 Inpatient prospective
payment final rules. Modifications to the Stark regulations. EBG Health Care & Life
Sciences. Retrieved from: http://www.ebglaw.com/files/25351_CLIENT%20ALERT-Stark
%20FY%202009%20IPPS.pdf.
Asp, Lone & Petersen, Jan, A. (2003). Conceptual model for documentation of clinical
information in the e h r. National Board of Health, Denmark, Retrieved from:
http://www.sst.dk/upload/papermie2003_asp013_dk.pdf.
Bass, C. F., & Johnson, N. (2008, August 1). Time to act on health it. The Washington Times,
Retrieved from: . http://www.washingtontimes.com/news/2008/aug/01/time-to-act-on-
health-it/.
Battani, J., & Zywiak, W. (2009). U.S. health care in the year 2015 [White paper]. Retrieved
from: http://www.csc.com/health_services/insights/31098-
us_health_care_in_the_year_2015.
Beatty, S. (2009). American Recovery and Reinvestment Act of 2009. Accenture. Retrieved from:
http://www.accenture.com/NR/rdonlyres/56154C60-642D-4AA9-9812-
073E054D3664/0/Accenture_Innovation_Center_Health_Public_Health_American_Reco
very_Reinvestment_Act.pdf.
Binder, C., Baumrucker, E. P., Grady, A., & Herz, E. J. (2009, February 12,). American Recovery
and Reinvestment Act of 2009 (ARRA): Title V, Medicaid Provisions. (Congressional
Research Service). Washington, DC: Congressional Research Service.
From CSC: http://www.allbusiness.com/technology/180648-1.html.

Blumethal, D. (2009). Stimulating the adoption of health information technology. The New
England Journal of Medicine, 360:1477-1479(15), 33-39.
Brailer,D. (2004), Translating ideals for HIT into practice, Health Affairs (4:318).
Brailer, D. (2009). Economic stimulus package could impinge on Americans’ health privacy.
Government Technology. Retrieved from www.govbtevh.com/gt/articles/587856.
Brown, C. A., Bailey, J. H., Miller-Davis, M. E., Garrett, P., & Rudman, W. J. (2005, Fall).
Improving patient safety through information technology. Perspective in Health
Information Management, 34=41.
California Broadband Telehealth Workgroup. (2009). Retrieved from:
http://www.hie.ca.gov/Workgroups/BroadbandTelehealth/tabid/71/Default.aspx.
California E H R Loan Programs. (2009). Retrieved from:
http://www.chhs.ca.gov/initiatives/HealthInfoEx/Pages/EHRLoanFunds.aspx.
California Office of HIPAA Implementation. (2009). Retrieved from:
http://www.ohi.ca.gov/calohi/.
California Privacy and Security Advisory Board. (2009). Retrieved from:
http://www.ohi.ca.gov/calohi/HIPAA/HIPAAInformationResources/WorkgroupsandCom
mittees/PrivacyandSecurityAdvisoryBoard.aspx.
California Privacy and Security Advisory Board Security Committee. (2009). Retrieved from:
http://74.125.155.132/search?
q=cache:xbl9KIA_HI8J:www.ohi.ca.gov/calohi/PSABWhatsNew/SecurityCommittee.aspx+calpsab+securi
ty+committee&cd=1&hl=en&ct=clnk&gl=us.
California Privacy and Security Advisory Board Privacy Committee. (2009). Retrieved from:
http://www.ohi.ca.gov/calohi/PSAB/PrivacyCommittee.aspx.
California Healthcare Foundation. (2007). Implementing the ELINCS standard. Retrieved from
California Healthcare Foundation web site:
http://www.chcf.org/documents/chronicdisease/ImplementingTheELINCSStandardLesso
nsIB.pdf.
California HIE Cooperative Agreement Program. (2009, October 21). California Health
Information Exchange Strategic Plan. Retrieved from
http://www.hie.ca.gov/LinkClick.aspx?fileticket=juCx5ppYLgM%3d&tabid=38.
California Regional Health Information Organization. (2009). Retrieved from:
http://www.calrhio.org/.
California Research and New Technologies Workgroup. (2009). Retrieved from
http://www.chhs.ca.gov/initiatives/HealthInfoEx/Documents/SUMMIT
%20DOCUMENTS/RNT%20Summit%20Presentation%20Draft%20071509_final.pdf.
California Workforce Training and Development Workgroup. (2009). Retrieved from:
http://www.chhs.ca.gov/INITIATIVES/HEALTHINFOEX/Pages/WorkforceDemand.aspx
Centers for Disease Control and Prevention. (2009). (CDC). Washington, DC: CDC. Retrieved
from: http://www.cdc.gov/.
Centers for Medicare and Medicaid Services (2009). Health Information Technology. Retrieved
from CMS: .
Centers for Medicare and Medicaid Services (2009) Security Standard Overview. Retrieved
from: http://www.cms.hhs.gov/SecurityStandard/.
Centers for Medicare and Medicaid Services. (2009). Medicare and Medicaid health information
technology: title IV of the American Recovery and Reinvestment Act [Fact sheet].
CMS. (2009). June 16, [Fact sheet]. Retrieved from
http://www.cms.hhs.gov/apps/media/press/factsheet.asp?
Counter=3466&intNumPerPage=10&checkDate=&checkKey=&srchType=1&numDays
=3500&srchOpt=0&srchData=&keywordType=All&chkNewsType=6&intPage=&show
All=&pYear=&year=&desc=&cboOrder=date.
Centers for Medicare and Medicaid Services (2009). Title 42--Public Health , Chapter IV-Part
482. Conditions of Participation for Hospitals. Retrived from:
http://www.access.gpo.gov/nara/cfr/waisidx_04/42cfr482_04.html.
Centers for Medicare and Medicaid Services (2009). Stark laws and Physician self referral law.
Sec. 1877 [42 U.S.C. 1395nn]. Retrieved from
http://www.cms.hhs.gov/PhysicianSelfReferral/Downloads/section_1877.pdf.
Centers for Medicare and Medicaid Services.( 2009). Market Basket Adjustments. Retrieved
from: http://www.cms.hhs.gov/MedicareProgramRatesStats/downloads/info.pdf.
Certification Commission for Health Information Technology. (2009, September 8). Certification
commission launching 2011 certification programs in October. Retrieved from:
http://www.cchit.org/media/news/2009/09/certification-commission-launching-2011-
certification-programs-october.
Chaudhry,B., Wang, J., Wu, S., Maglion, M., Mojica, W. et al. ( 2006, May 16).
Systematic review: impact of health information technology on quality, efficiency and
costs of medical care. Annals of Internal Medicine. vol. 144 no. 10 742-752. Retrieved
from: http://www.annals.org/content/144/10/742.abstract.
CMS. (2009, September 1). H.R. Doc. No. SMD#09-006 at 1 Center for Medicaid and State
Operations Update to ARRA Hit #1. Retrieved from:
http://www.cms.hhs.gov/smdl/downloads/SMD090109.pdf.
Cohen, E. (2008, June 5). Your private health details may already be online. CNN. Retrieved
from http://www.cnn.com/2008/HEALTH/06/05/ep.online.records/index.html.
Conover, C. J. (2004, October 4,). Health care regulation: a $169 billion hidden tax. Cato
Institute. Policy Analysis No. 527. Retrieved from:
http://www.cato.org/pub_display.php?pub_id=2466
Creswell, J. W. (2009). Research design: Qualitative, quantitative, and mixed methods
approaches. (3rd ed.). Los Angeles. Sage.
Denzin, N.K., & Lincoln, Y. S. (Eds.), (1994). Handbook of qualitative research (pp. 273–285).
Thousand Oaks, CA: Sage.
Department of Health and Human Services. (2009). Overview of the American Recovery and
Reinvestment Act of 2009: implementation plan. Retrieved from:
http://www.hhs.gov/recovery/overview/index.html.
Department of Health and Human Services. (2009). Accelerating the Adoption of Health Information
Technology. Retrieved from: http://www.hhs.gov/recovery/reports/plans/onc_hit.pdf .
Department of Health and Human Services. (2009, September 19). Broad recovery goals).
Washington, D.C. Retrieved from:
<http://www.hhs.gov/recovery/reports/plans/index.html>.
Department of Health and Human Services. (2009). Patient Safety and Quality Improvement Act
of 2005 Statute and Rule. Retrieved from:

http://www.hhs.gov/ocr/privacy/psa/regulation/index.html.
Department of Health and Human Services. (1999). Patient Safety
Task Force. Retrieved from: http://www.premierinc.com/quality-safety/tools-
services/safety/topics/patient_safety/downloads/05_AHRQ_factsheet.pdf.
Department of Health and Human Services.(2003, May).Summary of the HIPAA Privacy Rule.
Retrieved from:
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf
Drumm, A. (2009). California Privacy and Security Advisory Board Education Committee Fact
Sheet. Retrieved from:
http://www.ohi.ca.gov/calohi/Portals/0/files/doc/PSAB_EDComFactsheet.doc.
eHealth Initiative. (2009). Retrieved from: http://www.ehealthinitiative.org/.
Electronic Records, Electronic Signatures.(2003, August). Part 11 of Title 21 of the Code of
Federal 20 Regulations; (21 CFR Part 11). Retrieved
from :http://www.fda.gov/downloads/RegulatoryInformation/Guidances/ucm125125.pdf\.
Federal Advisory Committee Act.(1994). Federal Register. Pub.L. 92-463(5 U.S.C. App.)
Retrieved from: http://epic.org/open_gov/faca.html.
Federal Healthcare Architecture. (2009). retrieved from
http://www.dhhs.gov/fedhealtharch/index.html.
Federal Health IT Committee. (2009, August). Electronic Health Records Advancing 21st
Century Medicine [Fact sheet]. Retrieved from
http://www.hhs.gov/news/facts/20080131c.html.
Federal Health IT Committee. (2009, August). Health IT Policy Council recommendations to

National Coordinator for defining Meaningful Use Final- August 2009. Retrieved from:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10741_888532_0_0_18/FIN
AL%20MU%20RECOMMENDATIONS%20TABLE.pdf.
Federal Health IT Committee. (2008, June 3). The ONC-Coordinated Federal Health
Information Technology Strategic Plan: 2008-2012. Department of Health and Human
Services. Retrieved from:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848084_0_0_18/HIT
StrategicPlanSummary508.pdf .
Federal Rules of Evidence (Article VIII). (1997). Retrieved from
http://expertpages.com/federal/a8.htm.
Ferman, J. (2006, Jan). Health information technology. Healthcare Executive. 21,1.
Food and Drug Administration. (2009). Centennial of FDA. Retrieved from:
http://www.fda.gov/AboutFDA/WhatWeDo/History/CentennialofFDA/default.htm.
Food and Drug Administration Amendments Act of 2007. (2007, September 27). Public Law
110-85.Food and Drug Administration. Retrieved from:
http://www.fda.gov/RegulatoryInformation/Legislation/FederalFoodDrugandCosmeticAc
tFDCAct/SignificantAmendmentstotheFDCAct/FoodandDrugAdministrationAmendment
sActof2007/FullTextofFDAAALaw/default.htm.
Food and Drug Administration. (2009). This week in FDA history- June20, 1963. Retrieved
from: http://www.fda.gov/AboutFDA/WhatWeDo/History/ThisWeek/ucm117831.htm.
Garrido, T., Raymond, B., Jamieson, L., Liang, L., & Wiesenthal, A. (2004). Making the business
case for hospital information systems- a Kaiser Permanente investment decision. Journal
of Health Care Finance, 31(2),p 16-25 .
Giorgi, S. B. (2009). California Privacy and Security Advisory Board Legal Committee, Fact
Sheet. Retrieved from:
https://s0001.ca.gov/calohi/docs/PSAB_LegalCommitteeFactSheet.doc.
Girosi, F., Meili, R., & Scoville, R. (2005). Extrapolating evidence of health information
technology savings and costs [White paper]. Retrieved from Rand Health:
http://www.rand.org/pubs/monographs/2005/RAND_MG410.pdf.
Glaser, B G.(ED) (1995). A Look at Grounded Theory: 1984 to 1994. Sociology Press(2), pp. 3-
17.
Glaser, J.P., & Phillips, M.T. (2003, September), Converting nonbelievers. Healthcare
Informatics Online. Retrieved from:
http://www.providersedge.com/ehdocs/ehr_articles/Converting_Nonbelievers.pdf.
Goedert,J. (2009, June 16). First look at meaningful use. Health Data Management. Retrieved
from http://www.healthdatamanagement.com/news/meaningful_use-38487-1.html.
Goldstein, J. (2009, January 29). Stimulus boosts electronic health records. The Philadelphia
Inquirer, p. 47.
Goodman, J. C. (2001, April 30). Characteristics of an ideal health system. National Center for
Policy Analysis. No.242. Washington, DC. Retrieved from: .
http://www.ncpa.org/pub/st242/ .
Goodman, J. C. (2009, July 1). A prescription for American health care. USA Today, pp. 10-12.
Goodman, S. (2009). Electronic medical records: The promise and the reality. Physicians News
Digest. Retrieved from www.physiciansnews.com/electronic-medical-records-the-
promise-and-the-reality/html.
Hackbarth, G., & Milgate, K. (2005). Using quality incentives to drive physician adoption of
health information technology. Health Affairs, 24, 1147-1149.
Halamka, J.(2009, May 19). The ONC ARRA implementation plan. HHS Recovery Website.
Retrieved from: http://ehrdecisions.com/.
HealthLeaders Media (2007) 2007 Health leaders annual survey. Media Health Leaders.
Retrieved from: www.healthleadersmedia.com.
Health Informatics Standards Board. (2009). Retrieved from
http://www.ahrq.gov/data/datameet.htm.
Health Information Exchange. (2009). Retrieved from:
http://www.himss.org/asp/topics_rhio.asp.
Health Information and Management Systems Society. (2009, April 21,). EHR Association
recommendations for ARRA meaningful user and EHR certification criteria for hospitals.
(HIMSS). Washington,D.C.
Health Information and Management Systems Society. (2009, July 1,). The American Recovery
and Reinvestment Act of 2009: summary of key health information technology provisions
(HIMSS). Washington,DC: HIMSS.
Health Insurance Portability and Accountability Act of 1996 (1996, August 21). Public Law 204-
292. (HIPAA) . Retrieved from:
http://www.cms.hhs.gov/hipaageninfo/downloads/hipaalaw.pdf.
Health IT Policy Committee. (2009). Retrieved from : http://healthit.hhs.gov/portal/server.pt?

open=512&objID=1269&parentname=CommunityPage&parentid=5&mode=2.
Health Information Security and Privacy Collaboration. (2009). Retrieved from:
http://www.rti.org/page.cfm?objectid=09E8D494-C491-42FC-BA13EAD1217245C0.
Health Information Technology Regional Centers. (2009). Retrieved from:
http://healthit.hhs.gov/portal/server.pt?
Health IT Standards Committee. (2009). Retrieved from: http://healthit.hhs.gov/portal/server.pt?
Health Management Technology.(2009, August). EMR: one hospital that got it right. Health
Management Technology; 30,8; ABI/INFORM Glbal. Pg.15.
Health Information Technology Policy Commission. (2009). Meaningful Use. Retrieved from:
http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1325&parentname=CommunityPage&parentid=15&mode=2&in_hi_u
serid=11113&cached=true.
Health Resources and Services Administration. (2009). Retrieved from: www.hrsa.gov/.
Healy, B. (2009, February 17). Electronic medical records: will your privacy be safe?. US News
and World Report, 27.
Hildreth, S. (2009). Healthcare electronic records technology and government funding:
improving patient care? OmniMD. Retrieved from
http://www:myemrstimulus.com/healthcare-electronic-records-technology-government-
fun.html.
Hillestad, R., Bigelow, J., Bower, A., Girosi, F Meili, R. et al. (2005). Can electronic medical
record systems transform health care? Potential health benefits, savings, and
costs .Health Affairs.24, no 5. p 1103-1117. Retrieved from:
http://content.healthaffairs.org/cgi/content/abstract/24/5/1103.
HIMSS. (2009, March 13,). Health information technology in California: Current trends, future
opportunities [White paper]. Retrieved from :www.himss.org.
HIMSS. (2003, November 6). HIMSS electronic health record definition model [White paper].
Retrieved from HIMSS: http://www.himss.org/content/files/ehrattributes070703.pdf.
HIMSS Analytics. (2007). 2007 Annual report of the U.S. hospital IT market (HIMSS Analytics
and HIMSS). Chicago: The Dorenfest Institute. Retrieved from:
http://www.himss.org/foundation/docs/2007AnnualReport.pdf.
HIMSS. (2003, November 6,). HIMSS Electronic health record definitional model. Retrieved
from : http://www.providersedge.com/ehdocs/ehr_articles/HIMSS_EMR_Definition_
Model_v1-0.pdf
HIMSS Analytics. (2006, January 26,). Electronic medical records vs. electronic health records:
yes, there is a difference [White paper]. Retrieved from :
http://www.himssanalytics.org/docs/wp_emr_ehr.pdf.
Hing, E.S., Burt, C.W., Woodwell, D.A. (2007, October 26). Electronic medical record use by
office-based physicians and their practices: United States, 2006.
Inspector General. (2009). Retrieved from: www.ignet.gov/.
Jha, A. K., DesRoches, C. M., Campbell, E. G., Donelan, K., Rao, S. R., & Ferris, T. G. (2009).
Use of electronic health records in U.S. hospitals. The New England Journal of Medicine,
360:1628-1638(16). Retrieved from

http://content.nejm.org/cgi/content/full/NEJMsa0900592.
Leavitt, M. (2009). A clearer path forward for health IT certification. EHR Decisions. Retrieved
from http://ehrdecisions.com.
Levinson, D.R. (2009). An open letter to health care providers. Department of Health and Human
Services. March 24 (2009). Retrieved from:
http://oig.hhs.gov/fraud/docs/openletters/OpenLetter3-24-09.pdf.
Lieberman, T. (2009). What the stimulus package holds for health care. Columbia Journalism
Review. Retrieved from www.cjr.org/campaign_desk/what_the-stimulus-package-
hold.php?page.html.
Lindsay, F., & Sliepka, M. (2005). Successful care management: the new healthcare imperative
(EDS). California: EDS. Retrieved from: http://jobfunctions.bnet.com/abstract.aspx?
docid=149939&tag=col1;co-competitors.
Lohr, S. (2009, March 1,). Taking innovation beyond the ’aha’. The New York Times,
Meaningful Use Workgroup. (2009). Recommendations from the meaningful use workgroup to
the Health IT Policy Committee. June 16, 2009. Retrieved from:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_11113_872720_0_0_8/Meani
ngful%20Use%20Preamble.pdf .
Medical Care Recovery Act . (2007, September 19). Title 32: National Defense. PART
757—Affirmative Claims Regulations Subpart B—Medical Care Recovery Act (MCRA)
Claims and Claims Asserted Pursuant to 10 U.S.C. 1095. [72 FR 53428, Sept. 19, 2007]
Retrieved from: http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?
c=ecfr&sid=12f0d449db546981586a6bb5158dcb61&rgn=div6&view=text&node=32:5.1
.1.5.29.2&idno=32.
Miller, A., & Tucker, C. (2007, January 8). Privacy protection and technology diffusion: The
case of electronic medical record.s (University of Virginia and Massachusetts Institute of
Technology).
Monegain, B. (2009, March 12). HHS new office of recovery act coordination to oversee
stimulus money. Healthcare IT News. Retrieved from:
http://www.healthcareitnews.com/news/hhs-new-office-recovery-act-coordination-
oversee-stimulus-money.
National Association of Health Data Organizations. (2009). Retrieved from: www.hando.org.
National Center for Health Statistics. (2009). Retrieved from www.cdc.gov/nchs/.
National Committee for Quality Assurance. (2009). Retrieved from www.ncqa.org.
National Committee on Vital and Health Statistics. (2009). Retrieved from www.ncchs.hhs.gov/.
National health Information Network. (2009). Retrieved from:
http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&cached=true&objID=1142.
National Institutes of Health. (2005, April) Electronic health record overview. National
Institutes of Health. National Center for Research Resources. McLean, Va.
National Uniform Billing Committee. (2009). Retrieved from www.nubc.org.
National Conference of Commissioners on Uniform State Laws. (1985) National Uniform
Healthcare Information Act. Retrieved from
http://www.ncbi.nlm.nih.gov/pubmed/10274535.
O’Brien, J.P. (2006, August). HHS announces new Federal Stark law exceptions. Client
Advisory. Retrieved from: http://www.kattenlaw.com/files/Publication/f7653806-4484-

47c3-84bc-53e46dd2aa7f/Presentation/PublicationAttachment/01625f8c-d2ed-4783-b2fb
66ab4f76305/hhs%20announces%20new%20federal%20stark%20law%20exceptions.pdf
Office of Civil Rights. (2009). Retrieved from: http://healthit.hhs.gov/portal/server.pt?
open=512&mode=2&cached=true&objID=1142.
Office of Civil Rights.(2009). The HIPAA Privacy Rule and Electronic Health Information
Exchange in a Networked Environment. Retrieved from:
http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/healthit/introduction.pdf
Office of Civil Rights.(2009). The HIPAA Privacy Rule’s Right of Access and Health Information
Technology. Retrieved from:
http://www.hhs.gov/ocr/privcy/hipaa/understading/special/healthit/eaccess.pdf
Office of the Inspector General.(2009). HHS Recovery Act oversight. Retrieved from:
http://oig.hhs.gov/recovery/.
Office of the Inspector General.(2006, August 8). Medicare and State health care programs:
fraud and abuse; safe harbors for certain electronic prescribing and electronic health
records arrangements under the anti-kickback statute; final rule. Department of Health
and Human Services .42 CFR Part 1001. Retrieved from:
http://oig.hhs.gov/authorities/docs/06/OIG%20E-Prescribing%20Final%20Rule
%20080806.pdf
Office of the Inspector General.(2009). Whistleblower protections under the Recovery Act.
Section 1553 of Division A, Title XV of the American Recovery and Reinvestment Act of
2009. Retrieved from: http://www.oig.dot.gov/recovery/whistleblower_protections.jsp.
Office of the National Coordinator for Health Information Technology .(2008 December 15).
Nationwide privacy and security framework for electronic exchange of individually
identifiable health information. Retrieved from:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/Nati
onwidePS_Framework-5.pdf.
Price Waterhouse Coopers. (2009, April). Rock and a hard place. Retrieved from Price
Waterhouse Coopers website: http://www.pwc.com/us/en/healthcare/publications/rock-
and-a-hard-place.jhtml.
Public Health Services Act, 2009.(2009, May 28). Federal Register: May 28, 2009 (Volume 74,
Number 101)][Notices] [Page 25550-25552] From the Federal Register Online via GPO
Access [wais.access.gpo.gov] [DOCID:fr28my09-67].
Pure Food and Drugs Act of 1906. (1906). United States Statutes at Large (59th Cong., Sess. I,
Chp. 3915, p. 768-772). Retrieved from http://www.h-
net.org/~hst203/documents/pure.html.
Recovery Accountability and Transparency Board. (2009). Retrieved from:
http://www.recovery.gov/About/board/Pages/TheBoard.aspx.
Rehabilitation Act of 1973. (1973). Public Law 93-112. 93rd Congress, H.R. 8070. September 26,
1973. Retrieved from: http://www.dotcr.ost.dot.gov/documents/ycr/REHABACT.HTM .
Regional Health Information Organizations. (2009). Retrieved from:
http://www.himss.org/asp/topics_rhio.asp.
Southern California Evidence-based Practice Center. (2006, April). Costs and benefits of health
information technology. Evidence Report, Technology Assessment Number 132. AHRQ
Publication No. 06-E006. Retrieved from:

http://www.ahrq.gov/downloads/pub/evidence/pdf/hitsyscosts/hitsys.pdf.
State Alliance for eHealth. (2009). Retrieved from: http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1241&parentname=CommunityPage&parentid=1&mode=2&in_hi_us
erid=10741&cached=true.
State Level Health Information Exchange Consensus Project. (2009). Retrieved from:
http://www.slhie.org/.
Stead, W., Kelly, B.J., Koldner, R.M. (2005, March/April).Achievable steps toward building a
national health information infrastructure in the United States. Journal of the American
Medial Informatics Association. Volume 23. Number 2.
Strauss, A and Corbin, J. (1994) .Grounded Theory Methodology; an overview. In Denzin N.K
and Lincoln Y.S. Handbook of Qualitative Research. London. Sage.
Substance Abuse and Mental Health Services Administration, Center for Substance Abuse
Treatment. (2004, June).The confidentiality of alcohol and drug abuse patient records
regulation. Retrieved from: http://www.hipaa.samhsa.gov/Part2ComparisonCleared.htm.
Swartz, N. (2004). A prescription for electronic health records. Information Management
Journal, 38(4), 20. Retrieved from http://www.allbusiness.com/technology/180648-
1.html.
Tanner, M. (2009, September 9). Halfway to where? answering the key questions of health care
reform. The Cato Institute. Policy Analysis no. 643 . Washington, DC: The Cato Institute.
Taylor, R., Bower, A., Girosi, F., Bigelow, J., Fonkych, K., & Hillestad, R. (2005). Promoting
health information technology: is there a case for more aggressive government action?.
Health Affairs, 24, 1234-1245. Retrieved from:

http://content.healthaffairs.org/cgi/content/full/24/5/1234
Thakkar, M., & Davis, D. C. (2006) . Risks, barriers and benefits of EHR systems: a
comparative study based on size of hospital [White paper]. Retrieved from AHIMIA
website: http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_
031779.html.
The Advisory Board (2009, May 14,). Stimulus bill update: funding opportunities for hospitals
and health systems (The Advisory Board). Washington, DC: The Advisory Board.
The Commonwealth Fund. (2009, February). International survey: US slow to adopt health it
(The Commonwealth Fund). New York: The Commonwealth Fund.
The Cleveland Clinic .(2009). It all starts with the electronic medical record. Retrieved from
Cleveland Clinic: http://my.clevelandclinic.org/patients/records/electronic.aspx.
The Dorenfest Institute. (2005). The financial systems hospital IT market, 1998-2005. Retrieved
from HIMSS: http://www.allbusiness.com/technology/180648-1.html.
The Joint Commission. (2009). Joint Commission Requirements. Retrieved from:
http://www.jointcommission.org/Standards/.
The Markle Foundation. (2009). Achieving the health IT objectives of the American Recovery
and Reinvestment Act. A framework for ‘Meaningful Use’ and ‘Certified or Qualified’
E H R. The Markle Foundation. Connecting for Health. New York: The Markle
Foundation. Retrieved from:
http://www.markle.org/downloadable_assets/20090430_meaningful_use.pdf
The Rand Corporation. (2005). Health information technology can HIT lower costs and improve
quality? (The Rand Corporation). Retrieved from Rand Health website:

http://www.rand.org/pubs/research_briefs/RB9136/index1.html.
Title VI of the Civil Rights Act of 1964. (1964). 42 U.S.C. § 2000d et seq. Retrieved from:
http://www.justice.gov/crt/cor/coord/titlevi.php.
Title IX, Education Amendments of 1972. (1972). Title 20 U.S.C. Sections 1681-1688. Retrieved
from: http://www.dol.gov/oasam/regs/statutes/titleIX.htm.
United States Department of Justice. (2009). Freedom of Information Act. Retrieved from
http://www.justice.gov/oip/foia_guide09.htm
Unruh, B. (2009). Economic stimulus? feds want your medical records. World Net Daily.
Retrieved from www.wnd.com/indexd.php?fa=PAGE.view&pageID=873222.
Walker, J., Pan, E., Johnston, D., Adler-Milstein, J., Bates, D. W., & Middleton, B. (2005). The
value of health care information exchange and interoperability. Health Tracking, 5, 11-18.
Wangsness, L. (2009, January 1,). Letter highlights hurdles in digitizing health records specialists
tell Obama current systems flawed. The Boston Globe, ed. The Boston Globe
Ways and Means Committee. (2009, January 16). Title IV - Health Information Technology for
Economic and Clinical Health Act. Prepared by the Majority Staff of the Committees on
Energy and Commerce. Retrieved from
http://waysandmeans.house.gov/media/pdf/110/hit2.pdf.
Wulsin, L., & Doughtery, A. (2008). The HIT primer. (California Research Bureau). Sacramento,
California: California State Library Research Bureau. Retrieved from:
http://www.library.ca.gov/crb/08/08-013.pdf
APPENDIX A
Appendix B
Literature Review: Models and Theories Using Open Coding Model
Theory/Topic Discussion Source

ARRA Overview of the American AHRQ 2009
Recovery and Reinvestment Act
Barriers Increased concerns by physicians American College of Foot and
regarding implementation of an Ankle Surgeons
electronic medical record system
Barriers Discussion of the improvement to Brown,Bailey & Miller, 2005
patient safety that will be gained
through information technology
Barriers Review of key questions regarding Tanner, 2005
the current healthcare reform
Barriers review of risks, barriers and Thakkar, 2006
benefits of implementing an HER
in a hospital
Basics HIT basic information Wulsin, 2008
Benefits Best practices in health records Amatayakul & Work, 2005
Benefits Look at the future of electronic AHIMA, 2003
records
Benefits review of reality vs. the promises Goodman, 2009
made regarding the value of an
EMR
Benefits review of innovative options Lohr, 2009
Cost review of the over-regulation of Conover, 2004
healthcare and the enormous cost
to the entire system for supporting
all the agencies
Costs Review of modeling to identify Rand study, 2005
savings and costs of an EMR
Costs costs, benefits analysis using a Hillestad et al, 2005
modeling system to identify impact
on an EMR
Costs Report reviewing the financial Rand study, 2005
advantages to HIT
Definition Review of a conceptual model for Asp, Lone, Peters, 2003
clinical documentation and an
electronic health record
Impact of Stimulus review of the stimulus and the Goldstiein, 2009
increase in hospital
implementations of EHRs
Implementation Review of Kaiser experience with Garrido et al , 2004

implementing a fully integrated
EMR throughout their system
Implementation Current status of utilization of Jha, 2009
EMRs in US hospitals
Implementation review of stimulus package for Lieberman, 2009
health care
Privacy Concern that the new stimulus Brailer, 2009
package could impinge on
Americans' health privacy
Privacy discussion regarding the Cohen, 2008
availability of private health details
to online users
Privacy will electronic records make it Healy, 2009
easier to insure privacy of our
records, or will they be less safe?
Privacy Review of privacy concerns and Healy, 2009
electronic medical records
Privacy Report identifying the concern of Uhruh, 2009
placing full access to medical
records in the hands of the
government
Regulations Compliance risk review of an AIS Compliance
electronic medical record system
Regulations Review of Medicaid regulations Binder & Grady 2009
impacted by the ARRA
Regulations review of applicable regulations Centers for Disease Control,
2007
Regulations requirements for use of health Centers for Medicare and
information technology and Medicaid Services, 2009
stimulus monies available by
meeting requirements
Regulations review of Title IV requirements as CMS, 2009
outlined by Medicare and Medicaid
Regulations Overview of the ARRA Department of Health and
implementation plan Human Services, 2009
Regulations Review of all the new regulations Federal HIT Committee, 2009
Regulations review of meaningful use and HIMSS, 2009
certification criteria
Regulations review of the "required" elements Price Waterhouse Coopers,
and the financial impact on 2009
hospitals that choose not to
implement an EMR
Regulations should government become more Taylor et al, 2005
aggressive in promoting HIT?
Standards review of appropriate methods for California Healthcare
identification of standards in the foundation, 2007
electronic record
Theory/Topic Discussion Source
Status Annual report of the US Hospital IT HIMSS, 2007

Market
Status A look at the future of healthcare in Battani & Zywiak, 2009

the year 2015
Status of Review of the progress of hospital AMA, 2007

implementation in use of information technology
hospitals
Stimulating adoption Discussion of the barriers and the Blumenthal, 2009
value of pro-actively implementing
an E H R
Strategy review of a strategy for Catholic Healthcare West, 2009
implementation of a clinical
information system within a large
healthcare network
Timing Recommendation that it's time for Bass & Johnson, 2008
hospitals to act quickly to
implement an electronic record
APPENDIX C
Title 42 Federal Public Health Regulations
SUBCHAPTER A--GENERAL PROVISIONS

Claims Collection and Compromise
CIVIL MONEY PENALTIES, ASSESSMENTS, AND EXCLUSIONS
CIVIL MONEY PENALTIES AND ASSESSMENTS
EXCLUSIONS
PART 403—SPEPECIAL PROGRAMS AND PROJOECTS

State Regulatory Programs
Voluntary Certification Program: General Provisions
Recognition of State Reimbursement Control Systems
Religious Nonmedical Health Care Institutions-Benefits, Conditions of Participation and Payment
Medicare Prescription Drug Discount Card and Transitional Assistance Program
Medical Services Coverage Decisions That Relate to Health Care Technology
Suspension of Payment, Recovery of Overpayments, and Repayment of Scholarships and loans
Suspension and Recoupment of Payment to Providers and Suppliers and Collection
Private Contracts
Criteria for Determining Reasonable Charges
Reconsiderations and Appeals Under Medicare Part A
Appeals Under the Medicare Part B Program
Determinations, Redeterminations, Reconsiderations, and Appeals Under Original Medicare
Initial Determinations
Redeterminatations
Reconsiderations
Reopenings
Expedited Access to Judicial Review
Applicability of Medicare Coverage Policies
Medicare Appeals Council Review
Expedited Determinations and Reconsiderations of Provider Service Terminations
Provider Reimbursement Determinations and Appeals
Conditions for Coverage of Suppliers of End-Stage Renal Disease (ESRD) Services
HOSPITAL INSURANCE ELIGIBILITY AND ENTITLEMENT
Hospital Insurance Without Monthly Premiums
Premium Hospital Insurance
Special Circumstances That Affect Entitlement to Hospital Insurance
SUPPLEMENTARY MEDICAL INSURANCE (SMI) ENROLLMENT AND ENTITLEMENT
Individual Enrollment and Entitlement for SMI
State- Buy-In Agreements
PREMIUMS FOR SUPPLEMENTARY MEDICAL INSURANCE
Amount of Monthly Premiums
Deductions from Monthly Benefits
HOSPITAL INSURANCE BENEFITS
Inpatient Hospital Services and Inpatient Critical Access Hospital Services
§ 409.10 Included services.
§ 409.11 Bed and board.

§ 409.12 Nursing and related services, medical social services; use of hospital or CAH facilities
§ 409.13 Drugs and biologicals.
§ 409.14 Supplies, appliances, and equipment.
§ 409.15 Services furnished by an intern or a resident-in-training.
§ 409.16 Other diagnostic or therapeutic services.
§ 409.17 Physical therapy, occupational therapy, and speech-language pathology services
§ 409.18 Services related to kidney transplantations.
Posthospital SNF Care
Requirements for Coverage of Posthospital SNF Care
Home Health Services Under Hospital Insurance
Scope of Hospital Insurance Benefits
SUPPLEMENTARY MEDICAL INSURANCE (SMI) BENEFITS
Patient Rehabilitation Facility Services
EXCLUSIONS FROM MEDICARE AND LIMITATIONS ON MEDICARE PAYMENT
§ 411.1 Basis and scope.
Insurance Coverage That Limits Medicare Payment: General Provisions
§ 411.20 Basis and scope.
§ 411.21 Definitions.
§ 411.22 Reimburs obligations of prim payers and entities that received payment from primary payers
Limitations on Medicare Payment for Services Covered Under Workers' Conpensation
§ 411.40 Gneral provisions.
Limitations on Medicare Payment for Services Covered Under Liabiity or No Fault Insurance
§ 411.50 General provisions.
Limitations on Payment for Services Covered Under Group Health Plans: General Provisions
Special Rules for Individuals Eligible or Entitled on the Basis of ESRD
Financial Relationships Between Physicians and Entities Furnishing Designated Health Services
PROSPECTIVE PAYMENT SYSTEMS FOR INPATIENT HOSPITAL SERVICES
§ 412.1 Scope of part.
§ 412.2 Basis of payment.
Conditions for Payment Under the Prospective Payment Systems for Inpatient Operating
Costs and Inpatient Capital Related Costs
§ 412.40 General requirements.
§ 412.42 Limitations on charges to beneficiaries.
§ 412.44 Medical review requirements: Admissions and quality review.
§ 412.46 Medical review requirements: Physician acknowledgement.
§ 412.48 Denial of payment as a result of admissions and quality review.
§ 412.50 Furnishing of inpatient hospital services directly or under arrangements
§ 412.52 Reporting and recordkeeping requirements.
§ 412.60 DRG classification and weighting factors.
§ 412.62 Federal rates for inpatient operating costs for fiscal year 1984.
§ 412.63 Federal rates for inpatient operating costs for Federal fiscal years 1984-2004
§ 412.64 Federal rates for inpatient operating costs for Federal fiscal year 2005-subsequent fiscal years
Determination of Transition Period Payment Rates for the Prospective
Payment System for Inpatient Operating Costs
§ 412.70 General description.
§ 412.71 Determination of base-year inpatient operating costs.
§ 412.72 Modification of base-year costs.
§ 412.73 Determination of the hospital-specific rate based on a Federal fiscal year 1982 base period
Determination of the hospital-specific rate for inpatient operating costs based on a Federal fiscal year 1987 base
§ 412.75 period
§ 412.76 Recovery of excess transition period payment amounts resulting from unlawful claims
Determination of the hospital-specific rate for inpt oper costs based on a Fed fiscal year 1987 base period costs
§ 412.77 for sole community hospitals based on a Fiscal fiscal year 1996 base period
Payment for Outlier Cases
§ 412.80 Outlier cases: General provisions.
§ 412.82 Payment for extended length-of-stay cases (day outliers).
§ 412.84 Payment for extraordinarily high-cost cases (cost outliers).
§ 412.86 Payment for extraordinarily high-cost day outliers.
§ 412.87 Additional payment for new medical services and technologies: General provisions
§ 412.88 Additional payment for new medical service or technology.
Payment Adjustment for Certain Replaced Devices
§ 412.89 Payment adjustment for certain replaced devices.
Special Treatment of Certain Facilities Under the Prospective
Payment System for Inpatient Operating Costs
§ 412.90 General rules.
§ 412.92 Special treatment: Sole community hospitals.
Payments to Hospitals Under the Prospective Payment System
§ 412.110 Total Medicare payment.
§ 412.112 Payments determined on a per case basis.
§ 412.113 Other payments.
§ 412.115 Additional payments.
§ 412.116 Method of payment.
§ 412.120 Reductions to total payments.
§ 412.125 Effect of change of ownership on payments under the prospective payment systems
§ 412.130 Retroactive adjustments for incorrectly excluded hospitals and uniits
Criteria and Conditions for Redesignation
§ 412.230 Criteria for an individual hospital seeking redesignation to another rural area or an urban area
PROSPECTIVE PAYMENT SYSTEMS FOR INPATIENT HOSPITAL SERVICES
§ 412.300 Scope of subpart and definition.
§ 412.302 Introduction to capital costs.
§ 412.304 Implementation of the capital prospective payment system.
Basic Methodology for Determining the Federal Rate for Capital- Related Costs
§ 412.308 Determining and updating the Federal rate.
Determination of Transition Period Payment Rates for Capital-Related Costs
§ 412.324 General description.
Prospective Payment System for Inpatient Hospital Services of Inpatient Psychiatric Facilities
§ 412.400 Basis and scope of subpart.
Prospective Payment System for Long-Term Care Hospitals
Rehabilitatiion Hospitals and Rehabilitation Unit Prospective Payment System
APPENDIX D
Public Health Service Act
TITLE 42 - THE PUBLIC HEALTH AND WELFARE
CHAPTER 6A - PUBLIC HEALTH SERVICE
Subchapter I - Administration and Miscellaneous Provisions
Part A - Administration
Part B - Miscellaneous Provisions
Subchapter II - General Powers and Duties
Part A - Research and Investigation
Part B - Federal-State Cooperation
Part F - Licensing of Biological Products and Clinical Laboratories
Subpart 1 - Biological Products
Subpart 2 - Clinical Laboratories
Subpart 3 - Mammography Facilities
Part G - Quarantine and Inspection
Subchapter III - National Research Institutes
Part H - General Provisions
Subchapter XV Health Information and Health Promotion
• §300u-1 Grants and Contracts for Research Programs; Authority of Secretary; Review of Applications; Additional
Functions; Periodic Public Survey
• §300u-3 Grants and Contracts for Information Programs; Authority of Secretary; Particular Activities
Subchapter XIX Vaccines
Part 1 - National Vaccine Program
Part 2 - National Vaccine Injury Compensation Program
Subpart A - Program Requirements
Subpart B - Additional Remedies
Subpart C - Assuring a Safer Childhood Vaccination Program in the United States
Subpart D - General Provisions
Subchapter XXI - Research with Respect to Acquired Immune Deficiency Syndrome
Part B - Research Authority
Subchapter XXIV - HIV Health Care Services Program
Part D - General Provisions

APPENDIX E
Meaningful Use Documents
• From ONC:
o In June 2009, ONC staff identified a subset of providers eligible for incentive payments who
were likely to have different needs of their EHRs than primary care providers (e.g.,
specialists and non-physician providers). ONC convened brief calls with representatives
from these provider groups to promote a better understanding of how EHRs and meaningful
use would impact their work.
 Summary of 6/09 Comments from Non-physician and Specialist Physician Providers
• From CMS:
o Details for: Medicare and Medicaid Health Information Technology: Title IV of the American
Recovery and Reinvestment Act
• From HIT Policy Committee:
o August 14, 2009 meeting
 Meaningful Use Workgroup Update
 FINAL Meaningful Use Objectives and Measures: 2011-2013-2015
o July 16, 2009 meeting
 Meaningful Use Objectives and Measures: 2011-2013-2015 (early version)
o Summary of Public Comments Received on Draft Meaningful Use Matrix Developed by

Meaningful Use Workgroup of Health IT Policy Committee (June 2009)
• From HIT Standards Committee:
o August 20, 2009 meeting
 HIT Standards Committee Meaningful Use Measures Data Elements Grid
 HIT Standards Committee Summary of Clinical Operations Workgroup
 HIT Standards Committee Privacy & Security Workgroup - Standards Applicable to

ARRA Requirements
• From the National Committee on Vital and Health Statistics (NCVHS):
o Observations on "Meaningful Use" of Health Information Technology (6/01/09)
o Report of Hearing on "Meaningful Use" of Health Information Technology (5/18/09)
Location:http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1325&&PageID=16490&mode=2&in_hi_userid=11113&cached=true
APPENDIX F
Certification Commission for Health Information Technology

CCHIT
Inpatient EHR Products

Date Certification
Company Product Certification
Certified Expires
Cerner Millennium PowerChart 2007

Cerner Corporation 1/22/2008 1/22/2011 2007
Fully Certified
CPSI (Computer
CPSI System 16
Programs and 11/5/2007 11/5/2010 2007
Fully Certified
Systems), Inc.
Eclipsys Sunrise Acute Care 4.5 SP4

11/5/2007 11/5/2010 2007
Corporation Fully Certified
EpicCare Inpatient Clinical System

Epic Systems
Spring 2008 11/12/2008 11/12/2010 2008
Corporation
Fully Certified
Epic Systems EpicCare Inpatient Spring 2007

11/5/2007 11/5/2010 2007
Corporation Fully Certified
Centricity Enterprise Version 6

GE Healthcare 6/30/2008 6/30/2011 2007
Fully Certified
Healthcare Healthcare Management Systems

Management 7.0 11/5/2007 11/5/2010 2007
Systems, Inc. Fully Certified
Clinical Information Systems (CIS)

Healthland, Inc. 9.0.0 6/13/2008 6/13/2011 2007
Fully Certified
McKesson Provider Horizon Clinicals Suite ER 7.8.2

5/29/2008 5/29/2011 2007
Technologies Pre-Market
Advanced Clinical Systems Client

MEDITECH Server 5.6 1/22/2008 1/22/2011 2007
Fully Certified
MAGIC 5.6
MEDITECH 1/22/2008 1/22/2011 2007
Fully Certified
Opus Healthcare OpusClinicalSuite 2.3

6/18/2009 6/18/2011 2008
Solutions Pre-Market
Prognosis Health
ChartAccess 1.0
Information 11/5/2007 11/5/2010 2007
Fully Certified
Systems
INVISION Clinicals with Siemens

Pharmacy and Medication
Siemens Medical
Administration Check (MAK) V27.0/ 1/22/2008 1/22/2011 2007
Solutions USA Inc
V24.0
Fully Certified
MedSeries4 (MS4) Clinical Suite with

Siemens Pharmacy and Medication
Siemens Medical
Administration Check (MAK) V28.10/ 6/12/2008 6/12/2011 2007
Solutions USA Inc
V24.0
Fully Certified
Soarian Clinicals (with Siemens

Pharmacy and Medication
Siemens Medical
Administration Check) (MAK) V2.0C6 11/5/2007 11/5/2010 2007
Solutions USA Inc
(Pharmacy V24.1)
Fully Certified
SOWSIA Ondemand Healthcare uHPM 7Plus

Healthcare M1 7/16/2009 7/16/2011 2008
Solutions, Inc Pre-Market
Appendix G
Survey
Are the benefits of financial stimulus dollars to implement healthcare

Information technology an advantage or really about increased government
control?
The attached survey is a component of my MBA thesis project for Mount St. Mary’s College in Los
Angeles, California. I would like to respectfully request no more than five minutes of your time to complete the
attached survey. As a health care executive, your experience is vital to the completion of this research project.
Your cooperation is of course voluntary, and will be kept confidential. All survey response data will be for
statistical purposes only. A copy of the findings is available to you upon request.
The thesis topic concerns the Obama administration funding via the American Recovery and Reinvestment
Act of 2009 (ARRA) to hospitals and ambulatory clinics to implement electronic medical record (EMR) solutions so
that the nation can better share and manage the health care information of its citizens. The purpose of this survey is
to investigate the perception of hospital executives about the impact of the financial stimulus for adoption and use of
Health Information Technology (HIT) by the federal government.
If you have any questions regarding this survey or the general research area, please feel free to contact my
advisor, David Burkitt, Phd., at Mount St Mary’s College, MBA Program. Email: dburkitt@aol.com.
Thank you in advance for your valuable contribution.
Please return this survey via U.S. Mail in the enclosed envelope to:
Sara Small
St Johns Hospitals
Financial Services Building
2415 Antonio Avenue
Camarillo, California 93010-1414
Fax (818) 818-502-7709
Email: sara.small@chw.edu
1. In which state do you work?
2. Which of the following best describes your health care organization’s tax status:
Not for profit

For profit
Government
Other, specify
Don’t know
3. How many years have you worked in this occupation? (select one)
Less than 1 year 1-5 years 6-10 years
11-15 years 16-20 years over 20 years
4. Gender Male Female
5. Your Age Group (select one

20-30 31-40 41-50 51-60 Over 60
6. Has your organization implemented an electronic medical record system?

No, we’re just starting to think about it
No immediate plans
Yes, we are preparing now
We’re in the process of implementing now
Yes we have a system in place that meets the guidelines outlined in the ARRA
SURVEY QUESTIONS
How strongly do you agree or disagree with the following statements:
1. Excessive government regulations have created a formidable barrier for healthcare organizations and
providers to treat patients
2. The ARRA adds increased layers of bureaucratic regulation and cost to an industry that is already
over-regulated and suffering a severe economic crisis.
3. The ARRA is in reality the outline for total government control of the healthcare delivery system in the
United States.
4. Implementation of a “certified” electronic record within the time frame identified in the ARRA will
ultimately benefit the financial health of our organization
5. Identification of required standards for all aspects of the electronic health care record should be the
responsibility of the federal government
6. Uniform standards defining clinical care protocols should become a National model identified by the
federal government as a component of the “certified” electronic record.
7. The stimulus money outlined in ARRA is a benefit that has caused us to implement an electronic health
care system in a shorter time frame than originally planned.
8. The government requirements and regulations outlined for A “certified” EMR are appropriate
9. The increased regulatory agencies required to implement and monitor the Health Information Technology
initiatives add layers of unnecessary government expense
10. E H R will make it easier for organizations to be compliant with the new security and privacy regulations
11. Linking the patient healthcare records of our organization into a regional or national database will
adversely impact the financial health of our organization through decreased reimbursement
12. Government penalties for failing to implement an electronic health record that meets all the requirements
by 2015 is not realistic.
APPENDIX H
Letter of Response Regarding Research Project
November 2, 2009
Name: Sara Small
Faculty Advisor: David Burkitt, Ph.D.

Mount St. Mary’s College
Doheny Campus
Los Angeles, CA 90007
Dear Ms. Small:
Thank you for submitting your Application for Approval of Human Subjects Research entitled “MBA Thesis
Survey” to the Mount St. Mary's College Human Subjects Committee (HSC). The HSC appreciates the work you
and your Research Advisors, Dr. Burkitt have done on your protocol.
Following the Federal guidelines, the Human Subjects Committee of Mount St. Mary’s College has reviewed the
above-titled research project, as submitted in the Application for Approval of Human Subjects Research form. We
have determined that the policies for the protection of human subjects have been met.
On November 2, 2009 it was determined that your research study met criteria for EXPEDITED review under:
Title 45 CFR, Part 46.110 as it presents no more than minimal risk to participants and your protocol
meets the requirements of § 46.111(a) regarding minimal risk, risks are reasonable in relationship to the
benefits, selection of subjects is equitable, informed consent will be sought from each prospective subject,
informed consent will be appropriately documented, adequate provision for monitoring data collected
ensures the safety of subjects, and privacy and confidentiality are protected.
On November 2, 2009 it was also determined that your research study met Exempt status criteria under §45 CFR
46.101 (b)(2) or (b)(3) for Tests, Surveys, Interviews, or Public Behavior Observation in which the:
Information is recorded in such a manner that human subjects cannot be identified, directly or through
identifiers liked to the subjects; and disclosure of the responses outside the research does not place the
subjects at risk of criminal or civil liability; and is not damaging to the subjects’ financial standing,
employability or reputation.
Please note that your research must be conducted according to the proposal that was submitted to the HSC. Any
changes to the proposal which involve human subjects must be approved by the HSC prior to implementation.
Good luck in your research!
Sincerely,
Robin Gordon, Ph.D.

Chair, MSMC Human Subjects Committee

rgordon@msmc.la.edu (213) 477-2624

2009 Health Information Technology Act

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2009 Health Information Technology Act

Uploaded by

Copyright:

Available Formats

THE 2009 Health Information Technology Act

The 2009 Health Information Technology Act

True Financial Incentives or More Government Control?

A Thesis Presented to the Faculty of the Graduate School of Business

December 13, 2009

over the rough spots and guiding me through a complex process.

unconditional love and commitment. Thank you, husband!

The computerization of medical records has been recommended as a means to reduce

access to a patient's health and treatment history.

multiple data sources to finalize this theory.

Table 1: The State of Health Information Technology in California ….……... 11

Table 2: Summary of Federal Government Health IT ………………….……… 15

Table 3: Cost of Healthcare Facility Regulations………………………………. 16

Table 4: Medicare Hospital Incentives……………………………………….…. 57

Table 5: Medicare Hospital Incentives……………………….…………………. 59

Table 6: Medicare Penalties…………………………………….…………..….… 60

Table 7: Medicaid Incentives for Hospitals………………….………………….. 63

Table 8: Top Issues Confronting Hospitals……………….…………………….… 70

Table 9: Literature review open coding model………………..……………..…… 82

Table 10: Excessive government regulations…………………………………….. 83

Table 11: The ARRA adds increased layers of bureaucratic regulation………..… 84

Table 12: Implementation of a “certified” electronic record ..……………..……. 85

Table 13 Identification of required standards…………………………..……….... 86

Table 14: Uniform standards defining clinical care protocols………..………… 87

Table 16: The stimulus money outlined in ARRA is a benefit………………… 89

Table 17: The government requirements and regulations……………………… 90

Table 18: The increased regulatory agencies…………………………………… 91

Table 19: E H R will make it easier for organizations………………….……… 92

Table 20: Linking the patient healthcare records of our organization………… 93

Table 21: Government penalties for failing to implement……………………… 94

Table 22: Respondent Location ………………………………………….…..… 95

Table 23: Number of years in this occupation…………………..……………… 95

Table 24: Respondents Gender…………………………………………..….…... 96

Table 25: Respondent Age Range ……………………………………..….….…. 96

Table 26: Healthcare Organization’s Tax Status of Respondents……………….. 97

Table 27: Has your organization implemented an electronic medical record?........ 97

AHIMA. American Health Information Management Association

HISB. Health Informatics Standards Board

NAHDO. National Association of Health Data Organizations

NLM. National Library of Medicine

DEED OF DECLARATION …………………………………………… ii

APPROVAL SHEET …………………………………………………… iii

GLOSSARY OF TERMS……………………………………………….. viii

Background of the Study .......................... . 4

History of Electronic Health Record…………………………… 7

Statement of the Problem. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Chapter 2: LITERATURE REVIEW……………………………………. 10

Current State …………………………………………………… 10

American Recovery and Reinvestment Act……………………… 12

Purpose of Recovery Act HIT Incentives………………………… 14

Federal Regulatory Issues and Requirements……………………… 15

Health Information Privacy………………………………… 20

Food and Drugs…………………………………………… 27

Fraud & Prevention Detection……………………………. 28

Medical and Healthcare…………………………………… 31

Other Federal Laws……………………………………….. 32

Regulatory Agencies and Responsibilities ………………………… 36

California Legislation and Action Plans…………………………. 47

Medicare –Centers for Medicare and Medicaid Services (CMS) 56

Chapter 3: RESEARCH METHODOLOGY……………………… 74

Grounded Theory Model……………………………………… 74

Study population for survey…………………………… 76

Literature Coding Results……………………………………. 82

Survey Results ………………………………………………. 83