More legal challenges for universal EHR

The slow progress toward universal EHR implementation can also be partly blamed on legal challenges. Sharing electronic health records comes with legal barriers that specifically deal with things like:

· Paper-era state regulations that may not allow EHRs. (The precise relationship of the Act to paper era regulation of medical records is unresolved - authenticity issues).

· Anti-kickback Statute - The Medicare and Medicaid Patient Protection Act of 1987, as amended, 42 U.S.C. [SS]1320a-7b (the "Anti-kickback Statute"), provides for criminal penalties for certain acts impacting Medicare and state health care (e.g., Medicaid) reimbursable services. Enforcement actions have resulted in principals being liable for the acts of their agents. Of primary concern is the section of the statute, which prohibits the offer, or receipt of certain remuneration in return for referrals for, or recommending purchase of supplies and services reimbursable under government health care programs.

· Stark anti-referral rules (Limitation on certain physician referrals) - Many EHRs will facilitate referrals between hospitals and referring physicians and could implicate the Stark rules on compensation relationships. There are, however, two interesting exceptions: First, the most recent Stark rules state that wholly dedicated hardware is not remuneration. Thus, if a hospital provides medical staff hardware to support access to the hospital's EHR, and it was wholly dedicated to the use, there would not be an issue. There is also an exception for community wide health information systems - Stark protects "remuneration" in the form of hardware and software used in these information-sharing systems - with special qualifications. When provided, the party providing technology and support cannot take referrals into account in terms of who does and does not get support. The community wide system must be available to all providers who wish to participate.

· Concerns about malpractice (There are no cases that address liability when a physician uses or does not use an EHR system.

· HIPAA's privacy and security regulations (The clear bias of Privacy Rules favors disclosure and downstream use of medical information along familiar lines of medical practice and health care delivery). Sharing EHRs between a medical staff and a hospital is workable under the Privacy Rule, but nothing in the Privacy Rules anticipates the kind of wide open, unrestricted sharing of information among completely unrelated health care providers that the federal vision embraces. Add privacy to the challenges of appropriate security safeguards and there could be an argument that it could take years to make the federal vision workable.

More Industry Reports