Dedicated to providing the latest
HIPAA compliance news

New Bill Aims to Change HIPAA Rules for Healthcare Clearinghouses

Share this article on:

A new bill (H.R. 4613) has been introduced to the U.S House of Representatives by Congresswoman Cathy McMorris Rodgers (R-Washington) that proposes changes to the Health Information Technology for Economic and Clinical Health (HITECH) Act and HIPAA Rules for healthcare clearinghouses.

The Ensuring Patient Access to Healthcare Records Act of 2017 is intended to modernize the role of healthcare clearinghouses in healthcare, promote access to and the leveraging of health information, and enhance treatment, quality improvement, research, public health and other functions.

Healthcare clearinghouses are entities that transform data from one format to another, converting non-standard data to standard data elements or vice versa. Healthcare clearinghouses are considered HIPAA-covered entities, although in some cases they can be business associates. The bill – Ensuring Patient Access to Healthcare Records Act of 2017 – would see all healthcare clearinghouses treated as covered entities.

Healthcare clearinghouses gather health data from a wide range of sources, therefore they could hold a complete set of records for each patient. If patients are allowed to obtain copies of their health records from healthcare clearinghouses, it could make it easier for patients treated by multiple providers to obtain a full set of their health records.

“Whether it’s because of a move to a new state, switching providers, an unexpected visit to the emergency room, or a new doctor, patients must track down their own records from numerous different sources based on what they can or cannot remember. It shouldn’t be this burdensome,” said Rodgers. “Our bill gives patients the ability to see a snapshot of their health records at just a simple request, allowing them to make better, more informed healthcare decisions in a timely manner.”

While the bill could improve data access for patients, it has been suggested that patients are unlikely to benefit. Healthcare clearinghouses may have longitudinal health records from multiple sources, but in many cases, they only have claims data rather than a full set of clinical data. Even if patients could be provided with copies, it may not prove to be particularly useful.

Patients can choose which healthcare providers they use, but since a healthcare clearinghouse is not chosen by patients, they are unlikely to know which healthcare clearinghouses actually hold their data. Patients rarely have any dealings with healthcare clearinghouses.

The bill would “allow the use of claims, eligibility, and payment data to produce reports, analyses, and presentations to benefit Medicare, and other similar health insurance programs, entities, researchers, and health care providers, to help develop cost saving approaches, standards, and reference materials and to support medical care and improved payment models.”

This is not the first time that the Ensuring Patient Access to Healthcare Records Act has been introduced. None of the previous versions of the bill have made it to the floor and have attracted considerable criticism. In his Healthcare Blog, Adrian Gropper, MD expressed concern over a previous version of the bill (Senate bill S.3530).

“Extending Covered Entity status to data brokers seems like a quantitative shift and possibly a benefit to patients. But the deceptive part is that unlike today’s Covered Entities (hospitals, pharmacies, and insurance companies), data brokers do not have to compete for the patient’s business,” said Gropper. “By giving the infrastructure business the right to use and sell our data without consent or even transparency, we are enabling a true panopticon – an inescapable surveillance system for our most valuable personal data.”

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On