Professional Documents
Culture Documents
Sara Small
Mt St Mary's College
ACKNOWLEDGMENT
Thank you to Dr Mark Alhanati, Dr Janet Robinson, Dr. Peter Antoniou and to Katherine
Whitman for the honor of participating in the first MBA Cohort at Mount St Mary’s College. This
creative and dynamic curriculum has provided a wealth of experience and knowledge within a unique
and stimulating learning environment. The MBA program allowed me to return to the classroom after
a 33 year hiatus and also afforded me the opportunity to experience my first international trip!
The successful completion of this thesis would not have been possible without the help and
support from my faculty advisor, Dr. David Burkitt. His advice, guidance and direction allowed me
to remain focused and on track during the short time frame allowed for the completion of this thesis.
His academic and professional career experience was invaluable. Thank you, David for helping me
Finally, my thanks to my husband, Ben who provided constant assistance and domestic
support that enabled me to spend countless hours away from home working with other students,
completing projects and studying. Ben’s encouragement to pursue my studies often pushed his loyal
support to the limits! The completion of this degree would not have been possible without his
Abstract
SMALL, S.P., The 2009 Health Information Technology Act-True Financial Incentives- or
More Government Control? Master of Business Administration, Mount St. Mary’s College,
December 2009.
medical errors as well as costs, paperwork, time and redundancy. In addition to creating and
maintaining medical records electronically, linking those records through interoperable data
exchange is seen as a primary requirement toward increasing the efficiency and safety of care
delivery. Interoperability is viewed as a solution that will allow providers in any location instant
There are significant challenges facing Health Information Technology and electronic health
records, including structural, technical, financial and social/cultural issues. Although none of these
represent insurmountable barriers, they all require viable solutions. To promote adoption of these
technologies, the federal government has passed legislation designed to move toward their goal of
creating an electronic health record for each person in the United States by 2014.
The purpose of this qualitative study of the 2009 Health Information Technology Act is to
determine if Hospital Chief Executive Officers perceive the financial incentives as a welcome
opportunity to modernize their information management systems, or is a basis for the Government to
increase their control of healthcare. A grounded theory model was utilized to analyze the results from
List of Tables
Table 15: The ARRA is in reality the outline for total government control…… 89
GLOSSARY OF TERMS
E H R. Electronic Health Record- health related information for an individual that can be accessed
by more than one health care organization.
EHNAC. Electronic Healthcare Network Accreditation Commission
EMC. Electronic Medical Claim
EMR. Electronic Medical Record – synonymous with Electronic Patient Record (EPR), and
Computerized Patient Record (CPR). Patient health record of services within one health care
organization
EMTALA. Emergency Medical Treatment and Labor Act. This act requires hospitals to provide
emergency treatment to individuals, regardless of insurance status or their ability to pay.
FACA. Federal Advisory Committee Act
FALSE CLAIMS ACT. Act which allows individuals to file a complaint against an entity that files
false claims for medical care to the Government.
FAST. Federal Adoption of Standards for Health IT.
FDA. Food and Drug Administration
FEA. Federal Enterprise Architecture
FFP. Federal Financial Participation
FHA. Federal Health Architecture
FHIPR. Federal Health Information Planning and Reporting
FHISE. Federal Health Information Sharing Environment
FHITSOP. Federal Health IT Standards Organization Participation
FSS. Federal Security Strategy
FSWG. Federal Security Work Group
FTF. Federal Transition Framework
Functionality. Systems that can support the activities and perform the functions for which they were
intended.
GAO. Government Accounting Office
HCFA. Health Care Finance Agency, responsible for oversight of the U.S. Medicare Program
HI. Health Information
HIE. Health Information Exchange
HEDIS. Health Plan Employer Data and Information Set (Measures managed care program
performance indicators)
HIMSS. Health Information Management Systems Society
HIO. Health Information Organization
HIPAA. Healthcare Insurance Portability and Accountability Act of 1996 (Public Law 104-191)
The 2009 Health Information Technology Act viii
TABLE OF CONTENTS
Page
ACKNOWLEDGMENT . . . . . . . . . . . . . . . . . . . . . . . . …….. . . . . . . . iv
ABSTRACT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . … . . . . . . . . . v
LIST OF TABLES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . … .. . . . vi
Chapter 1: INTRODUCTION. . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . 4
Civil Rights……………………………………………….. 26
Information Management…………………………………. 29
State Medicaid………………………………………….. 60
Costs…………………………………………………………. 64
Savings………………………………………………………….. 65
Benefits…………………………………………………………. 66
Barriers………………………………………………………….. 69
Privacy Concerns……………………………………………….. 72
Data Sources…………………………………..……………… 76
Literature Review…………………………….……….. 78
Data Collection………………………………………………. 79
Data Analysis…………………………….……………..……. 80
Chapter 4: ANALYSIS…………………………..……………… 82
References…………………………………………………………….. 103
Appendix
Chapter 1
INTRODUCTION
that refers to the generation, storage, and transmission of electronic health information.
Information management is central to the healthcare system, and HIT-EHR is widely viewed as
the necessary step to bring healthcare into the 21st century. It is argued that HIT-EHR will reduce
overall healthcare costs, improve quality, and increase efficiency throughout the healthcare
system. However many are still skeptical as to its real impact given the substantial investment
To put this in context, U.S. healthcare spending was $2.1 trillion in 2006, and at least
$250 billion in California. U.S. spending is projected to grow to $4 trillion by 2015, with direct
administrative costs accounting for more than 7 percent of the total U.S. health spending.
However, when the administrative costs of hospitals and doctors are added to those of insurers
and Government, the administrative costs are estimated to be 31 percent of total health care
spending. These administrative costs are estimated to be 30 to 70 percent higher than in other
countries that also have mixed public-private systems (Department of Health, 2009).
The leading nations in adopting HIT-EHR, such as Britain and New Zealand, have
achieved 98 percent participation by primary care physicians. In the United States about 28
percent of primary care physicians use HIT-EHRs and less than 20% of hospitals (The
The 2009 Health Information Technology Act 5
Commonwealth Fund, 2009). Other sectors of the U.S. economy (for example, banking) have
successfully digitalized their operations, but healthcare has been slow to make the transition.
While the development and wide-scale use of HIT-EHR has experienced obstacles, it is gaining
For decades, hospitals and other medical service providers have been enticed by the
prospect of establishing electronic health record systems to improve the efficiency of their
medical care and reduce medical errors. Automating the health record process has the potential to
provide a host of benefits, most notably by reducing medical errors. For example, as many as
98,000 Americans die each year as a result of preventable medical records (Taylor, 2005).
Electronic medical record systems could significantly reduce this number. A much cited 2005
Rand Corp (Rand 2005) study of the use of medical record automation found that a savings of
$77 billion annually could be realized. However, it is widely believed that the cost of
implementing electronic health records systems is responsible for low adoption rates (Rand,
2005).
The United States health care system is at risk due to increasing demand, spiraling costs,
inconsistent and poor quality of care, and inefficient, poorly coordinated care systems. Some
evidence suggests that health information technology can improve the efficiency, cost
effectiveness, quality, and safety of medical care delivery by making best practice guidelines and
patient records available throughout a health care network (The Markle Foundation, 2009).
However, much of the evidence is based on a small number of systems developed at academic
medical centers, or studies using mixed models to project organizational changes, costs, and the
The 2009 Health Information Technology Act 6
time required for implementation (Hillestad, 2005).. Definitive information regarding the true
value of systems is not widely identified within the literature. (Price Waterhouse, 2009).
Most medical records are still stored on paper which means that they cannot be used to
coordinate care, routinely measure quality or reduce medical errors. It is important to understand
the barriers to implementation of these technologies. Most often, capital cost is cited as an
impediment to adoption of medical information technology; however, the story grows more
complicated in the framework of the complex American health care system where government
sources pay for the majority of health care services (Acker, 2004). One Commentator has noted:
“most HIT-enabled savings go to insurers and patients, while most adoption and care
improvement costs are borne by providers” (Ferman, 2006). Thus, it would seem that the
than the financial burden. Additional barries include a lack of standards, ill defined certification
requirements, privacy concerns, and lack of clarity regarding the anticipated government
regulations (Garrido, 2004). To address the financial burden, the federal government has recently
offered a solution in the form of public funding, grants and payment incentives. The law creates
two key concepts to determine whether providers qualify for the HIT incentives: they must
demonstrate “meaningful use” of HIT and use a “qualified or certified” E H R (AHHR, 2009).
The formal definition of “meaningful use” has yet to be defined. The overarching Nationwide
goals of HIT investments are to improve healthcare quality, reduce growth in costs, stimulate
innovation, and protect privacy (Health Information, 2009). However, there remains concern
regarding the lack of standards, incomplete defining of “meaningful use and the qualifications of
The 2009 Health Information Technology Act 7
“certified” records. This ambiguity puts resources at risk and has the potential to leave healthcare
minefield.
Regulations impose a considerable burden on the U.S. healthcare system. Some of these
include EMTALA (Emergency Medical Treatment and Labor Act), HIPAA (Health Insurance
Portability and Accountability Act), Charity Care, hospital conversion regulations, limited
English proficiency requirements, fraud and abuse reporting requirements, False Claims Act,
Medicare and Medicaid antifraud statutes, Stark I and II laws, medical record regulations,
regulations and quality related regulations to name a few. Hospitals bear considerable expense to
insure compliance with these types of regulations, which adds a significant financial burden to an
The first known medical record was developed by Hippocrates, in the fifth century B.C.
• A medical record should indicate the probable cause of disease (NIH, 2005).
These goals are still appropriate. Electronic health record systems can also provide
additional functionality, such as interactive alerts to clinicians, interactive flow sheets, and
tailored order sets, all of which cannot be done with paper-based systems (Amatayakul, 2005).
The first EHRs began to appear in the 1960s. “By 1965, Summerfield and Empey reported that at
least 73 hospitals and clinical information projects and 28 projects for storage and retrieval of
The 2009 Health Information Technology Act 8
Many of today’s EHRs are based on the pioneering work done in academic medical
centers and for major government clinical care organizations. These early projects had
significant technical and programmatic issues, including non-standard vocabularies and system
interfaces, which remain implementation challenges today. But they led the way, and many of the
ideas they pioneered (and some of the technology, such as the MUMPS language) are still used today
(NIH, 2005).
Problem Statement
1. Will the advantage of accessing the stimulus money be perceived as a true benefit,
2. Is the goal of the stimulus plan intended to simply motivate health care
To further develop the understanding of the question, the American Recovery and
Reconciliation Act of 2009, introduces much needed financial incentives for implementing an
electronic medical record, but it also adds significant regulatory requirements, as well as extends
the oversight of the government into new areas of the healthcare delivery system. Over the past
decade, HIT has been a voluntary initiative for healthcare providers. The ARRA is a federal law
that identifies increased funding and regulations with stricter privacy laws and more onerous
fines. The Office of the National Coordinator (ONC) is granted broad new powers and an
The 2009 Health Information Technology Act 9
records are intended to allow healthcare providers to improve the quality of care, decrease costs
and improve patient safety within a framework that allows all providers to jointly share and
The very low levels of adoption of electronic health records in U.S. hospitals suggest that
policymakers face substantial obstacles to the achievement of healthcare performance goals that
depend on health information technology. The federal stimulus bill promises billions of dollars in
incentive payments to doctors and hospitals that buy and use the systems, with penalties starting
in 2015 for those who don't make the switch (Beatty, 2009). In the hospital setting, the Chief
Executive Officer is traditionally the “decision maker.” What impact has the ARRA had on their
decision to implement (or not) an electronic medical record system? Is the role of the
government within the healthcare setting appropriate? What is the perception of these executives
regarding the impact of the financial stimulus for adoption and use of Health Information
Technology by the federal government? These are the questions this study will review and
answer.
The 2009 Health Information Technology Act 10
CHAPTER 2
Current State
U.S. health care providers make minimal use of HIT compared to other health systems in
the industrialized world. Per a white paper published by The Commonwealth Fund in 2009: 17%
of U.S. Physicians and 8-10% of U.S. Hospitals have at least a basic electronic health record. In
most European countries, as well as New Zealand and Australia 80-100% of primary care
physicians have electronic healthcare records (EHRs) (The Commonwealth Fund, 2009).
Healthcare is among the least automated industries in the nation. Studies have estimated
that the healthcare industry as a whole is almost 20 years behind the rest of the nation’s
(Blumethal, 2009).
According to the Centers for Disease Control (CDC, 2007 ), 29.2% of physicians said
they use full or partial clinical EHRs, however only 4% said they used a fully functional record
system ( Hing, 2007). The majority of the research indicates that very few hospitals have a
comprehensive electronic system for recording clinical information and only a small minority
have even a basic system. However, many institutions have parts of an electronic-records system
in place, suggesting that policy interventions could increase the prevalence of electronic health
records in U.S. hospitals faster than our low adoption levels might suggest (HIMSS, 2009).
The 2009 Health Information Technology Act 11
• The rules that specify how to send information back and forth,
• Legal business rules in place to guide organizations in order for them to exchange
data,
• The ability to allow patient medical records to be shared or moved about in the
system.
Table 1
Health IT is moving from a voluntary initiative over the past decade to a highly regulated
The 2009 Health Information Technology Act 12
one with new rule-making government committees, stricter privacy laws and more onerous fines.
With billions in new funding and government regulations, the health IT market should quickly
expand far beyond the provider segment, providing new opportunities for health plans,
and, (depending on the definition used), between 8 and 12% of hospitals have a basic electronic-
records system. The official definition requires the system to include the presence of
functionalities for physicians' notes and nursing assessments. Information systems in more than
90% of U.S. hospitals do not even meet the requirement for this type of basic electronic-records
The majority of U.S. hospitals are in the early stages of EMR transformation (AHA,
2007). Although levels of adoption of electronic health records are low, various components that
underlie electronic record systems have been widely implemented. A sizable proportion of
hospitals reported that laboratory and transcribed reports, radiological images (PACS),
medication lists, and some decision-support functions are available in electronic format
(American Hospital, 2007). Others reported that they plan to upgrade their information systems
On February 17, 2009, President Barack Obama signed into law the American Recovery
and Reinvestment Act of 2009, H.R. 1 (ARRA, 2009). More commonly referred to as ARRA or
the Recovery Act, this provides substantial financial incentives to assist providers with the
The 2009 Health Information Technology Act 13
purchase and implementation of HIT systems. In addition to assisting with financing, a key
element to the widespread adoption and use of HIT is the development of uniform electronic
standards that allow various systems to communicate with each other (American Medical
Association, 2009). ARRA requires the Department of Health and Human Services (HHS) to
The Recovery Act includes financial incentives and penalties to be paid through the
Medicare program with very specific time frames for implementation. In addition, ARRA,
includes over $20 billion to aid in the development of a robust IT infrastructure for healthcare
and to assist providers and other entities in adopting and using health IT. Total funding for health
IT is as follows:
• $1.5 billion for construction, renovation, and equipment for health centers through
• $1.1 billion for comparative effectiveness research within the Agency for
• $85 million for health IT, including tele-health services, within the Indian Health
Service,
Administration ,
Health, 2009).
The primary purpose of this Act is to stimulate the economy through investments in
With respect to healthcare, one of the goals is to reduce long-term costs by modernizing
The majority of the funds are incentive payments that will go to Medicaid and Medicare
providers that are able to demonstrate "meaningful use" of health information technology. The
requirements that define “meaningful use” have not yet been published. Providers that serve
patients from both programs will be required to choose one source of reimbursement only
(AHRQ, 2009).
Medicare: Eligible hospitals will receive a base funding of $2M with additional funds
provided according to a statutorily prescribed formula related to discharge data. The program
The 2009 Health Information Technology Act 15
Medicaid: The purpose of the 100 percent provider incentive payments to certain
eligible Medicaid providers is to encourage the adoption and meaningful use of certified EHR
While the incentive payments are expected to be used for certified EHR technology and
support services, including maintenance and training necessary for the adoption and operation of
such technology, the incentive payments are not direct reimbursement for such activities. They
are intended to serve as an incentive for eligible providers to adopt the use of “certified” EHR
Goal 2. Population Health Objective 2.1: Objective 2.2: Objective 2.3: Objective 2.4:
There is much debate as to the role that the federal government should play in the
promotion of HIT-EHR. Some argue that HIT-EHR development should be left completely to the
private sector. Middleton believes that the market has failed given the current state of HIT-EHR
widespread implementation ( Walker et al., 2005). Both Bower and Taylor, et al., suggest that
major government intervention is the only hope of success, in the form of subsidies, mandates,
According to a study by the Cato Institute (Conover, 2004), the burden of regulation in
the health care industry is staggering. The study provides a detailed analysis of the cost of
regulation in the health care sector, prior to the current slew of new agencies and regulations
recommended for implementation of the electronic medical record. This study (Conover, 2004)
identifies the cost of regulation of health facilities, health professionals, health insurance, drugs
and medical devices, and the medical tort system, including the costs of defensive medicine. The
calculations include a deduction of identifiable tangible benefits of regulation. With that said,
the estimate is considerable, amounting to $169.1 billion annually. The study suggests that the
cost of health service regulation outweighs benefits by a two to one cost. (Conover, 2004).
Table 3
GRAND TOTAL $47,683 $23,727 $360,475 $22,615 $25,421 $39,995 $25,068 100%
Subsequently, the ARRA has been signed. The Recovery Act includes significant funding
for the implementation and management of the incentive program as well as the ongoing support
for providers meeting the qualifications of a certified electronic medical record system, and
additional funding for the required regulatory reporting agencies. The new law requires the
Department of Health and Human Services, and the Office of the National Coordinator for
implementation specifications and certification criteria by December 31, 2009 (AMA, 2009).
The new regulatory requirements are a complex array of additional governmental layers.
When reading the following, consider the depth and comprehension level required to administer
a successful electronic system while complying with the regulations that are integrated into the
newly defined HITECH landscape. A clear understanding of all applicable laws and regulations
is a basic requirement for holding a position of leadership in a Hospital, particularly at the Chief
Health Information Technology for Economic and Clinical Health Act (HITECH)
On February 17, 2009 the American Recovery and Reinvestment Act of 2009 commonly
referred to as “the Stimulus Bill,” was signed into law by the federal government. Included in
this law is $19.2 Billion which is intended to be used to increase the use of Electronic Health
Records (EHR) by physicians and hospitals; this portion of the bill is called, the Health
Information Technology for Economic and Clinical Health Act, or HITECH Act. The
government firmly believes in the benefits of using electronic health records and is ready to
invest federal resources to proliferate its use. (Ways and Means, 2009).
The 2009 Health Information Technology Act 18
Meaningful Use
Two important elements have yet to be defined. This includes the official definition of
“meaningful use,” and the specifications required for becoming a “certified” electronic health
record (Health IT, 2009). The meaningful use workgroup of the HIT Policy Committee has
released its initial recommendations for a definition of "meaningful use" of electronic health
records. The definition is important because under the economic stimulus law, providers must
"meaningfully use" EHRs to receive financial incentives from Medicare and Medicaid (Health IT
Committee, 2009).
They include the initial recommendation of the functionalities that will be required by 2011
when incentive payments begin. "This is the beginning of a conversation that will continue for
some time," said David Blumenthal, M.D., the National Coordinator for Health Information
Technology, during a meeting of the HIT Policy Committee, a public-private advisory group.
Blumenthal added that "there is a long way to go" before a final definition of meaningful use is
achieved (Goedert,2009).
and outpatient care for EHRs in 2011. These include, among others:
• Send reminders to patients per their preference for preventive and follow-up-care,
information such as lab results, problem list, medication lists and allergies,
• Comply with federal and state privacy/security laws and the fair data sharing
The rules and regulations for meeting the requirements of a “certified” electronic health
record are still under discussion, with preliminary models identified for 2011 (Health IT, 2009).
The Certification Commission launched its updated and new 2011 Certification Programs on
Programs, the Commission also launched a more limited ARRA certification program(health
Information, 2009).
functionality, interoperability, and privacy and security criteria using the Commission’s
published methods. Products must be fully compliant. They must also meet or exceed
applicable proposed Federal standards for certified EHR technology to support the 2011-2012
incentives under the American Recovery and Reinvestment Act of 2009 (Health IT, 2009)
the definitions of meaningful use, criteria, and standards have been proposed but not yet finalized
unauthorized access to patient information. Under ARRA, even a brief unauthorized look at a
medical record can result in large monetary fines for individuals and facilities. Through a wide
range of provisions, Congress used ARRA as an attempt to increase patient trust that the
The Privacy Rule provides federal protections for personal health information held by
covered entities and gives patients an array of rights with respect to that information. At the same
time, the Privacy Rule is balanced so that it permits the disclosure of personal health information
(“Privacy Rule”) establishes, for the first time, a set of national standards for the
protection of certain health information. The U.S. Department of Health and Human
The 2009 Health Information Technology Act 21
Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health
Insurance Portability and Accountability Act of 1996 (“HIPAA”).1 The Privacy Rule
“covered entities,” as well as standards for individuals' privacy rights to understand and
control how their health information is used. Within HHS, the Office for Civil Rights
(“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect
to voluntary compliance activities and civil money penalties” (Department of Health and
The ARRA has tightened existing Privacy Rules to meet the demands of the electronic
Medical Record. The privacy and security of electronic health information must be ensured as
standard state privacy statute known as the Uniform Healthcare Information Act. The Act is
The Act sets forth stern penalties for noncompliance. Of great interest to third party
payers is the provision of many of the state statutes which deals with fraud and health care
The 2009 Health Information Technology Act 22
records. The statutes of some states prevent a provider from testifying for or against a patient
without the patient’s consent. These are called privileged communication statutes (National
Conference, 1985).
Data Breach
The data breach notification regulations are the first of the ARRA privacy provisions to
take effect. The Department of Health and Human Services(HHS), will oversee organizations
that qualify as covered entities and business associates under HIPAA. The Federal Trade
Commission (FTC) will oversee everyone else, including vendors of personal health records. The
law requires both HHS and the FTC to create and publish final interim regulations by August 16,
2009. The provisions become effective 30 days after publication (ARRA, 2009).
This section grants authority to mandate the use of standards for the electronic exchange
of healthcare data, to specify what medical and administrative code sets should be used within
ARRA requires healthcare facilities using EHR systems to provide patients with a fuller
accounting of disclosures, including disclosures for treatment purposes and other routine
healthcare operations. This is a significant change from the current HIPAA laws, which exempt
ARRA gives patients the right to prevent the disclosure of health data to their health
insurance plans if they paid for treatments out of their own pockets. EHR systems will have to
The 2009 Health Information Technology Act 23
Electronic Copies
ARRA requires any provider using an EHR system to produce an electronic copy of a
patient’s health record upon request. Under HIPAA, providers are required to give a copy of a
patient’s record in the format requested, but only if documents are “readily producible” in that
format. Many EHR systems in use are not up to that challenge (Appendix A).
ARRA has several provisions that extend HIPAA privacy, security, and administrative
that performs a function or activity on behalf of a covered entity, but is not a part of the covered
entity’s workforce. Covered entities must update their business associate agreements to
incorporate these new provisions. Among the changes, ARRA requires business associates to
respond to any privacy noncompliance on the part of the covered entities. Security breach,
restrictions and disclosures, sales of health information, consumer access, business associate
Improved Enforcement
The Recovery Act carries a number of items Congress lumped together as” improved
enforcement”. Many of these also relate to Section 1177(a) of the Social Security Act (42
U.S.C. 1320) which established the penalties as we currently know them (ARRA, 2009).
Increased penalties due to willful neglect is a violation for which the Secretary is required
to impose a penalty. For the penalty to be levied, the Secretary must formally investigate any
The 2009 Health Information Technology Act 24
violation due to willful neglect a penalty will be imposed. This change will apply to penalties
that occur more than 2 years after the enactment date. The Secretary is to publish final
regulations related to this requirement not later than 18 months after the ARRA enactment
(ARRA, 2009).
This provision calls for any civil monetary penalty (or monetary settlement collected with
respect to an offense punishable under ARRA privacy provisions or the Social Security Act
(HIPAA) to be transferred to the HHS Office of Civil Rights for the purpose of enforcing the
provisions of these ARRA provisions. The Government Accounting Office (GAO) is to submit a
report to the Secretary within 18 months of enactment, with recommendations for a methodology
under which an individual who is harmed by an act that constitutes an offense to the ARRA
provisions or HIPAA may receive a percentage of any civil monetary penalties or monetary
settlement collected. Then, within three years of enactment, the Secretary shall establish
regulations based on the GAO recommendations. The methodology will apply with respect to
civil monetary penalties or monetary settlements imposed on or after the effective date of the
The ARRA modifies the Social Security Act Penalties. In this case a tiered set of
Where there is a violation that it is established when the person did not
know (and by exercising reasonable diligence would not have known) that such
The 2009 Health Information Technology Act 25
person violated a provision, a penalty for each violation will be at least $100 for
Where there is a violation and the violation was due to reasonable cause
and not to willful neglect, a penalty for each such violation will be at least $1,000
for each violation, not to exceed $100,000 for each violation (ARRA, 2009).
Where there is a violation and violation was due to willful neglect: If the
violation is corrected, a penalty of $10,000 will be required for each violation, not
The principles of the Nationwide Privacy and Security Framework for Electronic
approach to address the privacy and security challenges related to electronic health information
exchange through a network for all persons, regardless of the legal framework that may apply to
Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human
Services to establish National Standards for the security of electronic health care information.
The final rule adopting HIPAA standards for security was published in the Federal Register on
February 20, 2003. This final rule specifies a series of administrative, technical, and physical
The 2009 Health Information Technology Act 26
security procedures for covered entities to use to assure the confidentiality of electronic protected
Civil Rights
While ARRA has not modified awardees’ civil rights obligations, which are referenced in
the HHS Grants Policy Statement, these obligations remain a requirement of Federal law.
Recipients and sub-recipients of ARRA funds or other federal financial assistance must comply
with Title VI of the Civil Rights Act of 1964 (prohibiting race, color, and national origin
Requires hospitals to validate that they protect patients from disability discrimination
(Rehabilitation, 1973).
Requires hospitals to insure that they prohibit sex discrimination in education and
training programs, discrimination on the basis of sex in Federally supported education programs
Prohibits hospitals from age discrimination in the provision of services (Age, 1975).
Titles VI and XVI of the Public Health Service Act require health facilities that received
certain Federal funds (“Hill-Burton” funds) to provide certain services to members of its
Section 542 of the Public Health Service Act, as amended, bars discrimination in
The first of more than 200 laws that constitute one of the world's most comprehensive
and effective networks of public health and consumer protections (Pure, 1906).
Among other provisions, the law authorized the FDA to demand evidence of safety for
new drugs, issue standards for food, and conduct factory inspections (FDA, 2009).
Inspired by the Thalidomide tragedy in Europe, this amendment strengthened the rules
for drug safety and required manufacturers to prove their drugs' effectiveness (FDA, 2009).
The law applied safety and effectiveness safeguards to new devices (FDA, 2009).
This law represents a very significant addition to FDA authority. Among the many
components of the law, the Prescription Drug User Fee Act (PDUFA) and the Medical Device
User Fee and Modernization Act (MDUFMA) have been reauthorized and expanded. These
programs will ensure that FDA staff has the additional resources needed to conduct the complex
and comprehensive reviews necessary to approve new drugs and devices (FDA, 2007).
The regulations in this part set forth the criteria under which the agency considers
records to be trustworthy, reliable, and generally equivalent to paper records and handwritten
The Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA),
identifies the final rules for Safe Harbor under the anti-kick back statute to protect certain
arrangements involving goods, items, services, donations, and loans provided by individuals and
entities to certain health centers that are funded under section 330 of the Public Health Service
Act. The goods, items, services, donations, or loans must contribute to the health center’s ability
avoid the costs and disruptions that may be associated with a Government-directed investigation
and with civil or administrative litigation. The Office of the Inspector General (OIG) verifies the
information contained in the provider's submission and evaluates the matter for potential fraud
issues.. While the OIG does not speak for the Department of Justice or other agencies, they are
2009).
The 2009 Health Information Technology Act 29
The American Recovery and Reinvestment Act of 2009 (Recovery Act) provides the
Office of Inspector General (OIG), with $17 million in funding for oversight and review. The
Recovery Act provided an additional $31,250,000 to the OIG for the purpose of ensuring the
proper expenditure of funds under Medicaid. OIG will assess whether HHS is using the $165.4
billion in Recovery Act funds in accordance with legal and administrative requirements and that
they are meeting the accountability objectives defined by the Office of Management and Budget
(OIG, 2009).
The ARRA , provides protections for certain individuals who make specified disclosures
relating to Recovery Act funds. Any non-federal employer receiving recovery funds is required
to post a notice of the rights and remedies provided under this section of the Act (OIG, 2009).
Information Management
The purpose is to increase access to health care, protect those in greatest need, create
jobs, expand educational opportunities, lay the groundwork for successful health reform, and
provide immediate relief to states and local communities. HHS has been entrusted with carefully
investing $167 billion of taxpayer’s funds for these purposes, and is committed to making every
The HHS Recovery Act lays a solid foundation for health reform, and makes a down
payment on the President’s “Zero to Five” plan of early care and education of children by
promoting access to health insurance and increasing the number of health care professionals
The 2009 Health Information Technology Act 30
through
healthcare,
communities,
individuals ,
This is a federal statue that allows individuals to request access to Federal agency
records, except to the extent records are protected from disclosure by the Freedom of
Every hospital that accepts payment for Medicare and Medicaid patients must comply
with the Center for Medicare and Medicaid Conditions of Participation. This regulation includes
specific instructions for hospitals as well as defining criteria and standards for medical records.
This includes the organization and staffing requirements for the medical records department, the
The 2009 Health Information Technology Act 31
standardized format and the retention requirements for the records. It also identifies each of the
specific types of documents that must be present, as well as the required content and
Federal laws relating to substance abuse records came into being due to the sensitivity of
such information. These special rules apply where the facility has any special substance
abuse care unit. General medical care is not affected. There are stern monetary penalties for non-
Specifically defines required standards for hospitals and healthcare organizations with
respect to the content of the medical record, including IM.2.20 –data integrity, IM.2.30 addresses
continuity and disaster recovery for both hard copy and electronic records, and a myriad of other
very specific requirements for organizations seeking accreditation. This accreditation process is
Specific portion of the United States Code that identifies requirements for public health,
social welfare, and civil rights. Specific requirements for hospitals and record keeping
by Section 3012 of the Public Health Service Act as amended by ARRA - will establish a
The 2009 Health Information Technology Act 32
facilitated by the national Health Information Technology Research Center. The Extension
Program will offer providers across the nation, technical assistance in the selection, acquisition,
implementation, and “ meaningful ” an EHR to improve health care quality and outcomes
The Medical Care Recovery Act provides that, when the government treats or
pays for the care of a military member, retiree, or dependent, it may recover its expenses
from any third party legally liable for the injury or disease. The key to understanding the
complexities of the FMCRA is to realize that the Federal Government operates one of the
Requirements, healthcare organizations may be subject to several federal laws that touch in some
way on privacy of health information. The Preamble to the Privacy Rule lists the following
applicable laws: Privacy Act of 1974, Family Educational Rights and Privacy Act, Freedom of
Information Act, Employee Retirement Income Security Act of 1974 (ERISA), Gramm-Leach-
Bliley Act, federally funded health programs regulations, Food, Drug and Cosmetic Act, Clinical
Laboratory Improvement Amendment, federal disability and non-discrimination laws, and U.S.
Safe Harbor Privacy Principles. In addition, many federal regulations require disclosure of
Defines the requirements that a record must have to meet the federal and state rules of
This plan brings together all HIT-EHR Federal efforts in a coordinated fashion, setting a
number of goals, objectives, and strategies. The goals include privacy and security,
interoperability, widespread adoption, and collaborative governance. The plan catalogs activities
Establishes a voluntary reporting system to enhance the data available to assess and
resolve patient safety and health care quality issues. To encourage the reporting and analysis of
medical errors, PSQIA provides Federal privilege and confidentiality protections for patient
safety information called patient safety work product. Patient safety work product includes
information collected and created during the reporting and analysis of patient safety events
Stark Laws
(OBRA 1989) which barred self-referrals for clinical laboratory services under the Medicare
program, effective January 1, 1992. This provision is known as "Stark I". The law included a
number of observers recommended extending the ban to other services and programs. The
Omnibus Budget Reconciliation Act of 1993 (OBRA 1993) expanded the restriction to a range of
The 2009 Health Information Technology Act 34
additional health services and applied it to both Medicare and Medicaid; this legislation, known
as "Stark II," also contained clarifications and modifications to the exceptions in the original law.
Minor technical corrections to these provisions were included in the Social Security
On August 1,2006 Health and Human Services (HHS) Secretary Mike Leavitt
announced the issuance of final regulations(published in the Federal Register on August 8, 2006)
creating new information technology exceptions under the Federal Stark law and safe harbors
under the Federal Anti-Kickback statute. The issuance of these regulations substantially increases
the ability of hospitals and other providers of Medicare and Medicaid services to donate
information technology to physicians without violating the Stark law or Anti-Kickback statute.
Market Value,
• Interoperability Requirement,
• Receipt of Items or Services Not Condition for Doing Business with Donor,
Under the EHR exception, perhaps the most significant change from the proposed
The 2009 Health Information Technology Act 35
regulations is a requirement that the physician pay 15% of the donor’s cost for the EHR items
and services, before receipt of the items and services (CMS, 2009).
The final information technology safe harbors under the Federal Anti-Kickback statute
are essentially identical to the information technology exceptions under the Federal Stark law. If
the Federal Stark law applies (because there is a financial relationship between a physician and a
provider of designated health services), any referral of a Medicare or Medicaid patients for
designated health services is prohibited, unless the referral falls within one of the Stark
exceptions. Only such referrals as qualify under one of the exceptions is permitted(CMS, 2009).
The Federal Anti-Kickback statute prohibits the offer, payment or receipt of any financial
inducement in exchange for the referral of Medicare or Medicaid patients. The safe harbors
provide immunity for arrangements that satisfy their requirements. The failure to qualify for a
In order to prevent or minimize the risk to a hospital’s tax-exempt status, the hospital
should be able to document and demonstrate the benefit which it or the community derives from
the donation arrangement. For example, it can be argued that providing information technology
items or services to physicians on its medical staff furthers the provision of safer and more
effective patient care and advances the overall health of the community served by the hospital.
The 2009 Health Information Technology Act 36
The issuance of the subject final regulations substantially increases the ability of hospitals
physicians without violating the Federal Stark law and the Federal Anti-Kickback statute. Such
arrangements will need to be carefully structured with appropriate agreements compliant with the
This federal law governs the behavior of federal advisory committees. Specifically, the
Act restricts the formation of committees to those that are deemed essential, limits their powers
to provision of advice to officers and agencies in the executive branch of the Federal
Government and also limits the length of their term (Federal Advisory Committee, 1994).
Multiple federal and state regulatory agencies play key roles in the implementation,
strategy and management of this program. The individual agencies and their role are outlined as
follows:
AHRQ is a significant funding source for research and development across the HIT-EHR
spectrum, with $166 million in grants and contracts specific to this effort. Funding is awarded to
collect HIT-EHR data and to stimulate investment in HIT-EHR products. The Agency for
Healthcare Research and Quality's mission is to improve the quality, safety, efficiency, and
effectiveness of healthcare for all Americans. Information from AHRQ's research helps people
make more informed decisions and improve the quality of healthcare services. AHRQ was
formerly known as the Agency for Health Care Policy and Research (AHRQ, 2009).
The 2009 Health Information Technology Act 37
chartered in 2005, to make recommendations to the Secretary of the U.S. Department of Health
and Human Services on how to accelerate the development and adoption of health information
compliance with the open rule-making process they are required to follow to obtain ANSI
accreditation. HIPAA prescribes that the standards mandated under it be developed by ANSI-
To improve and support state health departments’ capacity for rapid scale of healthcare
hospitals, targeted monitoring and investigation of the changing epidemiology. Also require
access to healthcare data and voluntary reports of hospital-related infections to the Centers for
CCHIT is a collaboration among three industry associations that are developing federal
certification criteria and an inspection process for HIT-EHR under a three-year contract awarded
in 2005 from HHS. Interoperability and security standards are central to certification. The
Commission to date has certified over 100 ambulatory and inpatient systems as meeting federal
This organization is the best-known funding source for regional HIT efforts (eHealth, 2009).
This organization tests transactions for consistency with the HIPAA requirements and
As directed in the American Recovery and Reinvestment Act of 2009, the Federal
Communications Commission will develop a national broadband plan and consult with the
Commerce, in consultation with the FCC and following Congressional notification, may transfer
The Federal Healthcare Architecture is responsible for ensuring that federal agencies can
seamlessly exchange health data between and among themselves, with state, tribal and local
interoperability architecture framework that provides a common vocabulary, simple tools and
The FDA will receive data from existing reporting systems regarding adverse events, as
The 2009 Health Information Technology Act 39
well as provide support and regulatory guidance for pharmaceuticals and medical devices. They
are responsible for regulations related to electronic signatures used in electronic medical records
Established in June 2006 by RTI International through a contract with the U.S.
Department of Health and Human Services, HISPC originally comprised 34 states and territories.
HISPC phase 3 began in April 2008, and now comprises 42 states and territories. This
organization’s goal is to address the privacy and security challenges presented by electronic
continues to have the support of its state or territorial governor and maintains a steering
committee and contact with a range of local stakeholders to ensure that developed solutions
A Federal Register Notice and Request for Comments has been published announcing
the draft description of the program for establishing regional extension centers to assist providers
seeking to adopt and become meaningful users of health information technology, as authorized
by the American Recovery and Reinvestment Act of 2009 (Health Information, 2009).
The ARRA provides that the HIT Policy Committee be created under the Federal
The 2009 Health Information Technology Act 40
Advisory Committee Act (FACA) and charged this committee with making recommendations to
the National Coordinator for Health Information Technology. They are responsible for the
development of a policy framework for the implementation and adoption of a nationwide health
information infrastructure, including standards for the exchange of patient medical information.
Among the areas for infrastructure standards, the Policy Committee is to consider:
• Technologies that protect the privacy of health information and promote security
information,
• To minimize the reluctance of patients to seek care (or disclose information about
health care provider, health plan, or healthcare clearing house (HIT Policy, 2009).
The ARRA requires the HIT Standards Committee be created under FACA and charged
The 2009 Health Information Technology Act 41
with making recommendations to the National Coordinator for Health Information Technology
on standards, implementation specifications, and certification criteria for the electronic exchange
and use of health information. Initially, the HIT Standards Committee will focus on the policies
This agency of the U.S. Department of Health and Human Services, is the principal
Federal Agency charged with increasing access to health care for those who are medically
This is a cooperative partnership between the public and private sectors. The Panel was
formed for the purpose of harmonizing and integrating standards that will meet clinical and
Federal and state agencies, accrediting bodies and other organizations collect data that
can provide insights into the causes of medical errors and strategies to increase patient safety, but
these separate sources of information are difficult to compare and analyze. In April 2001,
Secretary Thompson created the HHS Patient Safety Task Force to coordinate the efforts of these
various data-collection sources to promote more consistent, effective use of the information
Each federal agency has an Inspector General (IG) responsible for overseeing how
federal funds are spent and for working with the agency to minimize fraud, waste, and abuse. IGs
The 2009 Health Information Technology Act 42
for agencies who received Recovery Act funds are reviewing their stimulus spending to ensure
Recovery-related projects meet legal and administrative requirements. The IGs are also
reviewing their agencies administrative practices to ensure that effective controls are in place for
A federal organization within the CDC that collects, analyzes and distributes health care
statistics. The NCHS maintains the ICD-9 CM codes (National Center, 2009).
membership organization dedicated to improving health care through the collection, analysis,
promotes the availability of and access to health data, and encourages the use of data to make
informed decisions and guide the development of health policy. NAHDO provides information
information system, sponsors educational programs, provides assistance, and serves as a forum
to foster collaboration and the exchange of ideas and experiences among collectors and users of
The National Committee on Vital and Health Statistics was established by Congress to
serve as an advisory body to the Department of Health and Human Services on health data,
statistics and national health information policy. It fulfills important review and advisory
The 2009 Health Information Technology Act 43
functions relative to health data and statistical problems of national and international interest,
stimulates or conducts studies of such problems and makes proposals for improvement of the
Nation’s health statistics and information systems. In 1996, the Committee was restructured to
meet expanded responsibilities under the Health Insurance Portability and Accountability Act of
connect providers, consumers, and others involved in supporting health and healthcare (National
This organization accredits managed care plans or HMOs. Their role will expand to
include certification of those organizations to insure they are compliant with HIPAA
requirements. This organization maintains the (HEDIS) Health Employer Data and Information
This organization is chaired and hosted by the American Hospital Association. They
maintain the UB04 institutional billing form and the data element specifications for both the
hardcopy form and the electronic format. The NUBC has a formal consultative role under
HIPAA for all transactions affecting institutional healthcare services (National Uniform, 2009).
Responsible for the enforcement of Health Insurance Portability and Accountability Act
The mission of the Office of Inspector General (OIG), as mandated by Public Law 95-
452 (as amended), is to protect the integrity of Department of Health and Human Services
programs, as well as the health and welfare of the beneficiaries of those programs. Within this
capacity they maintain legal access to all health records throughout the United States (Office of
The Office of the National Coordinator for Health Information Technology (ONC)
The ONC serves as the resource for the entire health system to support the adoption of
health information technology for the promotion of nationwide health information exchange to
improve healthcare. ONC is organizationally located within the Office of the Secretary for the
U.S. Department of Health and Human Services. (Office of the Inspector, 2009).
ONC is the principal Federal entity charged with coordination of nationwide efforts to
implement and use the most advanced health information technology and the electronic exchange
of health information. The position of National Coordinator was created in 2004, through an
Executive Order, and legislatively mandated in the Health Information Technology for
Economic and Clinical Health Act [HITECH Act] of 2009. The Coordinator’s responsibilities
include: drafting HIT-EHR policy, establishing strategic action plans, and acting as a guiding
force in nationwide electronic healthcare record development (Office of the Inspector, 2009).
This Office will ensure that HHS fully implements the Act’s requirements. This includes
ensuring that programs are designed to meet the Recovery Act’s objectives, that reporting due
dates are met, performance outcomes are established and tracked, risks of fraud and abuse are
The 2009 Health Information Technology Act 45
mitigated, and that the public is kept informed through the Web and other means of
communication.
Once programs are in place, this office will be responsible for reporting, auditing, and
investigating for fraud and abuse; and protecting the confidentiality and integrity of HHS data
The Recovery Board oversees Recovery Act spending and prevents and detects fraud,
waste and mismanagement of the recovery fund expenditures (Recovery Board, 2009).
These are entities in which local healthcare providers and plans agree to communicate
health information over a standardized electronic network. It is estimated that there are between
100 and 200 RHIOs nationwide. They range in size from statewide structures to local city efforts
and are mainly funded by federal funds, regional providers, and philanthropic grants (Regional
Health, 2009).
The State Alliance was created through an HHS contract with the National Governors
Association (NGA) in 2006. The State Alliance for e-Health is a consensus-based, executive-
level body of state elected and appointed officials, formed to address the unique role state
governments can play in facilitating adoption of interoperable electronic HIE. It is also intended
to be a forum through which stakeholders can work together to identify new inter- and intrastate-
based policies and best practices and explore solutions to programmatic and legal issues related
and Education. The project’s main objective is to provide a forum for ONC to work with states
to ensure all health information exchange activities throughout the Unites States align. This is a
forum that enables ONC to disseminate information about the national agenda and for the states
based efforts to inform the federal government thereby enabling a nationwide alignment of all
To coordinate and manage the complexity of HHS’ role in the Recovery Act, HHS
established an Office of Recovery Act Coordination (United States Department of Health, 2009).
The Rural Development Broadband Program supports the expansion of broadband service in
rural areas through financing and grants to projects that provide access to high speed service to
facilitate economic development in locations without sufficient access to such service (USDA,
2009)
Veterans Administration
To provide software development, staff, and associated supplies and equipment to support
implementation of the Post-9/11 GI Bill and to support upgrades to other VHA systems. The
VHA Office of Information also provides use of an electronic medical record through their demo
of health information technology (HIT) is one of the cornerstones of the overall healthcare
reform strategy in California. This includes implementation of interoperable HIE, key strategies
to achieve the goals of better health care outcomes, efficiencies in the delivery of healthcare, and
The California Health and Human Services Agency (CHHS) serves as the lead,
coordinating all HIE and HIT issues for the State. CHHS works with the State Chief Information
Officer (OCIO), the Department of Managed Care and the Transportation and Housing Agency
to oversee the State’s HIE and HIT related efforts (Wulsin, 2008).
Governance
transparency, buy-in and trust. Set goals, objectives and performance measures for the exchange
of health information that reflect consensus among the health care stakeholder groups, and
finalize requirements related to meaningful use criteria to be established by the Secretary through
• Ensure the coordination, integration, and alignment of efforts with Medicaid and
• Account for the flexibility needed to align with emerging nationwide HIE
Finance
Develop the capability to effectively manage funding necessary to implement the State
Strategic Plan. This should include establishing financial policies and implementing procedures
financing mechanisms for ongoing information exchange among health care providers and with
those offering services for patient engagement and information access (California HIE, 2009).
Technical Infrastructure
statewide HIE. While states may prioritize among these HIE services according to its needs, HIE
results) .
• Coordinate and align efforts to meet Medicaid and public health requirements for
Monitor and plan for remediation of the actual performance of HIE throughout the
state,
• Document how the HIE efforts within the state are enabling meaningful use
Legal/Policy
These issues include the identification and harmonization of the federal and state legal
and policy requirements that enable appropriate health information exchange services that will be
health information exchange services have appropriate safeguards in place and adhere to legal
and policy requirements that protect health information, thus engendering trust among HIE
Ensure policies and legal agreements needed to guide technical services prioritized by the
state are implemented and evaluated as a part of annual program evaluation (California HIE,
2009).
The EHR Loan Programs Workgroup seeks ways to provide capital to assist physicians
and hospitals purchase and upgrade certified electronic health records, and train staff and
personnel to become meaningful users of EHRs. They also will investigate how to provide
capital to support the secure exchange of health information. Finally the work group will
develop a business plan, sustainability model, ROI, underwriting and solvency requirements for
The REC work group aims to facilitate the purchase and meaningful use of electronic
health records by 85% of physicians and 55% of hospitals including 45% of critical access
hospitals by 2014 to meet Federal goals. It will also identify centers to provide services to
improve healthcare quality, safety and efficiency, including sharing and disseminating best
practices in health IT adoption and use. Finally, it will establish governance, operational,
business, and sustainability models for the REC that will meet the needs of the diverse group of
The RNT workgroup’s overarching goal is to innovate and apply technology to maximize
also seek to maximize the potential for stimulus funding for research meaningful to achieve
Finally the workgroup will establish a process for disseminating knowledge, technology,
education and training from Healthcare Information Enterprise Integration Research Consortium
The 2009 Health Information Technology Act 51
This work group will develop plans to ensure an ample and adequately trained workforce
exists to support broad dissemination of HIT to improve the quality and safety of healthcare. It
is also charged with the goal of expanding medical health informatics programs for healthcare
and IT students, with a preference for existing programs less than 6 months in length. Finally the
workgroup seeks to maximize federal stimulus funding payments to create and support the HIT
Broadband/Telehealth Workgroup
The purpose of this workgroup is to ensure that the State's Health IT and Exchange
Strategic Plan includes the critical issues of Broadband and Telehealth/Telemedicine services in
changed its name to the Office of Health Information Integrity (CalOHII). This change was made
to reflect the Office's expanding new role supporting the Health and Human Services Agency’s
The California Privacy and Security Advisory Board (CalPSAB) provides private and
public collaboration to address and coordinate health information exchange (HIE) privacy and
security efforts in California. The CalPSAB's four committees; Privacy, IT Security, Legal, and
Education will analyze issues, develop and evaluate the effectiveness of alternative solutions,
The 2009 Health Information Technology Act 52
and present recommendations to the CalPSAB. The CalPSAB will prioritize the work of the
committees, review and approve their recommendations, and present approved recommendations
for consideration by the Secretary of the California Health and Human Services Agency
The California Privacy and Security Advisory Board (CalPSAB) Security Committee will
develop and propose security standards for the protection of electronically exchanged health
information. The standards will define the level of protection healthcare entities and their
systems that exchange health information will require. The standards will also serve to provide
entities specific and clear guidance on the level of protection necessary for their information
systems that engage in electronic health information exchange. The Security Committee will
also address security practices and functions that may impede the progress of interoperable
electronic health information exchange (California Security, 2009). The Security Committee’s
exchange in California,
standards,
• Recommend security standards for California to the Privacy & Security Advisory
The California Privacy and Security Advisory Board (CalPSAB) Privacy Committee will
establish and maintain patient privacy standards for the exchange of health information
The California Privacy and Security Advisory Board (CalPSAB) Legal Committee
state and federal laws concerning privacy and security standards for the exchange of health
information and to recommend a legal structure to support the protection of individual privacy in
an electronic health exchange. The committee consists of attorneys and other individuals from a
broad spectrum of private and public entities and concerned community members (California
Privacy, 2009).
The California Privacy and Security Advisory Board (CalPSAB) Education Committee
will develop educational strategies for entities engaged in health information exchange (HIE).
Implementation of these strategies will increase understanding of how the standards work and
ultimately increase confidence in the HIE systems. The Committee’s work will provide a
framework for entities to develop their own educational strategies. The Committee will identify
educational opportunities and tools, and determine how to target stakeholder audiences with
to establish a Statewide Online On Demand Information Service that offers: a master patient
index, record locator service, e-Rx, and a query for medication history. The Service will include
an integration hub that has the ability to translate data across different EHR systems and an EHR
gateway, which will provide physician EHR systems with national lab data. CalRHIO is
collaborating with Hewlett Packard, Medicity, Perot Systems, EHR systems, and most recently
Cisco Systems, in order to build the $300 million structure. CalRHIO anticipates enabling
electronic access for providers and patients to 90 percent of Californians’ health information by
exchange for patients’ laboratory data, and is encouraging its statewide adoption. CHCF also
offers grants and technical assistance to providers interested in adopting the system.(California
On a local level, several communities around the state are attempting to develop
HIEs for their providers. Specific efforts include the Securing Health Access and Record
Exchange in Mendocino County and the Santa Cruz RHIO. The Santa Barbara County Care Data
Exchange, one of the first and most widely known HIEs in the United States, recently lost
funding from CHCF after eight years of development and was never fully implemented. A
common pitfall of grant-funded systems like the Santa Barbara Exchange is the inability to
become self sustainable within a restricted grant period. Long Beach recently received an HHS
award for an HIE trial called the Long Beach Network for Health (Health Management
Technology, 2009). The initial goal of this program is to link the Emergency Departments of five
Los Angeles metropolitan hospitals and to build a database of patients’ electronic records. Easier
The 2009 Health Information Technology Act 55
access to these hospital records is expected to substantially reduce emergency room wait times
Patient Privacy
State laws cover several areas related to privacy of health information. These include
various medical specialties and medical organizations (including requirements for record-
keeping and disclosure), access to medical records by patients, guardians and other interested
parties, reporting of information to the state and local authorities, for example, birth and death or
disease incidence, use of information for quality assurance and health care operations, issuance
of notices of privacy practices, and reporting and providing access to law enforcement
authorities. In recent years many states have also passed confidentiality laws related to specific
conditions or types of health information. Examples include laws related to mental health
The HIPAA legislation explicitly addresses interaction between federal and state law.
Generally, "covered entities" are required to comply with both HIPAA and state law whenever
possible. If it is not possible to comply with both, HIPAA preempts any contrary provision of
state law, including state law provisions that require written records rather than electronic ones
• prevention of fraud and abuse, or reporting on health care system operations and
costs,
• When a state law relates to reporting of disease or injury, child abuse, birth, or
• When a provision of state law is more stringent than the requirements of the
Medicare is the Federal health insurance program that covers most people age 65 and
older. Some younger people who are disabled or who have End-Stage Renal Disease (permanent
kidney failure) are also eligible for coverage. As the largest purchaser of healthcare in the United
States, there have been numerous calls for Medicare to invest in HIT-EHR. CMS recently
invested $150 million in HIT-EHR demonstration projects, and in June 2008 announced the
selection of twelve community partners to assist in this effort. Over a five-year period, the
project will give bonus payments to as many as 1,200 providers who use CCHIT certified HIT-
EHR products. It will provide financial incentives for improved quality of care through their use
of HIT-EHR. CMS encourages other private and public payers to offer similar financial
Table 4
Incentive payments are provided, beginning with October 2010, for eligible hospitals and
meaningful EHR user could receive up to four years of financial incentives payments, beginning
with fiscal year 2011. There will be no payments to hospitals that become meaningful EHR users
after 2015. The incentive payment for each eligible hospital would be calculated based on the
product of (1) an initial amount, (2) the Medicare share, and (3) a transition factor. The initial
amount is the sum of a $2 million base year amount plus a dollar amount based on the number of
discharges for each eligible hospital The Medicare share is a fraction based on estimated
Medicare fee-for-service and managed care inpatient bed days divided by estimated total
inpatient bed-days and modified by charges for charity care (CMS, 2009). The transition factor
The factor equals 1 for the first payment year, ¾ for the second payment year, ½ for the
third payment year, and ¼ for the fourth payment year, and zero thereafter. The Secretary has
discretion to use other data if the required data to calculate the incentive payment formula does
not exist.
The transition factor is modified for those eligible hospitals that first become meaningful
EHR users beginning in 2014. Such hospitals would receive payments as if they became
meaningful EHR users beginning in 2013 (for example, if a hospital were to begin EHR
meaningful use in 2014, the transition factor used for the year would be ¾ instead of 1, ½ for the
second year, ¼ for the third year, and zero thereafter ) (CMS, 2009).
The 2009 Health Information Technology Act 59
Table 5
Market Basket Adjustments for Hospitals that are not Meaningful Users
Eligible hospitals that are not meaningful users for a fiscal year would receive a net reduction of ¼, ½, and ¾ of the
market basket update that would apply in 2015, 2016, 2017 and thereafter, respectively (CMS, 2009). CMS defines a
answers the question of how much more or less it would cost, at a later time, to
purchase the same mix of goods and services that was purchased in a base period.
three steps. First, a base period is selected and total base period expenditures are
estimated for mutually exclusive and exhaustive spending categories based upon
type of expenditure. Then the proportion for total costs that each spending
The 2009 Health Information Technology Act 60
appropriate price/wage variable, called a price proxy. In the third and final step,
the price level for each spending category price proxy is multiplied by the
expenditure weight for that category. The sum of these products (that is, weights
multiplied by proxied index levels) for all cost categories yields the composite
Table 6
The Secretary of HHS may, on a case-by-case basis, exempt a hospital if requiring the
hospital to be a meaningful EHR user would result in a significant hardship Centers for Medicare
(2009).
State Medicaid
low-income Americans, including children, their parents, pregnant women, the elderly and
people with disabilities. Over the course of this fiscal year, some 51 million people who would
otherwise not have access to regular health care rely on Medicaid (Centers for Medicare and
Medicaid, 2009).
The 2009 Health Information Technology Act 61
Because Medicaid is a partnership, states and the Federal Government each have a role in
designing and paying for each state's program. While states have some flexibility in determining
what benefits they provide, who will be eligible and how much they will pay health care
providers, they must work within federal guidelines. In turn, the federal government pays a
portion of each state's Medicaid costs. These matching dollars are referred to as Federal Medical
The amount of FMAP a state gets is based upon the state's relative wealth, with lower per
capita income states receiving higher FMAP’s. Medicaid funding percentages can range from a
minimum of 50 percent of costs, to as high as 83 percent. (For FY2009, the highest state
matching rate is nearly 76 percent, for Mississippi). FMAP funding is adjusted incrementally
each year based on economic changes in the states, but Congress can increase funding across the
As part of the American Recovery and Reinvestment Act of 2009, Congress acted to
temporarily increase FMAP payments for all states during the current recession. Each state will
get a general 6.2 percent increase in its FMAP and States with relatively high growth in
unemployment rates will receive additional increases based on quarterly unemployment statistics
(Centers for Medicare, 2009). Funding increases will be in effect from FY 2009 until the first
quarter of FY 2011.
The Recovery Act establishes 100 percent Federal Financial Participation (FFP) for
States to provide incentive payments to eligible Medicaid providers to purchase, implement, and
operate (including support services and training for staff) certified EHR technology. It also
establishes 90 percent FFP for State administrative expenses related to carrying out this provision
The 2009 Health Information Technology Act 62
(CMS, 2009).
Certain classes of Medicaid professionals and hospitals are eligible for incentive
payments to encourage the adoption and use of certified EHR technology. Eligible
and physician assistants who are practicing in Federally Qualified Health Centers (FQHCs) or
Eligible professionals must meet minimum Medicaid patient volume percentages, and
must waive rights to duplicative Medicare EHR incentive payments. Eligible professionals may
receive up to 85 percent of the net average allowable costs for certified EHR technology,
including support and training (determined on the basis of studies that the Secretary will
undertake), up to a maximum level, and incentive payments are available for no more than a 6-
meaningful use of the EHR technology through a means approved by the State and acceptable to
the Secretary. In determining what is “meaningful use,” a State must ensure that populations
with unique needs, such as children, are addressed. A State may also require providers to report
clinical quality measures as part of the meaningful use demonstration. In addition, to the extent
specified by the Secretary, the EHR technology must be compatible with State or Federal
Table 7
Transition
Year Factor Factor x Cost Total
Year 1 1 1 x $5,000,000 $ 5,000,000.00
Year 2 3/4 3/4 x $5,000,000 $ 3,750,000.00
Year 3 1/2 1/2 x $5,000,000 $ 2,500,000.00
Year 4 1/4 1/4 x $5,000,000 $ 1,250,000.00
Total 4 year sum $ 12,500,000.00
OR
10% administrative fee for State match, including tracking of meaningful use
conducting oversight, and pursuing initiatives to encourage adoption.
The 2009 Health Information Technology Act 64
Eligible providers may not receive an incentive under both Medicare and Medicaid in a
given year. CMS and the States will develop means to prevent such duplicate payments. CMS
expects that the prevention of duplicative payments will be addressed more fully through notice
In addition to the incentive opportunities for providers, State Medicaid programs are
eligible for funding to administrate the incentive program. The rules and regulations for meeting
the qualifications for that funding are extensive as well as inordinately detailed. This information
Costs
A 2005 study focuses on the benefits and costs that would accrue to and be sustained as a
result of widespread adoption of HIT. The benefits of health information technology are clear in
theory, but adoption rates lag in the United States, and real statistical results have been limited
(Hilstead, 2005).
Rand researchers Federico Girosi et al., calculated a model which demonstrated a cost of
$98 billion for hospitals based upon a 90 percent national implementation of HIT-EHR over a
fifteen-year period. Using similar extrapolation data, the study estimated that a full-scale hospital
HIT-EHR system would cost between 1.8 percent and 3 percent of total yearly expenditures over
a four-year implementation period. This calculation equates to a national cost of $6.5 billion per
year, or $97.4 billion over a fifteen year time frame (Girosi et al, 2005).
Multiple researchers noted that providers are identified as bearing the majority of the cost
(including the direct software and hardware purchases, expenses associated with implementation,
The 2009 Health Information Technology Act 65
training, maintenance, and productivity recovery), while the insurers and patients reap most of
An increasing number of studies measure the value and cost effectiveness of CPOE,
EHR, bar coding, e-prescribing and other types of HIT. These reviews tend to focus on patient
safety improvements, financial benefits from quality and efficiency improvements, and the
development of a business case for HIT (Brown, 2005). These types of studies in particular, can
play an important role in supporting the adoption of financial incentive programs. In addition,
they emphasize the misalignment of costs and benefits among individual stakeholders adopting
technology and provide actuarial analyses and evidence for development of a business case and
ROI for HIT. There continues to be minimal information available regarding the real cost of
adoption within with the majority of research. In addition, they tend to use models incorporating
inordinately high (90-100%) implementation by providers within their models (Taylor, 2005).
According to a study by Christopher Conover for the Cato Institute, the cost of health
service regulations dwarf other costs imposed by government intervention in the health care
sector, and cannot be dismissed as a key factor in driving the cost of implementation of a
Savings
RAND researchers used empirical evidence to estimate potential cost savings from
$80 billion (following a hypothetical and optimist overnight 100% adoption rate) with an annual
mean savings of $40 billion over the next fifteen years. In-patient care accounts for roughly three
quarters of the savings These savings are attributable to reductions in length of stay and
The 2009 Health Information Technology Act 66
increased nurse and doctor productivity. These numbers are based exclusively on models built
with projected assumptions by these researchers, and not on any available real time data.
The Rand study estimates the healthcare savings through 2016, as a direct result of
increased productivity and compares it to other industries that converted to an electronic system.
increased productivity by four percent (equal to half of the telecommunication industry increase),
cumulative healthcare spending through 2016, would decrease by about $813 billion. The
cumulative potential efficiency savings by 2016 would be almost $468 billion for hospital
systems. In light of the high costs attributable to regulatory overlay, these savings seem overly
Benefits
The AHRQ funded a study to systematically review the benefits and costs of HIT-EHR in
order to better provide payers and providers with an understanding of its value. After an
extensive literature search of over 4,000 articles, the study ultimately utilized 257 articles to
2006). Southern California Evidence-Based Practice Center highlight five major themes
Quality
• Able to assist with identification of adverse drug events, examine their cause, and
day decrease) as well as hospital acquired infections (65 percent decrease from
decrease in hospital lengths-of-stay for these patients and a decrease in hospital costs per patient
from improved medication dosing (prescribed dosing within recommended range, centered on
Efficiency
Other researchers argue that increases in quality of care generally reduce utilization of
services thus benefiting insurers – without an effective payment reward system to physicians and
hospitals, due to a reduction in volume. It is unclear who will ultimately reap the cost savings
The 2009 Health Information Technology Act 68
benefits of HIT-EHR investments: the plan, the providers, or the ultimate payers (government,
HIT is seen by many as a pre requisite to improving quality of healthcare delivery and
containing costs in a $2.4 trillion health care economy. (Acker, 2004). Benefits identified by
• Making the cost and quality of health care services more transparent;
• Access to information;
Research also indicates that implementation will create a more efficient and convenient
delivery of care, without having to wait for the exchange of records or paperwork, and without
disease, with the potential to thereby improve outcomes and reduce costs and a reduction in
The 2009 Health Information Technology Act 69
adverse events through an improved understanding of each patient’s particular medical history,
metabolism or even genetic profile and likelihood of a positive or potentially harmful response to
allowing for more interaction with and transfer of information to patients, caregivers, and clinical
care coordinators and monitoring of patient care, increased public health monitoring and disease
Research predicts that the major gains from HIT will come from its potential to
effectively exchange health care information. Studies suggest that the overall business case for
HIT depends on the degree to which health data can be efficiently exchanged between different
computer systems. Without this capability, health data cannot follow patients as they obtain care
from different providers. Although broad scale use of HIT applications such as electronic health
records can provide direct benefits such as eliminating illegible handwriting,. EHR adoption
alone won’t ensure that digital health data can be exchanged (Amatayakul, 2005).
A growing body of literature has emerged that is focused on healthcare quality in the US
including the potential of HIT to reduce medical errors, improve patient safety, and improve the
overall quality of care. Many healthcare stakeholders view HIT as an integral part of the quality
Barriers
A variety of barriers to HIT adoption and quality improvements continue to persist in the
• Physician resistance,
Table 8
In addition, a significant increase in regulations, a lack of clarity regarding key issues, and
confusion over ownership of the medical record in a multi-system information exchange network
comprehensive quality improvements through the use of HIT. For example, over an extended
period of time, patients may use multiple providers or healthcare facilities in a variety of
providers and patients are unable to benefit from health information exchange and the resultant
Health care stakeholders are becoming increasingly aware that financial incentives may
help overcome some of these barriers to HIT adoption and promote improvements in quality.
However, despite evidence that is beginning to show a positive correlation between the use of
The 2009 Health Information Technology Act 71
external incentives (for example, bonus payments for improved quality outcomes, direct
compensation for HIT investments) and technology uptake in physicians’ offices (disease
registries, CPOE, e-prescribing), adoption of HIT incentive programs is not yet wide spread
(Hing, 2007).
For some, the investment is not worth the expense. In one survey of healthcare
information technology executives, 20% of respondents cited lack of adequate financial support
Physicians are skeptical of the value of EMRs. On the physician and provider side, there
are concerns about how information technology may affect the provider role and the disruption
to their workflow. Other concerns include the increased time needed to enter data and the
potential for a system to have limited usability at the point of care (Tanner, 2005).
Consumers are concerned about security breaches. Ensuring the security and privacy of
EMR systems remains a substantial challenge, one that will be central to continued system
adoption, as there is little doubt that improved system security will help drive automation (Cohen
2008).
Institutions have to make big changes in the way they do business. Transitioning to an
EMR system will require extensive changes in a healthcare organization’s business processes, as
well as in the computer hardware and software needed to support and run the EMR (Taylor,
2005).
Technical issues abound. The proprietary basis of many EMR products raises key issues
regarding the interoperability of systems, including the need for standard underlying reference
The 2009 Health Information Technology Act 72
vocabularies and presentation formats for clinical data. EMR adoption must be able to grow with
the information technology and healthcare environment, including new technologies such as
imaging techniques, web access, and personal health record support via the Internet (Stead,
2005).
Privacy Concerns
Privacy and security also are constant liabilities in the development of digitalized
personal health information. Shared data must be de-identified and encrypted in transit, then re-
identified for proper use by the receiver. Although information available on a network or
database can be secured, many still fear its vulnerability. Numerous federal and state
organizations are working to develop standards and best practices (AIS, 2009). The Health
Insurance Portability and Accountability Act (HIPAA) plays an important role. HIPAA
Transaction and Code Sets (TCS) standards are the security cornerstone of HIT-EHR systems
(HIPAA, 1996).
A study conducted by researchers at MIT and the University of Virginia, found that EMR
adoption is often slowest in states with strong regulations for safeguarding the privacy of medical
On average, the number of hospitals deploying EMR systems is as much as 30% lower in
states where healthcare providers are forced to comply with strong privacy laws than it was in
states with less stringent privacy requirements. The strict privacy rules often make it more
difficult and more expensive for hospitals to exchange and transfer patient information, thereby
The results of the research, which looked at EMR adoption in 19 states over a 10-year
period, suggests that there's a trade-off between achieving fast adoption of EMR technology and
strong health care privacy laws. "Policy-makers are going to have to choose how much EMR
adoption they want and at what cost to patient privacy" (Tucker, 2007).
Among the welcomed provisions in the ARRA, are those that require health care
organizations and professionals to implement better controls over who can access and share
different categories of medical information. Also seen as long overdue is a provision that
prohibits health care providers from selling protected health information in electronic medical
records and imposes limitations on the marketing of such data. Such requirements have been
considered long overdue in the health care sector. "However, if the end result of Obama's new
customization of privacy filters, then there is the potential for there to be a negative effect,"
(Tucker, 2007)..
If a state law allows only specific groups of people within an organization to access
specific kinds of medical information, a hospital might need to implement filters and access
controls to comply with the requirement. This customization can greatly add to the cost of
CHAPTER 3
RESEARCH METHODOLOGY
The design of this research was qualitative using the Grounded Theory Model. Grounded
theory is a strategy of inquiry in which the researcher derives a general, abstract theory of a
process, action, or interaction grounded in the views of participants. (Cresswell, 2009) This
model uses multiple stages of data collection. Data collection for this study, included surveys
This research method operates in a reverse fashion from traditional research. In lieu of
beginning by researching and developing a hypothesis, the first step is data collection, through a
variety of methods. From the data collected, the key points are marked with a series of codes,
which are extracted from the text. The codes are grouped into similar concepts in order to make
them more workable. From these concepts, categories are formed, which are the basis for the
creation of a theory.(Denzin, 1994). This contradicts the traditional model of research, where the
researcher chooses a theoretical framework, and only then applies this model to the study.
Grounded theory research looks for meaning and understanding to build an innovative
model. Data collection and sources are directed by the findings of the analyzed data, rather then
by specification prior to collecting data. The process involves a three part coding strategy:
1. Open Coding-the data is broken down and clustered into descriptive categories.
The 2009 Health Information Technology Act 75
2. Axial Coding: The descriptive categories identified in the open coding phase are
3. Selective Coding: Categories gradually evolve into a more specific order. (Glaser,
1995).
THEORY: A relationship model that usefully and pragmatically links diverse facts ( the
The theory must ultimately meet three criteria: it must (1) fit, (2) be relevant and (3)
The categories (elements) of the theory must (1) fit the data, the data can
A theory should be able to explain what happened, predict what will happen
gathering, observation, and literature review) direct the researcher to the next area of inquiry or
“Theoretical sampling is the process of data collection for generating theory whereby the analyst
jointly collects, codes, and analyzes his data and decides what data to collect next and where to
find them, in order to develop his theory as it emerges. This process of data collection is
controlled by the emerging theory. The initial decisions are not based on a preconceived
Data Sources
Study Population
Hospital Chief Executive Officers were chosen as the subjects to be queried via a survey.
This level of leadership was selected due to their position within the organizational structure.
Traditionally, the final decision making process (for example, whether the organization should
purchase an electronic medical record) traditionally resides at this leadership level. Chief
Executive Officers are in a unique position that requires an objective review and oversight of key
findings and information to insure they guide their organization in the best direction while
The survey included six questions related to demographic information. The purpose of
these questions was to validate the diversity of responses. The candidates were chosen through
“purposeful sampling.” “Purposeful sampling is a method of selecting participants for the study
who are identified as being expert informants who can help the researcher best understand the
research question” (Creswell, 2009). The sample size was determined as a result of the nature of
the grounded theory method, which does not require a large subject sample in order to generate a
theory. The subjects’ ages ranged from 40 to over 60. There were 29% female and 71% male
subjects.
The 2009 Health Information Technology Act 77
• All survey candidates were advised that their responses would remain
confidential.
• Subjects who participated were chosen when they responded to the survey.
• The subjects were either known to the researcher, or were recommended by peers
• Those subjects who responded self-reported that they matched the inclusion
criteria.
• Subjects work in the hospital setting, holding the position of Chief Executive
Officer.
responses to the survey questions were received directly by the researcher without any personal
identifying information. This was accomplished by sending the survey via U.S. mail, with a
return self addressed envelope enclosed. The survey did not request the name of the respondent
Consideration with respect to word choice was reviewed to insure that questions were
unambiguous and that respondents were able to read the questions smoothly. The length of the
survey was kept to a minimum to insure that respondents were able to complete their responses
as quickly as possible. Questions were developed to insure a clear response as well as to insure
that there was no implication of bias in the data gathering process. The questions were designed
to focus on formulating and categorizing key research questions regarding the perception of the
government’s role in the implementation of an electronic medical record and the value of the
The 2009 Health Information Technology Act 78
The design of the survey was based on findings identified in the literature review. The
survey was developed within the context of achieving my research goals. In keeping with that
• Demographic information
medical record
Literature Review
Literature pertinent to the emerging themes in the qualitative data ( for example,
government regulation of electronic medical records and related fields) was sampled, as well.
The “traditional” literature review that is typical of health services research papers becomes a
part of the data collection in a grounded theory study. This approach is valuable to the generation
of theory because it “…transcends, organizes, and synthesizes large numbers of existing studies”
(Glaser, 1992,p. 34). In addition, grounded theorists recommend distancing oneself from
predefined problems and concerns found in the literature when beginning a grounded theory
study (Glaser, 1998). Although it is important to know the literature well enough to define a
research question, a researcher must maintain openness throughout the data gathering phase of
Grounded theory research contrasts with quantitative inquiries in that there is no review
of the literature in the area of the study before data collection. The rationale for this argument is
to avoid biasing the investigators’ attempts to develop concepts and ideas from the data that
The 2009 Health Information Technology Act 79
actually fit the data. Selective sampling of the literature is recommended and generally follows
or takes place concurrently with data analysis. As theory begins to emerge, researchers carry out
a literature review to learn what has been published about the emerging concepts (Creswell,
2009).
Data Collection
The data collection was separated into three parts. The first was a comprehensive review
of the literature related to all components of the ARRA and its anticipated impact on the
implementation of an electronic medical record in the hospital setting. This was conducted via
open coding. This form identifies concepts and theories, allowing for an identification of key
issues.
The next form of data collection was through the development of a survey to be
submitted to hospital chief executive officers. This survey was developed based upon axial
coding of the issues and theories that were identified in the literature review. The questions were
close ended. Surveys were distributed to Hospital Chief Executive Officers, due to their
leadership and decision making role in the hospital setting. Each subject was asked to respond to
a series of questions concerning the government's role in the implementation and development of
The first section of the survey included demographic information: age, number of years
in the field, the tax status of their facility, and the current status of their healthcare organization
with respect to implementation of an electronic medical record. There were six questions related
to demographic information.
The second part of the survey included specific questions that were developed as an
The 2009 Health Information Technology Act 80
outcome of the literature review. These questions emerged from the readings in the literature as
well as the open coding model. The survey was submitted to the Mount St. Mary’s College
The researcher developed a set of initial questions which were then discussed and refined
by the thesis advisor. The responses to the survey were reviewed and prioritized based upon a
Data Analysis
Building a theory from data using the grounded theory method includes a tactic proposed
by Glaser and Strauss (Glaser, 1967) called the Constant Comparative Method. This is a process
in which data is “broken down, conceptualized, and put back together in new ways” (Strauss &
Corbin, 1990b, p. 57). The literature was initially reviewed using open coding. This method
involves identifying, naming, categorizing and describing phenomena found in the text.
Essentially, each line, sentence and paragraph is read with an intent to answer the repeated
The initial review of the literature resulted in the identification of basic categories. This
was accomplished by identifying topics, key phrases and concept, giving each distinct idea or
incident a name. All similar ideas or incidents were given the same name as every concept was
categorized into an exclusive and distinct group. The analysis of the text from the survey
After the initial concepts were discovered and categorized, the second level of analysis,
known as axial coding, was used to determine the relationship between categories and the
conditions that gave rise to it. The topic study is traditionally identified through this form of
The 2009 Health Information Technology Act 81
coding (Creswell, 2009). It provides for an opportunity to obtain a deeper understanding of the
generic relationships. Finally, selective coding is used. This allows the researcher to analyze the
results to identify and draw conclusions based upon the information gleaned (Denzin, 1994).
Some of the tools that were used to aid in this process were 3” by 5” lined index cards, a
number of different colored highlight pens, post-it-notes and a memo process to differentiate the
concepts. Survey results were put into an excel spreadsheet, with the responses calculated
statistically to identify trends. A theoretical notation process was used which utilizes a post- it-
note to identify anything found in the text or codes that relates to the literature. The final theory
Chapter 4
Analysis
This purpose of this study of the 2009 Health Information Technology Act is to determine
if the incentives are perceived as intrusive or manipulative to health care provider’s business
modernize their information management systems and transform the care they deliver.
The open coding of the literature revealed the following topics and categories:
Table 9
Literature Review Open Coding Model
Identified Topics
Source: Appendix B
The 2009 Health Information Technology Act 83
Survey Results
The identified theories and topics revealed by the literature were used to develop the
survey questions. Closed- ended questions were used in the survey. Closed-ended questions
have a finite set of answers from which the respondent chooses. The benefit of closed-ended
questions is that they are easy to standardize and data gathered lends itself to statistical analysis.
Closed-ended questions also allow the respondent to complete the survey quickly which insured
that the imposition was kept to a minimum. The closed ended questions used on the survey and
Table 10
Agree 53%
Strongly Disagree 4%
96% of the responses to this survey question affirmed that government regulations in
place today create barriers for hospitals to treat their patients. This question validates the degree
to which hospital leadership perceives the regulations as a negative burden in the delivery of
The 2009 Health Information Technology Act 84
patient care. Health care organizations must provide services to patients while remaining
compliant with a vast array of regulations. In addition, they are focused on improving efficiency
and reducing costs while insuring they meet all of the regulatory standards. Healthcare
organizations must be engaged in strategic thinking about how they will be positioned to meet
Table 11
Agree 66%
Strongly Disagree 4%
Ninety Six percent of respondents agreed that the ARRA adds even more layers of
bureaucratic regulations and costs. This is a significant concern during the current economic
recession which is creating financial challenges for hospitals. Although historically hospitals
have been recession proof, this is not the case in 2009. This is due primarily to the downturn in
the market and the adverse impact on hospital’s bond ratings and borrowing capacity. The
The 2009 Health Information Technology Act 85
recession has caused decreased operating margins, decreases in cash, declines in patient revenues
and investment loses. The cost for hospital’s to meet regulatory requirements is significant. The
goals outlined in the ARRA will add additional expense to hospitals as they work toward meeting
Table 12
Agree 57%
Although the legal definition of a “certified” electronic medical record is not yet
complete, 91% of the respondents agree that implementation of an electronic medical record
within the required time frame will benefit their financial health. This is a valid answer given the
financial incentives ($2 Million for base year, and up to $12 million based upon individual
facility Medicare patient volumes). In addition, failure to complete the implementation within
that time frame will result in financial penalties of up to $3 million per year by 2015.
Organizations that treat Medicare and / or Medicaid patients that are not compliant will suffer
The 2009 Health Information Technology Act 86
financial penalties. In general, hospitals face financial gain through incentive payments, but face
a significant negative impact on their financial health through penalties should they fail to meet
the required deadlines. Regardless of the ultimate components identified within certification, it is
in the financial best interest of all health care organizations to meet the deadlines.
Table 13
Identification of required standards for all aspects of the electronic
Health care record should be the responsibility of the federal government.
The information architecture that has been outlined as a goal in ARRA is to facilitate the
sharing of patient information among providers, payers and others. The federal government
organizations that freely exchange information. The ability to meet this goal requires
standardized code sets . 68% of the respondents to this survey believe this should be done at the
Federal Government level. This will ultimately need to be recognized by non-government payers
as well, which would in all likelihood require further federal legislation. Organizations that have
a system in place may be in a vulnerable position if their existing system does not meet these
Table 14
Uniform standards defining clinical care protocols should become a
national model identified by the federal government as a component of the
“certified” electronic medical record.
Clinical Protocols are a series of action items for a particular patient based explicitly upon
that patient’s medical record. Clinical Protocols are sometimes referred to as treatment guidelines
and are based upon accepted standards of care. The protocols typically are displayed to a
physician during the charting process within the EMR and optimally offer a physician the choice
between applicable options or may identify an alert based upon the patient’s condition. The use
of standardized protocols will reduce medical risks and afford much better care for patients.
When these standards are designed correctly, it affords the physician a tremendous edge when it
comes to patient care. It improves the quality of care and minimizes errors.
In the past, historical knowledge was passed on through experience and hands-on training
in medical education programs. Today evidence-based decision support, high quality literature
studies and clinical practice guidelines are seen as the most comprehensive method to
disseminate information. Physicians in general prefer not to use this type of a template, and there
remains much controversy over which clinical standards should be certified, and who should be
Eighty-one percent of the respondents indicated that the uniform clinical model should be
specified by the Federal Government. Opponents believe that the standards should be designed
by clinical care givers based on research outcomes and accepted standards of practice within
each medical sub-specialty. The Federal Government will spend $1.1 Billion to create the
Federal Coordinating Council for Comparative Effectiveness Research. This council will
provide advice to the federal government about the value of various medical treatments.
According to the summary featured in a discussion draft to the bill,” interventions that are found
to be less effective and in some cases more expensive will no longer be prescribed.” (Tanner,
2009). The HHS website further identifies the roll of this council:
The responses were evenly balanced between Strongly Agree (24%) and Strongly
Disagree (24 % ). The varied responses may be reflective of either the lack of specific
knowledge regarding the requirements for an electronic medical record, or the preference to
provide a standardized framework for the delivery of care. There is a significant level of concern
among healthcare providers that relying on the government to identify these standards puts the
decisions into a strictly financially driven model, rather than a utilizing the results from strong
methodologies identified through the analysis of medical evidence research and clinical trials.
The 2009 Health Information Technology Act 89
Table 15:
The ARRA is in reality the outline for total government control of the
Health care delivery system in the United States.
52% of the responses strongly disagreed with this statement that the purpose of
the ARRA is an outline for total government control of healthcare. The response is inconsistent
with the answers outlined in Table 10 and 11 in which hospital leadership see government
regulations as excessive and that the ARRA adds increased layers of bureaucratic regulations.
Based upon the current heavily regulated healthcare environment, coupled with a lack of clarity
on many of the requirements, my expectation would have been a marked increase in strongly
agree responses.
Table 16
The stimulus money outlined in ARRA is a benefit that has caused us
to implement an electronic healthcare system in a shorter time frame than
originally planned,.
81% indicated that they initiated their E H R process in a shorter time frame due
to the financial incentives outlined in the incentive package. In light of the amounts available to
hospitals, I would expect this to be 100% strongly agreed, however the receipt of the incentive
dollars does not necessarily align with the financial outlay required to install a system. Access to
capital may still be a reason for delay, as well as some of the more common barriers to
Table 17
The government requirements and regulations outlined for a “certified”
EMR are appropriate
The regulations continue to change and are not yet finalized. It is anticipated that the
published criteria will be further adjusted to meet the final 2011 “meaningful use” objectives
required by the U.S. Dept of Health and Human Services to qualify for ARRA funding. Many of
the E H Rs in place today may not meet those requirements. At present there are approximately
17 in-patient hospital electronic medical record systems that are certified ( see Appendix F). The
(A) includes patient demographic and clinical health information, such as medical
(iii) to capture and query information relevant to health care quality; and
81% of the respondents to this question agreed that the requirements for achieving
“certification” of their electronic medical records by the Federal Government are appropriate.
Table 18
The increased regulatory agencies required to implement and monitor
the HIT initiatives add layers of unnecessary government expense
A significant component of the funds assigned to ARRA for electronic medical records
is to support various regulatory agency activity. Ninety percent of responses indicated that this
agencies is of concern in light of the current economic recession, coupled with the
Table 19
E H R will make it easier for organizations to be compliant with the new
security and privacy regulations.
The new privacy and security regulations will add significant administrative requirements
to hospital organizations. In addition to traditional patient privacy requirements, they will now
need to track and record all types of entities that access a patient record. This includes users that
are allowed to access the record under existing laws. This is an extraordinary burden that would
not be possible without an electronic system. In light of the changes to these laws, the response
of 90% to the question is appropriate. Electronic records will allow organizations to more readily
Table 20
Linking the patient healthcare records of our organization into a
regional or national database will adversely impact the financial health of our
organization through decreased reimbursement
The ability to link health care records into any type of a national database does not yet
exist. Studies show that improving documentation, which is driven by standards built within an
which is filtered through the clinical standards defined within the electronic medical record,
decreases costs. Whether linking of the patient records in a national database will impact
reimbursement, is not known. Studies indicate that utilization of an electronic medical record
increases reimbursement for hospitals. Although 53% of the respondents agreed that they
anticipated decreased reimbursement, in general they may not be familiar with this detail. This is
Table 21
Government penalties for failing to implement an electronic health
record that meets all the requirements by 2015 is not realistic.
Transitioning to an electronic medical record system that meets all the requirements is not
an application that can be purchased off the shelf and installed immediately. This is an
inordinately difficult process for any healthcare organization. The benefits and barriers have been
previously identified. Although the objective is appropriate, the vast number of hospital systems
that are not utilizing electronic medical record systems further impacts the ability of the industry
to meet the goals and deadlines identified in this time frame. This coupled with the number of
“certified” systems and the ability of those vendors to provide the requisite goods and services
76% of the respondents to the survey question agreed that the deadline was not realistic.
Demographics
Table 22
Respondent Location:
Nevada 9% Arizona 5%
Illinois 5% Tennessee 5%
Arizona 5% Washing 5%
additional regulations due to the bipartisan nature of the state legislature. In light of their
typically larger portion of government payer case mix the response rate is somewhat indicative
of that dependence.
Table 23
Number of years in this occupation:
The majority of respondents have extensive experience in the healthcare industry which
is expected given the qualifications required for this position. The lengthy tenure in this industry
has exposed them to multiple economic downturns as well as participating in an industry that
has undergone significant changes due to technology. Their experience is significant with respect
Table 24
Respondents Gender
Female 29%
Male 71%
Although 78% of the workforce in health care is women they remain under representing
in executive leadership positions. The gender breakdown for this survey is higher than national
estimates, which report that 12% of hospital chief executive officers are women.
Table 25
41.50 14%
51-60 62%
The age range is expected given the number of years of experience in the industry
identified by the prior question.
Table 26
In light of the increased regulatory reporting requirements for non profit organizations, I
would have expected a stronger level of concern from these respondents regarding the question
that the ARRA is an opportunity for the Federal Government to take ownership of the healthcare
system. The response to many of the questions in light of their tax status is all the more
interesting.
Table 27
CHAPTER 5
CONCLUSION
The ARRA introduces much needed financial incentives for implementing an electronic
medical record, but it also adds significant regulatory requirements, as well as extends the
oversight of the government into new areas of the healthcare delivery system. Although the
incentive payments will not match the costs, hospitals will adopt the required technology to
maintain their financial health. This is primarily the result of the anticipated penalties outlined
for organizations that do not implement a certified E H R within the required time frame.
Within a grounded theory study, theory is shaped by the data as the information is
analyzed and categorized. The intent of modeling the data sources is to identify a theory or
result. To return to the initial questions stated previously for this study, “ will the advantage of
accessing the stimulus money be perceived as a true benefit, or will the increased regulations for
health care providers be another barrier that prevents adoption?” All respondents indicated that
they agreed that excessive government regulations have created a formidable barrier for their
organization and their ability to treat patients. In addition, they agreed that the increased
regulatory agencies required to implement and monitor the HIT initiatives add layers of
Based upon the results of the study, the perception of hospital leaders is that the stimulus
money is a true benefit. For a facility that treats Medicare and Medicaid patients,
driver of behavior, as hospital leadership insures that the appropriate infrastructure is in place to
provide services to this patient population The stimulus monies motivated 81% of the
respondents to implement EHRs in a shorter time frame- but was not the reason for the
implementation. The perception of hospital leadership is that the incentive payments are a
welcome benefit.
An additional purpose of the study was to determine if the perception of hospital leaders
was that the goal of the stimulus plan is in reality an attempt by the federal government to
increase their control over health care services. In spite of the agreement by respondents that the
ARRA adds increased regulation to an already over-burdened system (96%), the majority (81%)
agreed that the requirements and regulations outlined for a “certified” E M R are appropriate
responsibility of the federal government, while 81% also agreed that the federal government
should also be responsible for defining the clinical care protocols of an electronic record. In
addition, the perception of the respondents is that the ARRA is not an outline for increased
The establishment of clinical care standards is a contentious issue between providers and
payers. One argument is that standards cannot be defined because each patient is unique, the
variables are often complex and that the deductive reasoning and creative process leads to a
successful diagnosis and treatment. On the other side, formal standards define a set of
expectations that are known in advance. This standardized road map reduces liability and cost.
To date the development of clinical standards has not been widely defined, and is currently based
The 2009 Health Information Technology Act 100
upon the choices of individual providers or healthcare organizations. Physician groups contend
that the standards should not be defined by any payer, government or otherwise. This is due to a
concern that standards will be financially driven in lieu of appropriate clinical methodologies
based upon evidence based research. The respondents had previously agreed that health care is
over regulated, and yet the majority also agrees that this additional task should be added to the
Finally, regarding their perception that the ARRA is in reality the outline for total
government control of the healthcare delivery system in the United States, only 14% strongly
agreed, 38% agreed, and 52% disagreed strongly with that statement. The response to this
question is in contrast to the overall general ratings of the other questions. The increased
regulations and additional expense allotted to new regulatory agencies would seem to indicate
that the Federal Government is usurping additional control over the healthcare delivery system.
The American Recovery and Reinvestment Act of 2009 contains 407 pages of rules,
regulations, and restrictions and increased government spending. The stated intent is to:
State and local fiscal stabilization, for the fiscal year ending September 30,
Is the goal of the healthcare portion of the stimulus plan intended to simply motivate
of government run healthcare services? The perception of healthcare leaders is that the plan is as
stated, a motivator for health care organizations to transition to an electronic healthcare system
The 2009 Health Information Technology Act 101
that is defined by the Federal Government, but not controlled by the Federal Government.
Medicare and Medicaid represent approximately 60% of the patient population receiving
services in U.S. hospitals. These organizations impose a financial burden placed on healthcare
organizations to meet the regulatory requirements coupled with a disparity in payment amounts
benchmarks and goals used to measure the effectiveness of a Hospital Chief Executive Officer
electronic and clinical, provide hospital leaders with a very clear black and white roadmap. This
format will allow them to more clearly identify which services they will get paid for, how much
they will get paid, and what the requirements are. Although this view is contrary to that of other
stakeholders, the identified perception of hospital Chief Executive Officers aligns with their role
within the organization and provides them with an opportunity to improve their leadership role
Discussions of healthcare costs traditionally place the blame on the shoulders of those
that provide care. In reality the cost of health services regulation outweigh the benefits by two-
to-one and cost the average household over $1,500.00 per year (Conover, 2004). These estimates
are based upon regulations in place prior to those identified in this study.
The current administration has determined that adding additional regulations and
regulatory agencies will provide the assistance necessary to dramatically reduce the financial
cost of healthcare. Today Americans are debating whether we ought to continue with a policy of
The 2009 Health Information Technology Act 102
greater government control over health care decisions, or should the control be returned back to
the consumer. At present, whoever controls the health care dollars will ultimately make the key
health care decisions. The government spends almost 50 cents out of every health care dollar
(Goodman, 2009). The concentration of economic power in healthcare resides with the
The incentives are sending the wrong message as are the potential penalties. The high
cost of health services regulation is responsible for more than seven million Americans lacking
health insurance (Conover, 2004). The focus should be on reduction of government agencies and
spending with respect to the elimination of excess cost of healthcare services at the State and
Federal level. This housecleaning and intensive review of monetary waste should be an urgent
References
Acker,B., Adams, D., Cole, K et al . (2004). The strategic importance of electronic health record
Age Discrimination Act of 1975. 42. U.S.C. Sections 6101-6107. (1975). Retrieved from:
http://www.dol.gov/oasam/regs/statutes/age_act.htm.
Agency for Healthcare Research and Quality .(2009). Overview of the American Recovery and
Reinvestment Act of 2009. Retrieved from U.S. Department of Health & Human Services:
http://www.ahrq.gove/fund/cefarra.htm.
AIS Compliance. (2009). Compliance risks grow with electronic medical record systems. AIS
http://www.aishealth.com/Compliance/ResearchTools/RMC_Compliance_Risks_EMRs.h
tml.
Agrawal, A.(2002). Return on investment analysis for a computerized-based patient record in the
outpatient clinic setting. Journal of the Association for Academic Minority Physicians.
(13:3);61-65.
Amatayakul, M., & Work, M. (2005). Best practices in electronic health records. [White paper].
http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_032055.pdf#page
%3D2
American College of Foot and Ankle Surgeons. (2009). Growing concerns as physicians move
The 2009 Health Information Technology Act 104
http://www.acfas.org/practicemang/bus-tech/emr-concerns.html.
http://www.google.com/search?
source=ig&hl=en&rlz=1R2TSHB_en&q=american+health+information+community&aq
=f&oq=&aqi=g2.
Reinvestment Act of 2009. , Public Law 111-5. March 2009. Retrieved from AHIMA:
http://ahima.org/dc/documents/AnalysisofARRAPrivacy-fin-3-2009a.pdf.
American Health Information Management Association. (2003). A vision of the e-HIM future.
http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_020477.pdf.
http://www.aha.org/aha/content/2007/pdf/070227-continuedprogress.pdf.
American Medical Association. (2009). H.R.1. the American Recovery and Reinvestment Act of
http://www.ama-assn.org/ama1/pub/upload/mm/399/arra-hit-provisions.pdf.
bin/getdoc.cgi?dbname=111_cong_bills&docid=f:h1enr.pdf.
Anderson, J. K., Handler, M., Matyas, D.E., Valiant, C. (2009). FY 2009 Inpatient prospective
payment final rules. Modifications to the Stark regulations. EBG Health Care & Life
%20FY%202009%20IPPS.pdf.
Asp, Lone & Petersen, Jan, A. (2003). Conceptual model for documentation of clinical
http://www.sst.dk/upload/papermie2003_asp013_dk.pdf.
Bass, C. F., & Johnson, N. (2008, August 1). Time to act on health it. The Washington Times,
health-it/.
Battani, J., & Zywiak, W. (2009). U.S. health care in the year 2015 [White paper]. Retrieved
from: http://www.csc.com/health_services/insights/31098-
us_health_care_in_the_year_2015.
Beatty, S. (2009). American Recovery and Reinvestment Act of 2009. Accenture. Retrieved from:
http://www.accenture.com/NR/rdonlyres/56154C60-642D-4AA9-9812-
073E054D3664/0/Accenture_Innovation_Center_Health_Public_Health_American_Reco
very_Reinvestment_Act.pdf.
Binder, C., Baumrucker, E. P., Grady, A., & Herz, E. J. (2009, February 12,). American Recovery
Blumethal, D. (2009). Stimulating the adoption of health information technology. The New
Brailer,D. (2004), Translating ideals for HIT into practice, Health Affairs (4:318).
Brailer, D. (2009). Economic stimulus package could impinge on Americans’ health privacy.
Brown, C. A., Bailey, J. H., Miller-Davis, M. E., Garrett, P., & Rudman, W. J. (2005, Fall).
http://www.hie.ca.gov/Workgroups/BroadbandTelehealth/tabid/71/Default.aspx.
http://www.chhs.ca.gov/initiatives/HealthInfoEx/Pages/EHRLoanFunds.aspx.
http://www.ohi.ca.gov/calohi/.
http://www.ohi.ca.gov/calohi/HIPAA/HIPAAInformationResources/WorkgroupsandCom
mittees/PrivacyandSecurityAdvisoryBoard.aspx.
California Privacy and Security Advisory Board Security Committee. (2009). Retrieved from:
http://74.125.155.132/search?
q=cache:xbl9KIA_HI8J:www.ohi.ca.gov/calohi/PSABWhatsNew/SecurityCommittee.aspx+calpsab+securi
ty+committee&cd=1&hl=en&ct=clnk&gl=us.
California Privacy and Security Advisory Board Privacy Committee. (2009). Retrieved from:
http://www.ohi.ca.gov/calohi/PSAB/PrivacyCommittee.aspx.
The 2009 Health Information Technology Act 107
California Healthcare Foundation. (2007). Implementing the ELINCS standard. Retrieved from
http://www.chcf.org/documents/chronicdisease/ImplementingTheELINCSStandardLesso
nsIB.pdf.
California HIE Cooperative Agreement Program. (2009, October 21). California Health
http://www.hie.ca.gov/LinkClick.aspx?fileticket=juCx5ppYLgM%3d&tabid=38.
http://www.calrhio.org/.
http://www.chhs.ca.gov/initiatives/HealthInfoEx/Documents/SUMMIT
%20DOCUMENTS/RNT%20Summit%20Presentation%20Draft%20071509_final.pdf.
http://www.chhs.ca.gov/INITIATIVES/HEALTHINFOEX/Pages/WorkforceDemand.aspx
Centers for Disease Control and Prevention. (2009). (CDC). Washington, DC: CDC. Retrieved
from: http://www.cdc.gov/.
Centers for Medicare and Medicaid Services (2009). Health Information Technology. Retrieved
from CMS: .
Centers for Medicare and Medicaid Services (2009) Security Standard Overview. Retrieved
from: http://www.cms.hhs.gov/SecurityStandard/.
Centers for Medicare and Medicaid Services. (2009). Medicare and Medicaid health information
technology: title IV of the American Recovery and Reinvestment Act [Fact sheet].
The 2009 Health Information Technology Act 108
http://www.cms.hhs.gov/apps/media/press/factsheet.asp?
Counter=3466&intNumPerPage=10&checkDate=&checkKey=&srchType=1&numDays
=3500&srchOpt=0&srchData=&keywordType=All&chkNewsType=6&intPage=&show
All=&pYear=&year=&desc=&cboOrder=date.
Centers for Medicare and Medicaid Services (2009). Title 42--Public Health , Chapter IV-Part
http://www.access.gpo.gov/nara/cfr/waisidx_04/42cfr482_04.html.
Centers for Medicare and Medicaid Services (2009). Stark laws and Physician self referral law.
http://www.cms.hhs.gov/PhysicianSelfReferral/Downloads/section_1877.pdf.
Centers for Medicare and Medicaid Services.( 2009). Market Basket Adjustments. Retrieved
from: http://www.cms.hhs.gov/MedicareProgramRatesStats/downloads/info.pdf.
Certification Commission for Health Information Technology. (2009, September 8). Certification
http://www.cchit.org/media/news/2009/09/certification-commission-launching-2011-
certification-programs-october.
Chaudhry,B., Wang, J., Wu, S., Maglion, M., Mojica, W. et al. ( 2006, May 16).
costs of medical care. Annals of Internal Medicine. vol. 144 no. 10 742-752. Retrieved
from: http://www.annals.org/content/144/10/742.abstract.
CMS. (2009, September 1). H.R. Doc. No. SMD#09-006 at 1 Center for Medicaid and State
The 2009 Health Information Technology Act 109
http://www.cms.hhs.gov/smdl/downloads/SMD090109.pdf.
Cohen, E. (2008, June 5). Your private health details may already be online. CNN. Retrieved
from http://www.cnn.com/2008/HEALTH/06/05/ep.online.records/index.html.
Conover, C. J. (2004, October 4,). Health care regulation: a $169 billion hidden tax. Cato
http://www.cato.org/pub_display.php?pub_id=2466
Denzin, N.K., & Lincoln, Y. S. (Eds.), (1994). Handbook of qualitative research (pp. 273–285).
Department of Health and Human Services. (2009). Overview of the American Recovery and
http://www.hhs.gov/recovery/overview/index.html.
Department of Health and Human Services. (2009). Accelerating the Adoption of Health Information
Department of Health and Human Services. (2009, September 19). Broad recovery goals).
<http://www.hhs.gov/recovery/reports/plans/index.html>.
Department of Health and Human Services. (2009). Patient Safety and Quality Improvement Act
http://www.hhs.gov/ocr/privacy/psa/regulation/index.html.
services/safety/topics/patient_safety/downloads/05_AHRQ_factsheet.pdf.
Department of Health and Human Services.(2003, May).Summary of the HIPAA Privacy Rule.
Retrieved from:
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf
Drumm, A. (2009). California Privacy and Security Advisory Board Education Committee Fact
http://www.ohi.ca.gov/calohi/Portals/0/files/doc/PSAB_EDComFactsheet.doc.
from :http://www.fda.gov/downloads/RegulatoryInformation/Guidances/ucm125125.pdf\.
Federal Advisory Committee Act.(1994). Federal Register. Pub.L. 92-463(5 U.S.C. App.)
http://www.dhhs.gov/fedhealtharch/index.html.
Federal Health IT Committee. (2009, August). Electronic Health Records Advancing 21st
http://www.hhs.gov/news/facts/20080131c.html.
National Coordinator for defining Meaningful Use Final- August 2009. Retrieved from:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10741_888532_0_0_18/FIN
AL%20MU%20RECOMMENDATIONS%20TABLE.pdf.
Federal Health IT Committee. (2008, June 3). The ONC-Coordinated Federal Health
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848084_0_0_18/HIT
StrategicPlanSummary508.pdf .
http://expertpages.com/federal/a8.htm.
http://www.fda.gov/AboutFDA/WhatWeDo/History/CentennialofFDA/default.htm.
Food and Drug Administration Amendments Act of 2007. (2007, September 27). Public Law
http://www.fda.gov/RegulatoryInformation/Legislation/FederalFoodDrugandCosmeticAc
tFDCAct/SignificantAmendmentstotheFDCAct/FoodandDrugAdministrationAmendment
sActof2007/FullTextofFDAAALaw/default.htm.
Food and Drug Administration. (2009). This week in FDA history- June20, 1963. Retrieved
from: http://www.fda.gov/AboutFDA/WhatWeDo/History/ThisWeek/ucm117831.htm.
Garrido, T., Raymond, B., Jamieson, L., Liang, L., & Wiesenthal, A. (2004). Making the business
The 2009 Health Information Technology Act 112
case for hospital information systems- a Kaiser Permanente investment decision. Journal
Giorgi, S. B. (2009). California Privacy and Security Advisory Board Legal Committee, Fact
https://s0001.ca.gov/calohi/docs/PSAB_LegalCommitteeFactSheet.doc.
Girosi, F., Meili, R., & Scoville, R. (2005). Extrapolating evidence of health information
technology savings and costs [White paper]. Retrieved from Rand Health:
http://www.rand.org/pubs/monographs/2005/RAND_MG410.pdf.
Glaser, B G.(ED) (1995). A Look at Grounded Theory: 1984 to 1994. Sociology Press(2), pp. 3-
17.
Glaser, J.P., & Phillips, M.T. (2003, September), Converting nonbelievers. Healthcare
http://www.providersedge.com/ehdocs/ehr_articles/Converting_Nonbelievers.pdf.
Goedert,J. (2009, June 16). First look at meaningful use. Health Data Management. Retrieved
from http://www.healthdatamanagement.com/news/meaningful_use-38487-1.html.
Goldstein, J. (2009, January 29). Stimulus boosts electronic health records. The Philadelphia
Inquirer, p. 47.
Goodman, J. C. (2001, April 30). Characteristics of an ideal health system. National Center for
http://www.ncpa.org/pub/st242/ .
Goodman, J. C. (2009, July 1). A prescription for American health care. USA Today, pp. 10-12.
Goodman, S. (2009). Electronic medical records: The promise and the reality. Physicians News
The 2009 Health Information Technology Act 113
promise-and-the-reality/html.
Hackbarth, G., & Milgate, K. (2005). Using quality incentives to drive physician adoption of
Halamka, J.(2009, May 19). The ONC ARRA implementation plan. HHS Recovery Website.
HealthLeaders Media (2007) 2007 Health leaders annual survey. Media Health Leaders.
http://www.ahrq.gov/data/datameet.htm.
http://www.himss.org/asp/topics_rhio.asp.
Health Information and Management Systems Society. (2009, April 21,). EHR Association
recommendations for ARRA meaningful user and EHR certification criteria for hospitals.
(HIMSS). Washington,D.C.
Health Information and Management Systems Society. (2009, July 1,). The American Recovery
and Reinvestment Act of 2009: summary of key health information technology provisions
Health Insurance Portability and Accountability Act of 1996 (1996, August 21). Public Law 204-
http://www.cms.hhs.gov/hipaageninfo/downloads/hipaalaw.pdf.
open=512&objID=1269&parentname=CommunityPage&parentid=5&mode=2.
http://www.rti.org/page.cfm?objectid=09E8D494-C491-42FC-BA13EAD1217245C0.
http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1269&parentname=CommunityPage&parentid=5&mode=2.
open=512&objID=1271&parentname=CommunityPage&parentid=6&mode=2.
Health Management Technology.(2009, August). EMR: one hospital that got it right. Health
Health Information Technology Policy Commission. (2009). Meaningful Use. Retrieved from:
http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1325&parentname=CommunityPage&parentid=15&mode=2&in_hi_u
serid=11113&cached=true.
Healy, B. (2009, February 17). Electronic medical records: will your privacy be safe?. US News
http://www:myemrstimulus.com/healthcare-electronic-records-technology-government-
fun.html.
Hillestad, R., Bigelow, J., Bower, A., Girosi, F Meili, R. et al. (2005). Can electronic medical
The 2009 Health Information Technology Act 115
record systems transform health care? Potential health benefits, savings, and
http://content.healthaffairs.org/cgi/content/abstract/24/5/1103.
HIMSS. (2009, March 13,). Health information technology in California: Current trends, future
HIMSS. (2003, November 6). HIMSS electronic health record definition model [White paper].
HIMSS Analytics. (2007). 2007 Annual report of the U.S. hospital IT market (HIMSS Analytics
http://www.himss.org/foundation/docs/2007AnnualReport.pdf.
HIMSS. (2003, November 6,). HIMSS Electronic health record definitional model. Retrieved
from : http://www.providersedge.com/ehdocs/ehr_articles/HIMSS_EMR_Definition_
Model_v1-0.pdf
HIMSS Analytics. (2006, January 26,). Electronic medical records vs. electronic health records:
http://www.himssanalytics.org/docs/wp_emr_ehr.pdf.
Hing, E.S., Burt, C.W., Woodwell, D.A. (2007, October 26). Electronic medical record use by
Jha, A. K., DesRoches, C. M., Campbell, E. G., Donelan, K., Rao, S. R., & Ferris, T. G. (2009).
Use of electronic health records in U.S. hospitals. The New England Journal of Medicine,
http://content.nejm.org/cgi/content/full/NEJMsa0900592.
Leavitt, M. (2009). A clearer path forward for health IT certification. EHR Decisions. Retrieved
from http://ehrdecisions.com.
Levinson, D.R. (2009). An open letter to health care providers. Department of Health and Human
http://oig.hhs.gov/fraud/docs/openletters/OpenLetter3-24-09.pdf.
Lieberman, T. (2009). What the stimulus package holds for health care. Columbia Journalism
hold.php?page.html.
Lindsay, F., & Sliepka, M. (2005). Successful care management: the new healthcare imperative
docid=149939&tag=col1;co-competitors.
Lohr, S. (2009, March 1,). Taking innovation beyond the ’aha’. The New York Times,
Meaningful Use Workgroup. (2009). Recommendations from the meaningful use workgroup to
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_11113_872720_0_0_8/Meani
ngful%20Use%20Preamble.pdf .
Medical Care Recovery Act . (2007, September 19). Title 32: National Defense. PART
757—Affirmative Claims Regulations Subpart B—Medical Care Recovery Act (MCRA)
Claims and Claims Asserted Pursuant to 10 U.S.C. 1095. [72 FR 53428, Sept. 19, 2007]
c=ecfr&sid=12f0d449db546981586a6bb5158dcb61&rgn=div6&view=text&node=32:5.1
The 2009 Health Information Technology Act 117
.1.5.29.2&idno=32.
Miller, A., & Tucker, C. (2007, January 8). Privacy protection and technology diffusion: The
Technology).
Monegain, B. (2009, March 12). HHS new office of recovery act coordination to oversee
http://www.healthcareitnews.com/news/hhs-new-office-recovery-act-coordination-
oversee-stimulus-money.
National Committee on Vital and Health Statistics. (2009). Retrieved from www.ncchs.hhs.gov/.
http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&cached=true&objID=1142.
National Institutes of Health. (2005, April) Electronic health record overview. National
http://www.ncbi.nlm.nih.gov/pubmed/10274535.
O’Brien, J.P. (2006, August). HHS announces new Federal Stark law exceptions. Client
47c3-84bc-53e46dd2aa7f/Presentation/PublicationAttachment/01625f8c-d2ed-4783-b2fb
66ab4f76305/hhs%20announces%20new%20federal%20stark%20law%20exceptions.pdf
open=512&mode=2&cached=true&objID=1142.
Office of Civil Rights.(2009). The HIPAA Privacy Rule and Electronic Health Information
http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/healthit/introduction.pdf
Office of Civil Rights.(2009). The HIPAA Privacy Rule’s Right of Access and Health Information
http://www.hhs.gov/ocr/privcy/hipaa/understading/special/healthit/eaccess.pdf
Office of the Inspector General.(2009). HHS Recovery Act oversight. Retrieved from:
http://oig.hhs.gov/recovery/.
Office of the Inspector General.(2006, August 8). Medicare and State health care programs:
fraud and abuse; safe harbors for certain electronic prescribing and electronic health
records arrangements under the anti-kickback statute; final rule. Department of Health
http://oig.hhs.gov/authorities/docs/06/OIG%20E-Prescribing%20Final%20Rule
%20080806.pdf
Office of the Inspector General.(2009). Whistleblower protections under the Recovery Act.
Section 1553 of Division A, Title XV of the American Recovery and Reinvestment Act of
Office of the National Coordinator for Health Information Technology .(2008 December 15).
The 2009 Health Information Technology Act 119
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/Nati
onwidePS_Framework-5.pdf.
Price Waterhouse Coopers. (2009, April). Rock and a hard place. Retrieved from Price
and-a-hard-place.jhtml.
Public Health Services Act, 2009.(2009, May 28). Federal Register: May 28, 2009 (Volume 74,
Number 101)][Notices] [Page 25550-25552] From the Federal Register Online via GPO
Pure Food and Drugs Act of 1906. (1906). United States Statutes at Large (59th Cong., Sess. I,
net.org/~hst203/documents/pure.html.
http://www.recovery.gov/About/board/Pages/TheBoard.aspx.
Rehabilitation Act of 1973. (1973). Public Law 93-112. 93rd Congress, H.R. 8070. September 26,
http://www.himss.org/asp/topics_rhio.asp.
Southern California Evidence-based Practice Center. (2006, April). Costs and benefits of health
http://www.ahrq.gov/downloads/pub/evidence/pdf/hitsyscosts/hitsys.pdf.
open=512&objID=1241&parentname=CommunityPage&parentid=1&mode=2&in_hi_us
erid=10741&cached=true.
State Level Health Information Exchange Consensus Project. (2009). Retrieved from:
http://www.slhie.org/.
Stead, W., Kelly, B.J., Koldner, R.M. (2005, March/April).Achievable steps toward building a
national health information infrastructure in the United States. Journal of the American
Strauss, A and Corbin, J. (1994) .Grounded Theory Methodology; an overview. In Denzin N.K
Substance Abuse and Mental Health Services Administration, Center for Substance Abuse
Treatment. (2004, June).The confidentiality of alcohol and drug abuse patient records
1.html.
Tanner, M. (2009, September 9). Halfway to where? answering the key questions of health care
reform. The Cato Institute. Policy Analysis no. 643 . Washington, DC: The Cato Institute.
Taylor, R., Bower, A., Girosi, F., Bigelow, J., Fonkych, K., & Hillestad, R. (2005). Promoting
health information technology: is there a case for more aggressive government action?.
http://content.healthaffairs.org/cgi/content/full/24/5/1234
Thakkar, M., & Davis, D. C. (2006) . Risks, barriers and benefits of EHR systems: a
comparative study based on size of hospital [White paper]. Retrieved from AHIMIA
website: http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_
031779.html.
The Advisory Board (2009, May 14,). Stimulus bill update: funding opportunities for hospitals
and health systems (The Advisory Board). Washington, DC: The Advisory Board.
The Commonwealth Fund. (2009, February). International survey: US slow to adopt health it
The Cleveland Clinic .(2009). It all starts with the electronic medical record. Retrieved from
The Dorenfest Institute. (2005). The financial systems hospital IT market, 1998-2005. Retrieved
http://www.jointcommission.org/Standards/.
The Markle Foundation. (2009). Achieving the health IT objectives of the American Recovery
and Reinvestment Act. A framework for ‘Meaningful Use’ and ‘Certified or Qualified’
E H R. The Markle Foundation. Connecting for Health. New York: The Markle
http://www.markle.org/downloadable_assets/20090430_meaningful_use.pdf
The Rand Corporation. (2005). Health information technology can HIT lower costs and improve
http://www.rand.org/pubs/research_briefs/RB9136/index1.html.
Title VI of the Civil Rights Act of 1964. (1964). 42 U.S.C. § 2000d et seq. Retrieved from:
http://www.justice.gov/crt/cor/coord/titlevi.php.
Title IX, Education Amendments of 1972. (1972). Title 20 U.S.C. Sections 1681-1688. Retrieved
from: http://www.dol.gov/oasam/regs/statutes/titleIX.htm.
United States Department of Justice. (2009). Freedom of Information Act. Retrieved from
http://www.justice.gov/oip/foia_guide09.htm
Unruh, B. (2009). Economic stimulus? feds want your medical records. World Net Daily.
Walker, J., Pan, E., Johnston, D., Adler-Milstein, J., Bates, D. W., & Middleton, B. (2005). The
value of health care information exchange and interoperability. Health Tracking, 5, 11-18.
Wangsness, L. (2009, January 1,). Letter highlights hurdles in digitizing health records specialists
tell Obama current systems flawed. The Boston Globe, ed. The Boston Globe
Ways and Means Committee. (2009, January 16). Title IV - Health Information Technology for
Economic and Clinical Health Act. Prepared by the Majority Staff of the Committees on
http://waysandmeans.house.gov/media/pdf/110/hit2.pdf.
Wulsin, L., & Doughtery, A. (2008). The HIT primer. (California Research Bureau). Sacramento,
http://www.library.ca.gov/crb/08/08-013.pdf
The 2009 Health Information Technology Act 123
APPENDIX A
The 2009 Health Information Technology Act 124
Appendix B
APPENDIX C
§ 412.73 Determination of the hospital-specific rate based on a Federal fiscal year 1982 base period
Determination of the hospital-specific rate for inpatient operating costs based on a Federal fiscal year 1987 base
§ 412.75 period
§ 412.76 Recovery of excess transition period payment amounts resulting from unlawful claims
Determination of the hospital-specific rate for inpt oper costs based on a Fed fiscal year 1987 base period costs
§ 412.77 for sole community hospitals based on a Fiscal fiscal year 1996 base period
Payment for Outlier Cases
§ 412.80 Outlier cases: General provisions.
§ 412.82 Payment for extended length-of-stay cases (day outliers).
§ 412.84 Payment for extraordinarily high-cost cases (cost outliers).
§ 412.86 Payment for extraordinarily high-cost day outliers.
§ 412.87 Additional payment for new medical services and technologies: General provisions
§ 412.88 Additional payment for new medical service or technology.
Payment Adjustment for Certain Replaced Devices
§ 412.89 Payment adjustment for certain replaced devices.
Special Treatment of Certain Facilities Under the Prospective
Payment System for Inpatient Operating Costs
§ 412.90 General rules.
§ 412.92 Special treatment: Sole community hospitals.
Payments to Hospitals Under the Prospective Payment System
§ 412.110 Total Medicare payment.
§ 412.112 Payments determined on a per case basis.
§ 412.113 Other payments.
§ 412.115 Additional payments.
§ 412.116 Method of payment.
§ 412.120 Reductions to total payments.
§ 412.125 Effect of change of ownership on payments under the prospective payment systems
§ 412.130 Retroactive adjustments for incorrectly excluded hospitals and uniits
Criteria and Conditions for Redesignation
§ 412.230 Criteria for an individual hospital seeking redesignation to another rural area or an urban area
PROSPECTIVE PAYMENT SYSTEMS FOR INPATIENT HOSPITAL SERVICES
§ 412.300 Scope of subpart and definition.
§ 412.302 Introduction to capital costs.
§ 412.304 Implementation of the capital prospective payment system.
Basic Methodology for Determining the Federal Rate for Capital- Related Costs
§ 412.308 Determining and updating the Federal rate.
Determination of Transition Period Payment Rates for Capital-Related Costs
§ 412.324 General description.
Prospective Payment System for Inpatient Hospital Services of Inpatient Psychiatric Facilities
§ 412.400 Basis and scope of subpart.
Prospective Payment System for Long-Term Care Hospitals
§ 412.500 Basis and scope of subpart.
§ 412.503 Definitions.
Rehabilitatiion Hospitals and Rehabilitation Unit Prospective Payment System
§ 412.600 Basis and scope of subpart.
§ 412.602 Definitions.
The 2009 Health Information Technology Act 130
APPENDIX D
Part A - Administration
• §300u-1 Grants and Contracts for Research Programs; Authority of Secretary; Review of Applications; Additional
Functions; Periodic Public Survey
• §300u-3 Grants and Contracts for Information Programs; Authority of Secretary; Particular Activities
The 2009 Health Information Technology Act 131
APPENDIX E
Meaningful Use Documents
• From ONC:
o In June 2009, ONC staff identified a subset of providers eligible for incentive payments who
were likely to have different needs of their EHRs than primary care providers (e.g.,
specialists and non-physician providers). ONC convened brief calls with representatives
from these provider groups to promote a better understanding of how EHRs and meaningful
use would impact their work.
• From CMS:
o Details for: Medicare and Medicaid Health Information Technology: Title IV of the American
Recovery and Reinvestment Act
Location:http://healthit.hhs.gov/portal/server.pt?
open=512&objID=1325&&PageID=16490&mode=2&in_hi_userid=11113&cached=true
The 2009 Health Information Technology Act 133
APPENDIX F
CPSI (Computer
CPSI System 16
Programs and 11/5/2007 11/5/2010 2007
Fully Certified
Systems), Inc.
MAGIC 5.6
MEDITECH 1/22/2008 1/22/2011 2007
Fully Certified
Prognosis Health
ChartAccess 1.0
Information 11/5/2007 11/5/2010 2007
Fully Certified
Systems
Appendix G
Survey
The attached survey is a component of my MBA thesis project for Mount St. Mary’s College in Los
Angeles, California. I would like to respectfully request no more than five minutes of your time to complete the
attached survey. As a health care executive, your experience is vital to the completion of this research project.
Your cooperation is of course voluntary, and will be kept confidential. All survey response data will be for
statistical purposes only. A copy of the findings is available to you upon request.
The thesis topic concerns the Obama administration funding via the American Recovery and Reinvestment
Act of 2009 (ARRA) to hospitals and ambulatory clinics to implement electronic medical record (EMR) solutions so
that the nation can better share and manage the health care information of its citizens. The purpose of this survey is
to investigate the perception of hospital executives about the impact of the financial stimulus for adoption and use of
Health Information Technology (HIT) by the federal government.
If you have any questions regarding this survey or the general research area, please feel free to contact my
advisor, David Burkitt, Phd., at Mount St Mary’s College, MBA Program. Email: dburkitt@aol.com.
Please return this survey via U.S. Mail in the enclosed envelope to:
Sara Small
St Johns Hospitals
Financial Services Building
2415 Antonio Avenue
Camarillo, California 93010-1414
Fax (818) 818-502-7709
Email: sara.small@chw.edu
The 2009 Health Information Technology Act 136
2. Which of the following best describes your health care organization’s tax status:
3. How many years have you worked in this occupation? (select one)
Less than 1 year 1-5 years 6-10 years
11-15 years 16-20 years over 20 years
SURVEY QUESTIONS
1. Excessive government regulations have created a formidable barrier for healthcare organizations and
providers to treat patients
2. The ARRA adds increased layers of bureaucratic regulation and cost to an industry that is already
over-regulated and suffering a severe economic crisis.
3. The ARRA is in reality the outline for total government control of the healthcare delivery system in the
United States.
4. Implementation of a “certified” electronic record within the time frame identified in the ARRA will
ultimately benefit the financial health of our organization
5. Identification of required standards for all aspects of the electronic health care record should be the
responsibility of the federal government
6. Uniform standards defining clinical care protocols should become a National model identified by the
federal government as a component of the “certified” electronic record.
7. The stimulus money outlined in ARRA is a benefit that has caused us to implement an electronic health
care system in a shorter time frame than originally planned.
8. The government requirements and regulations outlined for A “certified” EMR are appropriate
9. The increased regulatory agencies required to implement and monitor the Health Information Technology
initiatives add layers of unnecessary government expense
10. E H R will make it easier for organizations to be compliant with the new security and privacy regulations
11. Linking the patient healthcare records of our organization into a regional or national database will
adversely impact the financial health of our organization through decreased reimbursement
12. Government penalties for failing to implement an electronic health record that meets all the requirements
by 2015 is not realistic.
The 2009 Health Information Technology Act 138
APPENDIX H
November 2, 2009
Thank you for submitting your Application for Approval of Human Subjects Research entitled “MBA Thesis
Survey” to the Mount St. Mary's College Human Subjects Committee (HSC). The HSC appreciates the work you
and your Research Advisors, Dr. Burkitt have done on your protocol.
Following the Federal guidelines, the Human Subjects Committee of Mount St. Mary’s College has reviewed the
above-titled research project, as submitted in the Application for Approval of Human Subjects Research form. We
have determined that the policies for the protection of human subjects have been met.
On November 2, 2009 it was determined that your research study met criteria for EXPEDITED review under:
Title 45 CFR, Part 46.110 as it presents no more than minimal risk to participants and your protocol
meets the requirements of § 46.111(a) regarding minimal risk, risks are reasonable in relationship to the
benefits, selection of subjects is equitable, informed consent will be sought from each prospective subject,
informed consent will be appropriately documented, adequate provision for monitoring data collected
ensures the safety of subjects, and privacy and confidentiality are protected.
On November 2, 2009 it was also determined that your research study met Exempt status criteria under §45 CFR
46.101 (b)(2) or (b)(3) for Tests, Surveys, Interviews, or Public Behavior Observation in which the:
Information is recorded in such a manner that human subjects cannot be identified, directly or through
identifiers liked to the subjects; and disclosure of the responses outside the research does not place the
subjects at risk of criminal or civil liability; and is not damaging to the subjects’ financial standing,
employability or reputation.
Please note that your research must be conducted according to the proposal that was submitted to the HSC. Any
changes to the proposal which involve human subjects must be approved by the HSC prior to implementation.
Sincerely,