Interoperability
Key House Committee Leaders Pledge Heightened Attention to Health IT in 2017
Key Takeaway: A key House Committee held a hearing last week to explore how healthcare technology can create efficiencies in care delivery, improve outcomes and reduce cost.
Why It Matters: Congressional interest in health information technology continues as the election nears. Last week the House Committee on Ways and Means Health Subcommittee hosted a hearing entitled, “Exploring the Use of Technology and Innovation to Create Efficiencies, Higher Quality, and Better Access for Beneficiaries in Health Care.”
The Subcommittee, under the leadership of Chairman Pat Tiberi (R-OH-12) and Ranking Member Jim McDermott (D-WA-07), heard from an electronic health record vendor, a health plan, a physician practice and a healthcare technology company. Chairman Tiberi mentioned that the Committee will focus heavily on healthcare technology in 2017.
Topics including telehealth reimbursement expansion, information blocking, EHR adoption and care coordination were discussed by Committee members and witnesses alike. Lawmakers questioned how the federal government can balance appropriate regulatory responsibilities with the need to foster promising technologies and expedite proven innovative approaches to providing health care.
HHS Announces Millions in New Health IT Grants
Key Takeaway: HHS has announced new grants to help health centers with IT enhancements
Why it Matters: HHS announced $87 million in new grants to help 1,400 health centers operating in 9,800 locations nationwide caring for more than 24 million patients, to help them make upgrades to their health IT systems. This funding comes from the Affordable Care Act’s Community Health Center (CHC) Fund, which was extended with bipartisan support in the Medicare Access and CHIP Reauthorization Act (MACRA) of 2015. For a list of 2016 recipients by state go here.
Patient Engagement using HIT
Key Takeaway: ONC release new data on patient engagement.
Why it Matters: Last week ONC released a new data brief and blog detailing on patient use of technology and the availability of it in the hospital setting. They state, “the data show that 95 percent of the nation’s hospitals provide patients with the ability to view their health information electronically, 87 percent provide individuals the ability to download their health information, and 69 percent of them provide patients with the ability to view, download, and transmit their health information in 2015.” They also note:
- Since 2013, there has been a significant increase in the percent of hospitals that provide patients the ability to electronically view, download, and transmit their health information.
- As of 2015, disparities exist in the adoption of view, download, and transmit functionalities between large hospitals and other types of hospitals (e.g., medium, small and Critical Access Hospitals).
- The number and variety of patient engagement functionalities offered by hospitals continued to increase significantly in 2015.
House Passes Resolution Expressing Need for a National Strategy Concerning the “Internet of Things”
Key Takeaway: Last week the House of Representatives passed a resolution expressing the sense of Congress that the need exists for "a national strategy to encourage development of the Internet of Things for connected technologies to empower consumers, foster future economic growth, and improve the nation's collective social well-being."
Why It Matters: The resolution, which passed the House by a vote of 367-4, cites the importance of the “Internet of Things” and the need for a cohesive national strategy, which must be cross-sector, including healthcare. H.Res. 847, sponsored by Representative Leonard Lance (R-NJ-07), cites the potential for the connected devices, through the Internet of Things, to stimulate trillions of dollars in economic opportunity.
Cybersecurity
Baldridge Cybersecurity Excellence Builder
Key Takeaway: NIST is seeking comments on their draft Baldridge Cybersecurity Excellence Builder.
Why it Matters: The NIST draft Baldridge Cybersecurity Excellence Builder is a voluntary self-assessment tool that enables organizations to better understand the effectiveness of their cybersecurity risk management efforts. It helps leaders of organizations identify opportunities for improvement based on their cybersecurity needs and objectives, as well as their larger organizational needs, objectives, and outcomes. The Baldrige Cybersecurity Excellence Builder blends the systems perspective of the Baldrige Excellence Framework with the NIST Cybersecurity Framework. Feedback on this draft release of the Baldrige Cybersecurity Excellence Framework will be incorporated into the version 1 release, scheduled for early 2017. Please submit feedback to [email protected] by December 15, 2016.
GAO Responds to Congress, Cites Needed Changes in CIO/CISO Relationship at HHS
Key Takeaway: The Government Accountability Office (GAO) offered a response to Congress regarding concerns about challenges generated from the CIO and CISO relationship within the Federal Agencies.
Why It Matters: Federal agencies have been victims of data breaches alongside private industry, and Congress has taken notice. Congressional interest in the roles and responsibilities of federal CIOs and CISOs has even been subject of Congressional hearings in 2016.
In the response to Congress, GAO cited needed changes in the CIO/CISO relationship across the federal government as it relates to cybersecurity and often cited the need for clarification of the CISO’s responsibilities within each Department. Relative to the Department of Health and Human Services (HHS), GAO suggested that the role of the CISO is defined in department policy in accordance with FISMA 2014, and recommended that the Secretary of Health and Human Services define the CISO’s role in department policy for ensuring that plans and procedures are in place to ensure recovery and continued operations of the department’s information systems in the event of a disruption. In its comments on a draft of this report, HHS concurred with our recommendation and stated that the updates to policy are to be made in conjunction with anticipated revisions of NIST SP 800-53, revision 5.
Last May, CHIME’s Board of Trustees Chair, Marc Probst, testified before the House Committee on Energy & Commerce concerning the CIO/CISO relationship broadly across healthcare delivery organizations. At issue during the May hearing was the HHS Data Protection Act (HR 5068) sponsored by Representatives Billy Long (R-MO-07) and Doris Matsui (D-CA-06), that would create a new HHS information security office with separate authority from HHS’ CIO.
Government to Meet on Internet of Things (IoT) Security Upgradability and Patching
Key Takeaway: National Telecommunications and Information Administration (NTIA) to meet on IoT Security and Patching on October 19th.
Why it Matters: NITA, which is under the Department of Commerce, is meeting on October 19th to discuss IoT security matters. The meeting will be held in Texas, however, you may attend via webcast. The meeting will coincide with the Consumer Technology Association’s Technology and Standards Forum. Details including registration link can be found here.