Safe & Sound with Marianne Kolbasuk McGee

Supreme Court Ruling Ends Uncertainty

Time to Refocus on Security and Privacy Plans

Months of uncertainty exploded into moments of utter confusion when two major cable news networks erroneously reported that the Supreme Court had shot down President Obama's healthcare reform law.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

But those networks jumped the gun, perhaps reporting something that many thought would happen. The initial reports that claimed the court had overturned the key components of the legislation called into question what the potential impact would be on a number of issues, including privacy and security.

As it turns out, the court, in a 5-4 decision upheld healthcare reform. And that clears the way, among other things, for continued development of state health insurance exchanges and accountable care organizations, both of which must take steps to ensure patient information remains private.

Even if the court had overturned the law, the HITECH Act, and its privacy and security components, would have been untouched, because the act was passed as part of the economic stimulus package.

As a result of the court's action, many CIOs and security professionals at healthcare providers, insurers and other organizations will be even busier addressing privacy and security issues than they would've been had the legislation been thrown out.

That's because IT efforts tied to accountable care organizations and budding state health insurance exchanges are both big parts of the reform effort.

Health insurance exchanges are electronic marketplaces where uninsured consumers can shop for coverage. States are working with insurers on the exchanges to make sure adequate security precautions are taken.

ACOs are groups of healthcare providers in a region that not only share payment risk and reward, but also share patient data in the mission to improve coordination of care. And ACO participants must take steps to ensure data that's exchanged remains private.

"Privacy and security is a component of ACOs, and the foundation is built on sharing data, especially among disparate organizations like acute care hospitals and primacy care practices," says Robert Tennant, senior policy advisor at the Medical Group Management Association, a professional organizations representing medical practices.

"If you're an ACO, you need to be very concerned about security and privacy because you're only as strong as your weakest link," he says.

Some Uncertainty Lingers

But now that healthcare reform has been upheld, information security professionals continue to await federal action to carry out HITECH and other mandates, including:

  • Finalization of the omnibus package that will modify the HIPAA privacy, security, enforcement and breach notification rules;
  • Publication of the final rules for Stage 2 of the HITECH Act electronic health record incentive program.
  • Hammering out details for the Nationwide Health Information Network "rules of the road," including a decision on whether those standards should be voluntary.

"Now that the uncertainty around [healthcare reform] has been settled, it is critical that we continue the momentum to transform healthcare, including the use of information technology," says Dave Roberts, vice president of government relations at Healthcare Information and Management Systems Society.



About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.