The Health-e Information Technology Act of 2008 (H.R. 6898) proposes the following key objectives:
1. Creation of clear standards which encourage better interoperability, privacy and security, and clinically useful electronic health records, finalized by specific deadlines.
To achieve this, the bill calls for the codifying of the Office of the National Coordinator for Health Information Technology (ONCHIT) within the Department of Health and Human Services. This office would then bear the responsibility of creating a national Health IT infrastructure and overseeing the development of electronic health records which promote better quality of patient care and privacy. The deadline for the first generation of these records would be Oct. 2011. The office would then need to develop an electronic medical record system — based on open source technology — meeting approved technology and clinical standards within nine months of the approval of the first generation standards.
2. Offering financial incentives through Medicare for physician and hospital adoption and use of an electronic medical records system which meets the established standards.
The bill stipulates that physicians who use an approved system could receive payments totaling up to $40,000 over five years. Hospitals who use such a system could receive incentives of up to several million dollars. Incentives would continue for several years, but would gradually be phased out. The bill also stipulates the availability of additional funding through grants.
3. Improvement of current privacy protections following the existing HIPAA model.
The proposed legislation aims to establish a strong federal floor of privacy and security law that do not preempt more protective state laws and regulations. The bill extends privacy protections and penalties — which currently apply to physicians, organizations and healthcare providers — to business associates such as regional health exchanges. It also does the following:
- Prohibits the sale of identifiable health information.
- Encourages use of encryption or other measures to make patient health information undecipherable.
- Requires affected patients to be notified within 60 days of a health information breach.
- Increases civil monetary penalties that can be imposed upon providers or business associates violating the privacy rules.
“If we want a uniform, interoperable health care system in America, time has shown us that we can’t depend on the private sector to do it on their own,” says Rep. Stark in a press release. “This is the perfect role for government. We should work with stakeholders to develop the standards, ensure an affordable product is available and pay providers to adopt it. That’s exactly what the Health-e Information Technology Act does.”
View the Health-e Information Technology Act of 2008 (pdf).
Read a section-by-section analysis of the Health-e Information Technology Act of 2008 (pdf).
Read Rep. Stark’s press release about the Health-e Information Technology Act of 2008.
