Elaine Zablocki

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology "is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years," said Dr. Brailer of the Department of Health and Human Services, Washington. "We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it."

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in their purchasing, he said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A "pay-as-you-go" financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, an HHS senior staff attorney who also spoke at the meeting, more than 50% of large practices have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually to see whether it is closing and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology "is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years," said Dr. Brailer of the Department of Health and Human Services, Washington. "We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it."

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in their purchasing, he said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A "pay-as-you-go" financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, an HHS senior staff attorney who also spoke at the meeting, more than 50% of large practices have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually to see whether it is closing and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology "is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years," said Dr. Brailer of the Department of Health and Human Services, Washington. "We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it."

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in their purchasing, he said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A "pay-as-you-go" financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, an HHS senior staff attorney who also spoke at the meeting, more than 50% of large practices have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually to see whether it is closing and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said during the annual meeting of the American Health Lawyers Association.

Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies. At present, HIPAA enforcement is primarily complaint based, Ms. Williams said. During the first year of enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance.

To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed.

Within 2 days, Integris was able to confirm, through an audit trail, that this had in fact happened, and the responsible employee was terminated. OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination.

“It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to have a strategy for handling potential HIPAA complaints.

Key steps include:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system.

Methods to process complaints include written forms, a hotline, a privacy officer, regular mail, e-mail, and online forums. One key element: The person in charge of the complaint process should be able to listen and respond with empathy.

Enforcement Rule Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties, including reason for the penalty and identity of the covered entity, will be made available to the general public. It is not clear, however, whether this happens when the penalty is first imposed, or after legal appeals are completed.

“This provision is a bit worrisome,” Ms. Williams said.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said during the annual meeting of the American Health Lawyers Association.

Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies. At present, HIPAA enforcement is primarily complaint based, Ms. Williams said. During the first year of enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance.

To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed.

Within 2 days, Integris was able to confirm, through an audit trail, that this had in fact happened, and the responsible employee was terminated. OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination.

“It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to have a strategy for handling potential HIPAA complaints.

Key steps include:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system.

Methods to process complaints include written forms, a hotline, a privacy officer, regular mail, e-mail, and online forums. One key element: The person in charge of the complaint process should be able to listen and respond with empathy.

Enforcement Rule Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties, including reason for the penalty and identity of the covered entity, will be made available to the general public. It is not clear, however, whether this happens when the penalty is first imposed, or after legal appeals are completed.

“This provision is a bit worrisome,” Ms. Williams said.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said during the annual meeting of the American Health Lawyers Association.

Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies. At present, HIPAA enforcement is primarily complaint based, Ms. Williams said. During the first year of enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance.

To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed.

Within 2 days, Integris was able to confirm, through an audit trail, that this had in fact happened, and the responsible employee was terminated. OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination.

“It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to have a strategy for handling potential HIPAA complaints.

Key steps include:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system.

Methods to process complaints include written forms, a hotline, a privacy officer, regular mail, e-mail, and online forums. One key element: The person in charge of the complaint process should be able to listen and respond with empathy.

Enforcement Rule Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties, including reason for the penalty and identity of the covered entity, will be made available to the general public. It is not clear, however, whether this happens when the penalty is first imposed, or after legal appeals are completed.

“This provision is a bit worrisome,” Ms. Williams said.

SAN DIEGO — A few pioneering health care organizations have set up local information networks to share electronic health data, and there are interesting lessons to be learned from these examples, according to Gordon J. Apple, a health lawyer based in St. Paul, Minn., who spoke at the annual meeting of the American Health Lawyers Association.

He compared the Santa Barbara Care Data Exchange with the Indianapolis Network for Patient Care, two projects that have similar goals but are using very different technologies and organizational structures.

The Santa Barbara project developed as a public/private collaboration, and today is organized as a nonprofit with a “community stakeholder” board of directors, including physicians, chief financial officers, chief operating officers, a chief information officer, and a consumer and business advocate.

It uses peer-to-peer Internet technology, the same method college students use to share music files. “This is a pointer system,” Mr. Apple said. It can identify where data are stored within the system, and “it provides the physician with a patient-centered view of both clinical and administrative results. However, it is not an electronic medical record.”

Efforts like these are expensive, and the Santa Barbara project has run into problems. Insufficient grassroots support has been an issue, Mr. Apple said. The data exchange received a $10 million grant from the California HealthCare Foundation and $400,000 from the federal government. Although it started development work in 1999, it is expected to be up and running this summer.

The Indianapolis Network for Patient Care has been functioning for more than 7 years. “Five hospital systems that at one time were probably fierce competitors are now cooperating,” Mr. Apple said.

Indianapolis started with a small project, one everyone could agree was really needed. At first, when a patient came into the emergency department, physicians could access limited data from participating hospitals. This effort was originally funded through a National Library of Medicine grant, but when the grant expired, the participants chose to continue the project.

Today, the much-expanded Indianapolis network can be used for any treatment purpose. With the patient's permission, physicians can access a complete medical history, including all previous care.

Indianapolis uses a data warehouse system. Each institution stores its data in a separate database, but all the databases use the same structure and the same coding processes. The system can pull out and combine information as needed.

The Regenstrief Institute, a nonprofit affiliated with Indiana University, Indianapolis, manages the network. Indianapolis didn't set up a separate entity to deal with these issues; instead, the network is governed by a contractual agreement signed by all users. “Regenstrief acts as the hub of the wheel,” Mr. Apple said.

Before it went into effect, this draft agreement was reviewed and approved by clinicians, compliance officers, lawyers, risk managers, and information system personnel in a cooperative, consensus-building process. “That's the most important point,” Mr. Apple said. “This wasn't something where the information technology folks said, 'let's put this out and make the doctors use it.' They actually spoke with the physicians and looked at all the issues before rolling this out.”

He pointed out a second key difference: The Santa Barbara network allows doctors to pull up computer files so they can access each other's information, but the information is unstructured. Physicians are, in effect, accessing copies of paper files.

In Indianapolis, the data are entered in a structured format, so it's possible to search for and compare key data items. Test results are tagged so that other computers in the network can recognize them.

SAN DIEGO — A few pioneering health care organizations have set up local information networks to share electronic health data, and there are interesting lessons to be learned from these examples, according to Gordon J. Apple, a health lawyer based in St. Paul, Minn., who spoke at the annual meeting of the American Health Lawyers Association.

He compared the Santa Barbara Care Data Exchange with the Indianapolis Network for Patient Care, two projects that have similar goals but are using very different technologies and organizational structures.

The Santa Barbara project developed as a public/private collaboration, and today is organized as a nonprofit with a “community stakeholder” board of directors, including physicians, chief financial officers, chief operating officers, a chief information officer, and a consumer and business advocate.

It uses peer-to-peer Internet technology, the same method college students use to share music files. “This is a pointer system,” Mr. Apple said. It can identify where data are stored within the system, and “it provides the physician with a patient-centered view of both clinical and administrative results. However, it is not an electronic medical record.”

Efforts like these are expensive, and the Santa Barbara project has run into problems. Insufficient grassroots support has been an issue, Mr. Apple said. The data exchange received a $10 million grant from the California HealthCare Foundation and $400,000 from the federal government. Although it started development work in 1999, it is expected to be up and running this summer.

The Indianapolis Network for Patient Care has been functioning for more than 7 years. “Five hospital systems that at one time were probably fierce competitors are now cooperating,” Mr. Apple said.

Indianapolis started with a small project, one everyone could agree was really needed. At first, when a patient came into the emergency department, physicians could access limited data from participating hospitals. This effort was originally funded through a National Library of Medicine grant, but when the grant expired, the participants chose to continue the project.

Today, the much-expanded Indianapolis network can be used for any treatment purpose. With the patient's permission, physicians can access a complete medical history, including all previous care.

Indianapolis uses a data warehouse system. Each institution stores its data in a separate database, but all the databases use the same structure and the same coding processes. The system can pull out and combine information as needed.

The Regenstrief Institute, a nonprofit affiliated with Indiana University, Indianapolis, manages the network. Indianapolis didn't set up a separate entity to deal with these issues; instead, the network is governed by a contractual agreement signed by all users. “Regenstrief acts as the hub of the wheel,” Mr. Apple said.

Before it went into effect, this draft agreement was reviewed and approved by clinicians, compliance officers, lawyers, risk managers, and information system personnel in a cooperative, consensus-building process. “That's the most important point,” Mr. Apple said. “This wasn't something where the information technology folks said, 'let's put this out and make the doctors use it.' They actually spoke with the physicians and looked at all the issues before rolling this out.”

He pointed out a second key difference: The Santa Barbara network allows doctors to pull up computer files so they can access each other's information, but the information is unstructured. Physicians are, in effect, accessing copies of paper files.

In Indianapolis, the data are entered in a structured format, so it's possible to search for and compare key data items. Test results are tagged so that other computers in the network can recognize them.

SAN DIEGO — A few pioneering health care organizations have set up local information networks to share electronic health data, and there are interesting lessons to be learned from these examples, according to Gordon J. Apple, a health lawyer based in St. Paul, Minn., who spoke at the annual meeting of the American Health Lawyers Association.

He compared the Santa Barbara Care Data Exchange with the Indianapolis Network for Patient Care, two projects that have similar goals but are using very different technologies and organizational structures.

The Santa Barbara project developed as a public/private collaboration, and today is organized as a nonprofit with a “community stakeholder” board of directors, including physicians, chief financial officers, chief operating officers, a chief information officer, and a consumer and business advocate.

It uses peer-to-peer Internet technology, the same method college students use to share music files. “This is a pointer system,” Mr. Apple said. It can identify where data are stored within the system, and “it provides the physician with a patient-centered view of both clinical and administrative results. However, it is not an electronic medical record.”

Efforts like these are expensive, and the Santa Barbara project has run into problems. Insufficient grassroots support has been an issue, Mr. Apple said. The data exchange received a $10 million grant from the California HealthCare Foundation and $400,000 from the federal government. Although it started development work in 1999, it is expected to be up and running this summer.

The Indianapolis Network for Patient Care has been functioning for more than 7 years. “Five hospital systems that at one time were probably fierce competitors are now cooperating,” Mr. Apple said.

Indianapolis started with a small project, one everyone could agree was really needed. At first, when a patient came into the emergency department, physicians could access limited data from participating hospitals. This effort was originally funded through a National Library of Medicine grant, but when the grant expired, the participants chose to continue the project.

Today, the much-expanded Indianapolis network can be used for any treatment purpose. With the patient's permission, physicians can access a complete medical history, including all previous care.

Indianapolis uses a data warehouse system. Each institution stores its data in a separate database, but all the databases use the same structure and the same coding processes. The system can pull out and combine information as needed.

The Regenstrief Institute, a nonprofit affiliated with Indiana University, Indianapolis, manages the network. Indianapolis didn't set up a separate entity to deal with these issues; instead, the network is governed by a contractual agreement signed by all users. “Regenstrief acts as the hub of the wheel,” Mr. Apple said.

Before it went into effect, this draft agreement was reviewed and approved by clinicians, compliance officers, lawyers, risk managers, and information system personnel in a cooperative, consensus-building process. “That's the most important point,” Mr. Apple said. “This wasn't something where the information technology folks said, 'let's put this out and make the doctors use it.' They actually spoke with the physicians and looked at all the issues before rolling this out.”

He pointed out a second key difference: The Santa Barbara network allows doctors to pull up computer files so they can access each other's information, but the information is unstructured. Physicians are, in effect, accessing copies of paper files.

In Indianapolis, the data are entered in a structured format, so it's possible to search for and compare key data items. Test results are tagged so that other computers in the network can recognize them.

SAN DIEGO — The growth of consumer-directed health plans means physicians and their staff will need to talk more with patients about their prices and the value of their services.

“Admitting-office conversations will change dramatically,” said Gary Scott Davis, a health lawyer based in Miami, during the annual meeting of the American Health Lawyers Association. “Physicians need to develop systems that allow them to quote prices for services. 'Complexity' is no longer an excuse.”

Consumer-directed health care is growing dramatically, Mr. Davis said. This means precertification and utilization review will become less important, while the financial interface will become more important. The consumer will be paying a higher percentage of the cost of care. The new system resembles traditional indemnity insurance, and the issue is no longer whether a physician is authorized to provide a service. Instead, the question becomes how much will be paid, and from whom will the fee be collected.

Consumer expectations will have to change dramatically. Patients now are used to paying a standard, minimal copayment for an office visit, medication, or hospitalization. Under consumer-directed care, when patients go in for elective surgery, they'll need to bring their credit cards with them and be prepared to spend thousands of dollars.

This shift from fixed copayments to high out-of-pocket payments means physicians and hospitals will need to develop systems to collect money from patients at the time of service and find out accurately and efficiently from third-party payers exactly how much to charge.

“The dollar amounts are higher, so bad debt could accumulate and become a more significant percentage of the physician's bottom line,” Mr. Davis said in an interview. “Physicians will need to become ever more vigilant.”

Consumer-directed plans often include a tax-deductible health savings account to be used for medical expenses, but that doesn't necessarily mean the physician can access those funds, Mr. Davis explained. Some people, especially high earners, may choose to use the account as a tax-deferred savings vehicle and pay for services with other funds.

Consumer-directed care is structured to require the highest cost-sharing for services in which consumer decisions can make a difference, such as outpatient elective procedures, Mr. Davis said.

Historically, consumers have trusted their physicians' advice and judgment. Now, health plans or third parties may provide information that gives consumers a different perspective.

In situations in which patients do have choices, physicians who offer different services for the same diagnosis are likely to find themselves in competition. For example, a patient with cardiac problems can seek outpatient angiography from an invasive cardiologist or get a 16-slice CT scan from an invasive radiologist. “In the past, consumers knew that all their friends had angiography, but now they are being given more information,” Mr. Davis said in an interview. “As they become aware that the same diagnostic service is available as a less expensive, noninvasive procedure, and they're paying 20% of the bill, they will ask themselves whether they want to pay for the lower-cost or higher-cost procedure.”

Physicians, too, may choose to provide information about the benefits of certain procedures. “If you are a physician who believes in your heart of hearts that mastectomy is the correct treatment for a certain stage of breast cancer, then you'll want information out there saying why you think your treatment recommendations are correct,” Mr. Davis said.

However, he warned about potential liability for physicians and hospitals as consumer-directed care becomes more prominent. “You must provide information in a way a reasonably prudent person can understand,” he said. “One of the great unknowns is potential liability.”

SAN DIEGO — The growth of consumer-directed health plans means physicians and their staff will need to talk more with patients about their prices and the value of their services.

“Admitting-office conversations will change dramatically,” said Gary Scott Davis, a health lawyer based in Miami, during the annual meeting of the American Health Lawyers Association. “Physicians need to develop systems that allow them to quote prices for services. 'Complexity' is no longer an excuse.”

Consumer-directed health care is growing dramatically, Mr. Davis said. This means precertification and utilization review will become less important, while the financial interface will become more important. The consumer will be paying a higher percentage of the cost of care. The new system resembles traditional indemnity insurance, and the issue is no longer whether a physician is authorized to provide a service. Instead, the question becomes how much will be paid, and from whom will the fee be collected.

Consumer expectations will have to change dramatically. Patients now are used to paying a standard, minimal copayment for an office visit, medication, or hospitalization. Under consumer-directed care, when patients go in for elective surgery, they'll need to bring their credit cards with them and be prepared to spend thousands of dollars.

This shift from fixed copayments to high out-of-pocket payments means physicians and hospitals will need to develop systems to collect money from patients at the time of service and find out accurately and efficiently from third-party payers exactly how much to charge.

“The dollar amounts are higher, so bad debt could accumulate and become a more significant percentage of the physician's bottom line,” Mr. Davis said in an interview. “Physicians will need to become ever more vigilant.”

Consumer-directed plans often include a tax-deductible health savings account to be used for medical expenses, but that doesn't necessarily mean the physician can access those funds, Mr. Davis explained. Some people, especially high earners, may choose to use the account as a tax-deferred savings vehicle and pay for services with other funds.

Consumer-directed care is structured to require the highest cost-sharing for services in which consumer decisions can make a difference, such as outpatient elective procedures, Mr. Davis said.

Historically, consumers have trusted their physicians' advice and judgment. Now, health plans or third parties may provide information that gives consumers a different perspective.

In situations in which patients do have choices, physicians who offer different services for the same diagnosis are likely to find themselves in competition. For example, a patient with cardiac problems can seek outpatient angiography from an invasive cardiologist or get a 16-slice CT scan from an invasive radiologist. “In the past, consumers knew that all their friends had angiography, but now they are being given more information,” Mr. Davis said in an interview. “As they become aware that the same diagnostic service is available as a less expensive, noninvasive procedure, and they're paying 20% of the bill, they will ask themselves whether they want to pay for the lower-cost or higher-cost procedure.”

Physicians, too, may choose to provide information about the benefits of certain procedures. “If you are a physician who believes in your heart of hearts that mastectomy is the correct treatment for a certain stage of breast cancer, then you'll want information out there saying why you think your treatment recommendations are correct,” Mr. Davis said.

However, he warned about potential liability for physicians and hospitals as consumer-directed care becomes more prominent. “You must provide information in a way a reasonably prudent person can understand,” he said. “One of the great unknowns is potential liability.”

SAN DIEGO — The growth of consumer-directed health plans means physicians and their staff will need to talk more with patients about their prices and the value of their services.

“Admitting-office conversations will change dramatically,” said Gary Scott Davis, a health lawyer based in Miami, during the annual meeting of the American Health Lawyers Association. “Physicians need to develop systems that allow them to quote prices for services. 'Complexity' is no longer an excuse.”

Consumer-directed health care is growing dramatically, Mr. Davis said. This means precertification and utilization review will become less important, while the financial interface will become more important. The consumer will be paying a higher percentage of the cost of care. The new system resembles traditional indemnity insurance, and the issue is no longer whether a physician is authorized to provide a service. Instead, the question becomes how much will be paid, and from whom will the fee be collected.

Consumer expectations will have to change dramatically. Patients now are used to paying a standard, minimal copayment for an office visit, medication, or hospitalization. Under consumer-directed care, when patients go in for elective surgery, they'll need to bring their credit cards with them and be prepared to spend thousands of dollars.

This shift from fixed copayments to high out-of-pocket payments means physicians and hospitals will need to develop systems to collect money from patients at the time of service and find out accurately and efficiently from third-party payers exactly how much to charge.

“The dollar amounts are higher, so bad debt could accumulate and become a more significant percentage of the physician's bottom line,” Mr. Davis said in an interview. “Physicians will need to become ever more vigilant.”

Consumer-directed plans often include a tax-deductible health savings account to be used for medical expenses, but that doesn't necessarily mean the physician can access those funds, Mr. Davis explained. Some people, especially high earners, may choose to use the account as a tax-deferred savings vehicle and pay for services with other funds.

Consumer-directed care is structured to require the highest cost-sharing for services in which consumer decisions can make a difference, such as outpatient elective procedures, Mr. Davis said.

Historically, consumers have trusted their physicians' advice and judgment. Now, health plans or third parties may provide information that gives consumers a different perspective.

In situations in which patients do have choices, physicians who offer different services for the same diagnosis are likely to find themselves in competition. For example, a patient with cardiac problems can seek outpatient angiography from an invasive cardiologist or get a 16-slice CT scan from an invasive radiologist. “In the past, consumers knew that all their friends had angiography, but now they are being given more information,” Mr. Davis said in an interview. “As they become aware that the same diagnostic service is available as a less expensive, noninvasive procedure, and they're paying 20% of the bill, they will ask themselves whether they want to pay for the lower-cost or higher-cost procedure.”

Physicians, too, may choose to provide information about the benefits of certain procedures. “If you are a physician who believes in your heart of hearts that mastectomy is the correct treatment for a certain stage of breast cancer, then you'll want information out there saying why you think your treatment recommendations are correct,” Mr. Davis said.

However, he warned about potential liability for physicians and hospitals as consumer-directed care becomes more prominent. “You must provide information in a way a reasonably prudent person can understand,” he said. “One of the great unknowns is potential liability.”

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington.

“We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it,” he said.

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs. In contrast, a much smaller number of small practices, only 13%, have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington.

“We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it,” he said.

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs. In contrast, a much smaller number of small practices, only 13%, have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington.

“We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it,” he said.

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs. In contrast, a much smaller number of small practices, only 13%, have adopted them.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so. Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so. Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier to adoption of EHRs is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so. Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said at the annual meeting of the American Health Lawyers Association. Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies.

During the first year of HIPAA enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance. To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed. Within 2 days, Integris was able to confirm that this had in fact happened, and the responsible employee was terminated.

OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination. “It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to put a strategy in place for handling potential HIPAA complaints. Key steps are as follows:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system. The person in charge of the complaint process should be able to listen and respond with empathy. “Sometimes people aren't looking for a monetary resolution,” Ms. Williams said. “They just want someone to listen to their complaint and tell them that it's been corrected.”

Provision Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties will be made available to the public.

“This provision is a bit worrisome,” Ms. Williams said. If an emergency department over a 3-month period doesn't collect and file written acknowledgments of privacy notifications, that would count as numerous violations of the privacy rule.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said at the annual meeting of the American Health Lawyers Association. Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies.

During the first year of HIPAA enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance. To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed. Within 2 days, Integris was able to confirm that this had in fact happened, and the responsible employee was terminated.

OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination. “It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to put a strategy in place for handling potential HIPAA complaints. Key steps are as follows:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system. The person in charge of the complaint process should be able to listen and respond with empathy. “Sometimes people aren't looking for a monetary resolution,” Ms. Williams said. “They just want someone to listen to their complaint and tell them that it's been corrected.”

Provision Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties will be made available to the public.

“This provision is a bit worrisome,” Ms. Williams said. If an emergency department over a 3-month period doesn't collect and file written acknowledgments of privacy notifications, that would count as numerous violations of the privacy rule.

SAN DIEGO — Health care organizations need a proactive process in place to deal with Health Insurance Portability and Accountability Act complaints, Teresa A. Williams, in-house counsel for Integris Health Inc., said at the annual meeting of the American Health Lawyers Association. Having an effective complaint process in place could reduce the number of complaints patients file with government enforcement agencies.

During the first year of HIPAA enforcement, 5,648 complaints were filed with the Office for Civil Rights (OCR), according to a report published by the Government Accountability Office. Of those, about 56% alleged impermissible use and disclosure of protected health information, about 33% alleged inadequate safeguards, and about 17% concerned patient access to information. (Percentages total more than 100 because some complaints fall into more than one category.)

As of June 30, 2005, OCR has received more than 13,700 complaints, and has closed 67% of those cases. They've been closed because the alleged activity actually did not violate the privacy rule, or because OCR lacks jurisdiction, or because the complaint was resolved through voluntary compliance. To date, OCR hasn't actually imposed any monetary penalties.

OCR is making every effort to resolve potential cases informally. Ms. Williams gave an example from her company.

Last fall, a patient at one of Integris Health's rural facilities filed an OCR complaint alleging her son's health information had been improperly disclosed. Within 2 days, Integris was able to confirm that this had in fact happened, and the responsible employee was terminated.

OCR then requested a copy of the explanatory letter sent to the complainant, records showing that the employee had received appropriate training about HIPAA, and written evidence of termination. “It was all very informal, just a series of phone calls and letters back and forth,” Ms. Williams said. “It took only about 2 months for our case to be closed.”

Ms. Williams advises health care organizations to put a strategy in place for handling potential HIPAA complaints. Key steps are as follows:

▸ Train staff on appropriate records and documentation.

▸ Develop and enforce discipline policies.

▸ Conduct patient satisfaction surveys.

▸ Conduct training to inform staff about appropriate uses and disclosures of protected health information.

▸ Take corrective action if necessary, then document it.

▸ Use information gained from the complaint process to better your system. The person in charge of the complaint process should be able to listen and respond with empathy. “Sometimes people aren't looking for a monetary resolution,” Ms. Williams said. “They just want someone to listen to their complaint and tell them that it's been corrected.”

Provision Called 'Worrisome'

The final installment of the HIPAA enforcement rule was released on April 18, 2005. Civil monetary penalties are set at a maximum of $100 per violation, up to a maximum of $25,000 for all violations of an identical requirement per calendar year.

But a single act can create multiple violations, Ms. Williams pointed out. That's because the rule uses three variables to calculate the number of violations:

▸ The number of times a covered entity takes a prohibited action or failed to take a required action.

▸ The number of persons involved or affected.

▸ The duration of the violation, counted in days.

Under the new rule, information about civil monetary penalties will be made available to the public.

“This provision is a bit worrisome,” Ms. Williams said. If an emergency department over a 3-month period doesn't collect and file written acknowledgments of privacy notifications, that would count as numerous violations of the privacy rule.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Government strategies for health information technology will aid physicians by lowering the cost, improving the benefits, and lowering the risks, said David J. Brailer, M.D., Ph.D., national coordinator for health information technology, in a keynote address at the annual meeting of the American Health Lawyers Association.

Information technology “is a tectonic issue for physicians, one that separates old from young, progressive from Luddite, and those who want to be part of a performance-based future from those who want to practice the way they have for years,” said Dr. Brailer of the Department of Health and Human Services, Washington. “We're trying to be nonregulatory, to use a market-based approach, and that means we want to work with the willing. Surveys show that many physicians, at least half today, would do this if they could figure out how to do it.”

One barrier to adoption of electronic health records (EHRs) is the variety of products on the market. Certifying a basic, minimally featured EHR system will aid physicians in making rational purchasing decisions, Dr. Brailer said.

Another barrier is the current lack of a sound business model. A “pay-as-you-go” financial model is not feasible, and financial incentives will be needed to accelerate the transition, Dr. Brailer said, without specifying any further details.

Large physician groups and hospitals are far ahead of small physician offices in adopting EHRs. According to Jodi Goldstein Daniel, a Department of Health and Human Services senior staff attorney on health information technology issues who also spoke at the meeting, more than 50% of large practices have adopted EHRs, while only 13% of small practices have done so.

Dr. Brailer's office plans to monitor the adoption gap annually, to see whether it is closing, whether certified technologies are being used, and whether rural practices and other practices with special needs require some kind of safety net.

SAN DIEGO — Physicians will face many questions about new Medicare Part D benefit in coming months as patients decide whether to enroll and which plan to select in the voluntary prescription drug program, Elizabeth Carder-Thompson said at the annual meeting of the American Health Lawyers Association.

CMS has begun posting informational resources on its Web site, and additional materials will become available over the next few months. The best resource at this time is the “Outreach Toolkit,” available by download or on CD-ROM, said Ms. Carder-Thompson, a lawyer with Reed Smith LLP.

“The Outreach Toolkit doesn't answer all the questions we want answered, but it's a good start,” she said.

Enrollment for Part D begins on Nov. 15, 2005, and patients must enroll by May 15, 2006, or face a financial penalty when they do.

The coverage goes into effect Jan. 1, 2006, and the interim discount drug card program ends at that time. This means Medicare beneficiaries will need to make fairly complicated choices within a short time.

There will be at least two part D prescription drug plans available in each geographic area, and plans may include several subplans.

A Kaiser Family Foundation survey, conducted March/April 2005, found that seniors are more likely to turn to their doctor (49%) or pharmacist (33%) for help in making these decisions, rather than to Medicare information sources (23%). About two-thirds (68%) of those surveyed said they did not have a good understanding of the new benefit.

In October 2005, Part D plans will start to send marketing materials. CMS will distribute its “Medicare and You,” handbook to all beneficiaries via mail, with a description of the new benefit. A “Plan Comparison Web Tool” and “Medicare Personal Plan Finder” will be posted at www.medicare.gov

“CMS says it will provide materials as they did for the drug discount card but this is far more complicated than the card,” Ms. Carder-Thompson said.

According to Robert J. Hill, also of Reed Smith LLP, the CMS marketing guidelines on part D include a great deal of material that will affect physicians. For example, enrollment cannot be taken at the point of care, such as a physician's office. If physicians offer their patients information on any part D plan then they must offer information on all available part D plans.

CMS has not released the final version of its marketing guidelines, and Mr. Hill expects these issues to be dealt with in more detail in the second part.

Once Part D becomes effective, doctors will face a different set of concerns, Ms. Carder-Thompson said.

When a plan doesn't cover a prescribed drug, physicians will need to provide supporting statements in order to get an exception, but many details are not clear at this time.

SAN DIEGO — Physicians will face many questions about new Medicare Part D benefit in coming months as patients decide whether to enroll and which plan to select in the voluntary prescription drug program, Elizabeth Carder-Thompson said at the annual meeting of the American Health Lawyers Association.

CMS has begun posting informational resources on its Web site, and additional materials will become available over the next few months. The best resource at this time is the “Outreach Toolkit,” available by download or on CD-ROM, said Ms. Carder-Thompson, a lawyer with Reed Smith LLP.

“The Outreach Toolkit doesn't answer all the questions we want answered, but it's a good start,” she said.

Enrollment for Part D begins on Nov. 15, 2005, and patients must enroll by May 15, 2006, or face a financial penalty when they do.

The coverage goes into effect Jan. 1, 2006, and the interim discount drug card program ends at that time. This means Medicare beneficiaries will need to make fairly complicated choices within a short time.

There will be at least two part D prescription drug plans available in each geographic area, and plans may include several subplans.

A Kaiser Family Foundation survey, conducted March/April 2005, found that seniors are more likely to turn to their doctor (49%) or pharmacist (33%) for help in making these decisions, rather than to Medicare information sources (23%). About two-thirds (68%) of those surveyed said they did not have a good understanding of the new benefit.

In October 2005, Part D plans will start to send marketing materials. CMS will distribute its “Medicare and You,” handbook to all beneficiaries via mail, with a description of the new benefit. A “Plan Comparison Web Tool” and “Medicare Personal Plan Finder” will be posted at www.medicare.gov

“CMS says it will provide materials as they did for the drug discount card but this is far more complicated than the card,” Ms. Carder-Thompson said.

According to Robert J. Hill, also of Reed Smith LLP, the CMS marketing guidelines on part D include a great deal of material that will affect physicians. For example, enrollment cannot be taken at the point of care, such as a physician's office. If physicians offer their patients information on any part D plan then they must offer information on all available part D plans.

CMS has not released the final version of its marketing guidelines, and Mr. Hill expects these issues to be dealt with in more detail in the second part.

Once Part D becomes effective, doctors will face a different set of concerns, Ms. Carder-Thompson said.

When a plan doesn't cover a prescribed drug, physicians will need to provide supporting statements in order to get an exception, but many details are not clear at this time.

SAN DIEGO — Physicians will face many questions about new Medicare Part D benefit in coming months as patients decide whether to enroll and which plan to select in the voluntary prescription drug program, Elizabeth Carder-Thompson said at the annual meeting of the American Health Lawyers Association.

CMS has begun posting informational resources on its Web site, and additional materials will become available over the next few months. The best resource at this time is the “Outreach Toolkit,” available by download or on CD-ROM, said Ms. Carder-Thompson, a lawyer with Reed Smith LLP.

“The Outreach Toolkit doesn't answer all the questions we want answered, but it's a good start,” she said.

Enrollment for Part D begins on Nov. 15, 2005, and patients must enroll by May 15, 2006, or face a financial penalty when they do.

The coverage goes into effect Jan. 1, 2006, and the interim discount drug card program ends at that time. This means Medicare beneficiaries will need to make fairly complicated choices within a short time.

There will be at least two part D prescription drug plans available in each geographic area, and plans may include several subplans.

A Kaiser Family Foundation survey, conducted March/April 2005, found that seniors are more likely to turn to their doctor (49%) or pharmacist (33%) for help in making these decisions, rather than to Medicare information sources (23%). About two-thirds (68%) of those surveyed said they did not have a good understanding of the new benefit.

In October 2005, Part D plans will start to send marketing materials. CMS will distribute its “Medicare and You,” handbook to all beneficiaries via mail, with a description of the new benefit. A “Plan Comparison Web Tool” and “Medicare Personal Plan Finder” will be posted at www.medicare.gov

“CMS says it will provide materials as they did for the drug discount card but this is far more complicated than the card,” Ms. Carder-Thompson said.

According to Robert J. Hill, also of Reed Smith LLP, the CMS marketing guidelines on part D include a great deal of material that will affect physicians. For example, enrollment cannot be taken at the point of care, such as a physician's office. If physicians offer their patients information on any part D plan then they must offer information on all available part D plans.

CMS has not released the final version of its marketing guidelines, and Mr. Hill expects these issues to be dealt with in more detail in the second part.

Once Part D becomes effective, doctors will face a different set of concerns, Ms. Carder-Thompson said.

When a plan doesn't cover a prescribed drug, physicians will need to provide supporting statements in order to get an exception, but many details are not clear at this time.

SAN DIEGO — Under the federal Health Insurance Portability and Accountability Act, physicians are permitted to share protected health information with medical device companies, according to Robert M. Keenan, a health lawyer based in Atlanta.

The Department of Health and Human Services Office for Civil Rights, which is responsible for enforcing HIPAA privacy regulations, recognizes the need for disclosures to device manufacturers who are counseling physicians about patient care and thereby acting as health care providers. Under these circumstances, a special authorization or business associate agreement is not needed.

“Historically, physicians share information with device companies,” Mr. Keenan said during the annual meeting of the American Health Lawyers Association. “Sales representatives may be experts on the use of a device, and it's common for surgeons to ask them questions about how to implant a device.”

The Office for Civil Rights has provided specific guidance on sharing patient information. For example:

▸ A manufacturer's representative may be present in the operating room to provide support and guidance regarding the appropriate use, implantation, calibration, or adjustment of a medical device.

▸ A manufacturer's representative may view films or patient records to provide consultation, advice, or assistance with a particular patient's treatment.

▸ A “covered provider” under the HIPAA law may share protected health information—but only the necessary minimum amount—with a device company, so that the company can receive payment for health care services.

Information for physicians about HIPAA is available at www.hhs.gov/ocr/hipaa/

SAN DIEGO — Under the federal Health Insurance Portability and Accountability Act, physicians are permitted to share protected health information with medical device companies, according to Robert M. Keenan, a health lawyer based in Atlanta.

The Department of Health and Human Services Office for Civil Rights, which is responsible for enforcing HIPAA privacy regulations, recognizes the need for disclosures to device manufacturers who are counseling physicians about patient care and thereby acting as health care providers. Under these circumstances, a special authorization or business associate agreement is not needed.

“Historically, physicians share information with device companies,” Mr. Keenan said during the annual meeting of the American Health Lawyers Association. “Sales representatives may be experts on the use of a device, and it's common for surgeons to ask them questions about how to implant a device.”

The Office for Civil Rights has provided specific guidance on sharing patient information. For example:

▸ A manufacturer's representative may be present in the operating room to provide support and guidance regarding the appropriate use, implantation, calibration, or adjustment of a medical device.

▸ A manufacturer's representative may view films or patient records to provide consultation, advice, or assistance with a particular patient's treatment.

▸ A “covered provider” under the HIPAA law may share protected health information—but only the necessary minimum amount—with a device company, so that the company can receive payment for health care services.

Information for physicians about HIPAA is available at www.hhs.gov/ocr/hipaa/

SAN DIEGO — Under the federal Health Insurance Portability and Accountability Act, physicians are permitted to share protected health information with medical device companies, according to Robert M. Keenan, a health lawyer based in Atlanta.

The Department of Health and Human Services Office for Civil Rights, which is responsible for enforcing HIPAA privacy regulations, recognizes the need for disclosures to device manufacturers who are counseling physicians about patient care and thereby acting as health care providers. Under these circumstances, a special authorization or business associate agreement is not needed.

“Historically, physicians share information with device companies,” Mr. Keenan said during the annual meeting of the American Health Lawyers Association. “Sales representatives may be experts on the use of a device, and it's common for surgeons to ask them questions about how to implant a device.”

The Office for Civil Rights has provided specific guidance on sharing patient information. For example:

▸ A manufacturer's representative may be present in the operating room to provide support and guidance regarding the appropriate use, implantation, calibration, or adjustment of a medical device.

▸ A manufacturer's representative may view films or patient records to provide consultation, advice, or assistance with a particular patient's treatment.

▸ A “covered provider” under the HIPAA law may share protected health information—but only the necessary minimum amount—with a device company, so that the company can receive payment for health care services.

Information for physicians about HIPAA is available at www.hhs.gov/ocr/hipaa/