Let’s hope the rules are published at least several days before the HIMSS Conference starts on Feb. 20 so attendees have time to go through the provisions before they arrive in Las Vegas.
HHS is sending a sizable contingent of officials to HIMSS to discuss Stage 2 and other health information technology and policy issues. I hope the feds aren’t planning on making a splash by releasing the rules during the conference. That means attendees won’t know enough about the rules to ask probing questions that will help them better understand and interpret provisions, and to give HHS officials an early idea of what kind of reception the proposed rules will get.
Simply put, it would be woefully unfair, and I think insulting to the industry, if the rules came at HIMSS when 30,000 people can’t drop everything and read them.
As Stage 2 nears, the industry still waits on a final omnibus HIPAA privacy/security/breach notification/enforcement rule three years after enactment of the HITECH Act. Really, three years.
A hope that this rule also would be available before HIMSS is fading. It’s pretty clear that HHS doesn’t want to talk about privacy and security at the conference. As of Feb. 2, chief privacy czar Susan McAndrew was not a scheduled speaker and HHS Office for Civil Rights Director Leon Rodriquez is scheduled to speak during the last day of the show when 80 to 90 percent of the crowd has gone home.
That’s not exactly putting privacy and security at the forefront, which consumers were promised when HITECH was passed. I don’t remember being promised that $27 billion in borrowed money that taxpayers are responsible for would be spent on unsecured EHRs. I remember a promise that a substantial acceleration of the digitizing of medical information would be accompanied by stringent protections of the data, and that promise simply hasn’t been kept.