Live from the National HIPAA Summit

Brian Mullins
Feb 03, 2012

Greetings from the Eighteenth National HIPAA Summit in Washington, DC! It’s turned out to be an interesting event pulling in an array of people as it is co-located with the National Health IT Summit for Government Leaders, the National Health Information Exchange (HIE) Summit and the International mHealth Networking and Web Conference.

Mid-way through the week-long event, there are some notable highlights from the conversations I’m having, and from the chatter on the floor and the breakout rooms. In no particular order:

Federal vs. State in a Vivid Debate: There are a number of tracks focused on the impact of healthcare reform on federal and state agencies, driven by conversations trying to figure out if responsibility will ultimately fall either way. With many guidelines already established, there still remains ambiguity as to how HITECH responsibility will play out.

The Term of the Event is ‘Breach’: HITECH mandates are largely-focused on data breach notification, with new stringent requirements for healthcare organizations to quickly report on when patient information may be/is compromised. The central questions here are two-fold: Will HITECH truly have enough teeth? And, will efforts be in the form of a Federal response or will action, lawsuits, penalties and fines fall on the state AGs to pursue?

Collaboration is Brewing: Increasing collaboration between public and private sector organizations is in great demand. Between the uses of new tools, more openness and greater transparency all focused on facilitating information sharing and efficiencies, increased public-private collaboration is a key desire from attendees.

EMRs isn’t as easy as A.B.C.: As expected, Electronic Medical Records (EMRs) is the hot topic here. From standards and technologies to business processes and data security to intra- and inter-organizational ownership, EMRs continue to be a focal point as organizations migrate their records to digital format and seek the security and efficiencies necessary for clinicians and staff to embrace.

A Herd of HIPAA Privacy Officers: Overwhelmingly, but not surprisingly, a large majority of attendees have roles/titles such as HIPAA privacy officers, many of whom are working towards getting HIPAA compliance certification by attending sessions earlier in the week. Surprisingly, I thought there would be more attendees from the IT manager/director or CIO levels.

Overall, there is a tremendous amount of information being passed around that attendees are trying to digest – what’s pertinent for them to take away and act upon, and what is not pertinent to their daily jobs. Most are speaking with vendors to understand their role in the overall HITECH/HIPAA ecosystem in regards to healthcare reform and legislation as it directly applies to their organizations, beyond the bells and whistles of features and functionality.

--Tom McDermott