Development, Components & Impact of HIPAA
Simply put, the Health Insurance Portability and Accountability Act (HIPAA) is a United States legislation focused on protecting patient information privacy by availing rights and protections for clients and beneficiaries in group health plans (Johnston & Warkentin, 2008). In terms of its development, it is ingenious to take into consideration the fact that healthcare in the US was originally organized by medical specialty and performed at an office as physicians were self-employed, thus it was easy to keep patients’ records in confidence. In the late twentieth century, however, the healthcare practice and business partnerships saw the emergence of yet another categorization, based on whether the physician worked autonomously or in a group, such as the Health Maintenance Organization (HMO) and the Preferred Provider Organization (PPO).
In the 1980s, autonomous physicians in the US began to link with each other or with other health agencies, not only leading to an overabundance of paperwork but also obliging the physicians to initiate outsourcing of administrative duties, such as client billing and handling insurance claims. However, the linkages never complicated record-keeping as paper files continued to be stored in a locked cabinet (Kumar, Henseler & Haukaas, 2009).
The arrangement worked well not only because clients trusted their physicians and nurses but also because electronic storage devices did not exist at that time. The complications sprout with the advent of franchised doctors, HMOs and PPOs, primarily because confidential patient records had to be sent from one physician to another in the eventuality that the client switched insurance covers, jobs, or moved areas. Indeed, Kumar et al (2009) acknowledge that “…while the internet and electronic copies were supposed to make it easier, it complicated processes by making the patient’s information accessible, which meant that it became easy for people not directly related to the patient care to view, transmit and disclose information to whomever they deemed acceptable” (p. 186).
The rise in number and cost of confidential health information transmission across healthcare providers, institutions, geographical localities, and states, as well as the lack of homogeneous standards for disclosure, patient access, and control, triggered Congress to pass the HIPPA legislation in 1996 to assist in the protection of patients and their confidential information (Kumar et al, 2009).
The HIPAA has 3 basic components, namely the Privacy Rule, the transaction rule, and the security regulation. While the Privacy Rule institutes standards for using and disclosing individually identifiable private health information, the transaction rule, on its part, creates standards for health information electronic exchange (Kumar et al, 2009). According to these authors, the security regulation, which is the final rule, “…complements the Privacy Rule and lays out three types of security safeguards required for compliance: administrative, physical and technical” (p. 186).
In terms of impact, it is indeed true that HIPAA’s implementation has impacted the US healthcare delivery system in a major way by enhancing the privacy and confidentiality of private health information. Due to disclosure control and limiting health information use, there exist a minimal opportunity for confidential patient information to fall into the hands of individuals who do not need to see it in the post-HIPAA electronic document environment (Johnston & Warkentin, 2008).
However, health institutions are faced with the real challenge of facing stiff penalties for noncompliance. The implementation of the legislation has also negatively affected US healthcare delivery through increased documentation that has complicated healthcare process steps; non-availability of vital information needed by medical researchers to progress critical research projects; increase in healthcare costs as a direct consequence of poor implementation, and; diverting of resources from delivering healthcare services to focus them on complying with HIPAA regulations (Kumar et al, 2009).
The HITECH Act: Impact & Implementation
The Health Information Technology for Economic and Clinical Health (HITECH) Act was passed into law in 2009 by President Barrack Obama as a constituent of the American Recovery and Reinvestment Act (ARRA) to, among other things: impose more rigorous regulatory requirements for healthcare professionals as well as institutions under the security and privacy rules of HIPAA; increase civil penalties for noncompliance of HIPAA regulations; avail funding for health institutions and doctors for the adoption of health information technology, and; integrate a statute that necessitates notification to patients of a security breach to their private health information (Arlotto, 2010; Brokel, 2010).
The act, in conjunction with ARRA, not only contains inducements related to the establishment of health care information technology in general (e.g., the development of a centralized healthcare infrastructure) but also specific inducements intended to speed up the adoption of electronic health records (EHR) systems among healthcare service providers (Gaylin et al, 2011).
In terms of impact, it is imperative to note that the Act bears both positive and negative ramifications for the US healthcare delivery system. On the positive side, the legislation, upon full implementation, will allow for the nationwide electronic exchange and use of confidential health information not only to enhance the quality of healthcare services but also to improve coordination of care (Brokel, 2010). Additionally, the quality of care will be improved as the legislation seeks to encourage physicians and health institutions to use Health Information Technology (HIT) to exchange electronically protected health information (ePHI). The United States government is also bound to save billions of dollars and generate supplementary savings throughout the health services sector not only through enhancements in the quality and efficiency of healthcare but also through improvements in healthcare coordination, reductions in medical errors, and minimization of duplicative services.
Another positive impact on the US healthcare delivery system upon full implementation of the HITECH Act will be the strengthening of federal privacy and security law with the view to safeguarding identifiable health information from potential misuse as the health services sector increases the use of health information technology (Arlotto, 2010; Gaylin et al, 2011). On the negative side, the HITECH Act of 2009 not only increases the potential legal liability for non-compliance on the part of physicians and health institutions but also provides for more enforcement of the HIPAA requirements, implying that individuals and institutions who fail to comply with the regulations will continue to be exposed to hefty civil penalties (Brokel, 2010).
To implement this Act, it is important for hospital chief executive officers (CEOs) and other interested parties to first build HITECH awareness by leading the integration of the clinical, financial, legal, and advocacy decisions essential for HITECH readiness. Afterward, the CEOs, CFOs, and other interested parties need to devote resources in a transformation infrastructure through embracing longer-term efforts aimed at triggering transformation and innovation across locations of healthcare institutions and entire communities. This phase would entail reinventing the local healthcare system in anticipation of adopting a more rationalized health information technology.
The third phase in the implementation would entail the building of clinical informatics expertise to gain new skills and capabilities that will be used not only to fully realize meaningful use of EHRs but also to analyze aggregated data and to collaborate across health provider sites to redesign healthcare processes, enhance the outcomes of key populations, and ultimately, manage new reimbursement protocols (Arlotto, 2010).
The next phase in the implementation of the HITECH Act would entail the development of a business intelligence strategy for collecting, managing, analyzing, and applying the information to generate new knowledge. Another important phase in the implementation would be to invest in physician business services infrastructure to provide a multiplicity of services, which include “…revenue management, human resource management, practice management, credentialing and EHR deployment, and operations support” (Arlotto, 2010, p. 94). Moving on, the next phase in the implementation of the HITECH Act would involve discovering a medical trading area health information exchange not only to test the EHR’s capability to electronically exchange patients’ private data but also to evaluate if there is adequate healthcare provider commitment and devotion.
The last phase would entail building and implementing an electronic strategy for engaging patients with the view to have them access their health information electronically and to demonstrate meaningful use of the electronic channels provided (Arlotto, 2010).
Essential Components & Purpose of Communication
Communication in the healthcare context is viewed as a continuous process of exchanging verbal and non-verbal messages, occurring between a health professional and another health professional or between a health professional and a patient (Fernandez et al, 2010). Shannon (2012) acknowledges that “…without effective, timely communication between physicians, both the quality of care and the patient experience can suffer” (p. 16). Consequently, it is fundamental that the message released by the sender must be comprehended in the same terms and context as originally intended by the sender. The essential components of communication, therefore, are the sender of the message, the message, the channel used to convey the message, the receiver, and the feedback to the message (Purtilo & Doherty, 2011).
While the term ‘sender’ denotes the originator or source of the idea or concept, the term ‘message’ denotes the key idea or the concept that the sender wants to communicate to the receiver. In healthcare settings, the actual communication process begins with either the health professional or the patient deciding about the message to be conveyed and, as such, the sender or encoder must always ensure that the main objective of the message is clear not only to enhance the quality of care but also to reduce medical errors (Fernandez et al, 2010).
The ‘channel’ or the ‘medium’ denotes the means used by the sender to convey/transmit the idea – either through the use of verbal or non-verbal cues. As noted by Astrom et al (2007), the selection of a suitable medium/channel of communication is fundamental in healthcare settings if the message is to remain effective and be correctly decoded by the receiver. The term ‘receiver’ denotes the individual who receives and interprets the message, while the term ‘feedback’ denotes the actual response to the message (Purtilo & Doherty, 2011).
The main purpose of communication in healthcare settings is to realize common understanding or to generate new or better awareness, particularly between physician-to-physician and physician-to-patient (Shannon, 2012). Consequently, the purpose of communication in healthcare settings may be to report a patient’s medical status, change in condition, or develop and revise the plan of healthcare delivery. It is important to note that a lack of a clear purpose of communication in the process of care provision may eventually lead to preventable patient injuries and death (Fernandez et al, 2010).
Shared Decision Making
As noted by Simmons et al (2010), shared decision making “…is a model of medical decision-making that lies between a paternalistic model (whereby the doctor decides for the patient) and an autonomous model (whereby the patient decides for themselves, consulting the doctor only to obtain information or treatment)” (p. 394-395). Shared decision making, as noted by this particular author, is essential in that it leads to patient preference and patient involvement in critical decisions concerning their health challenges, thereby increasing “…patient’s knowledge, reducing decisional conflict, as well as reducing the percentage of patients who are passive in the decision-making process or remain undecided” (p. 394). Extant research demonstrates that shared decision-making not only leads to superior health outcomes for patients but also provides a framework for more cost-effective use of healthcare resources and expertise (Barratt, 2008; Purtilo & Doherty, 2011).
The concept of shared decision-making, in my view, is important to professional practice as it provides a framework through which positive patient outcomes can be achieved. Indeed, the corroboration between the physician and the patient provides an integrated and cohesive approach to patient care, with available literature demonstrating its many beneficial outcomes, such as increasing patients’ knowledge and reducing decisional conflict (Simmons et al, 2010).
The concept affords patients the opportunity not only to rigorously evaluate the consequences of clinical actions by depending on expert opinions from health providers but also allows them to participate and get involved in the decision-making process (Baratt, 2008). Consequently, it can be argued that the concept of shared decision-making is fundamentally important to professional practice.
Patient Interaction & Components of Communication
Mr. Brown, who had been admitted to an acute care ward with difficulties in breathing, suddenly came down with acute chest pain on the left side. His initial medical records revealed that he was suffering from a serious, but non-life-threatening condition, for which medical professionals who previously treated him had prescribed one treatment option from the several treatment options available.
Upon examining his bedside medical records, I engaged him in a candid conversation with the view to know when the pain began and what he thought of the previous treatment option. Here, it is important to note that Mr. Brown was the receiver of my messages, and I was the sender or encoder. My understanding of the fact that the message should be clearly stated and the purpose should also be clear assisted me to elicit the needed responses from Mr. Brown, which ultimately made it possible for me to provide a more effective treatment option for his condition.
The medium used during our conversation was mostly verbal communication, but I also engaged the use of non-verbal cues, particularly eye contact and the patient’s voice tone, to note the intensity of the pain. I was sure to give Mr. Brown ample time to provide feedback as I used the collaborative model of communication, which is grounded in mutual respect, trust, and understanding between patients and service providers (Simmons et al, 2010).
This model, along with the feedback received from Mr. Brown, enabled me to have a solid understanding of his medical condition and available treatment options. Upon further discussion with Mr. Brown using verbal and non-verbal communication cues as the basis of our communication medium, I prescribed a treatment option that I believed was in his best interest. Again, it is important to note that my understanding of his feedback was instrumental in deciding to prescribe this particular treatment. The treatment option was successful in alleviating the patient’s chest pain.
Reference List
Arlotto, P. (2010). 7 strategies for improving HITECH readiness. Health Financial Management, 64(11), 90-96.
Astrom, K., Duggan, C., & Bates, I. (2007). Developing a way to improve communication between healthcare professionals in secondary care. Pharmacy Education, 7(3), 279-285.
Baratt, A. (2008). Evidence-based medicine and shared decision making: The challenge of getting both evidence and preferences into health care. Patient Education and Counseling, 73, 407-412. Web.
Brokel, J. (2010). Moving forward with NANDA-1 nursing diagnosis with Health Information Technology for Economic and Clinical Health (HITECH) Act legislation: News updates NANDA international news. International Journal of Nursing Terminologies & Classifications, 21(4), 182-185.
Fernandez, R., Tran, D.T., Johnson, M., & Jones, S. (2010). Interdisciplinary communication in general medical and surgical wards using two different models of nursing care delivery. Journal of Nursing Management, 18(3), 265-274.
Gaylin, D.S., Moiduddin, A., Mohamoud, S., Lundeen, K., & Kelly, J.A. (2011). Public attitudes about health information technology, and its relationships to healthcare quality, costs, and privacy. Health Services Research, 46(3), 920-938.
Johnston, A, C., & Warkentin, M. (2008). Information privacy compliance in the healthcare industry. Information Management & Computer Security, 16(1), 5-19.
Kumar, S., Henseler, A., & Haukaas, D. (2009). HIPAA’s effects on US healthcare. International Journal of Health Care Quality Assurance, 22(2), 183-197.
Purtilo, R.B., & Doherty, R. (2011). Ethical dimensions in health professions. 5th ed. St. Louis, Missouri: Elsevier Saunders.
Shannon, D. (2012). Effective physician-to-physician communication: An essential ingredient for care coordination. Physician Executive, 38(1), 16-21.
Simmons, M., Hetrick, S., & Jorm, A. (2010). Shared decision-making: benefits, barriers, and current opportunities for application. Australasian Psychiatry, 18(5), 394-397.