HIPAA Compliance and the HITECH Act in 2018
The Health Information Technology for Economic and Clinical Health Act (HITECH), though signed into law by President Obama in February of 2009, continues to affect healthcare document sharing today. As healthcare providers look for ways to streamline electronic health record sharing while still being compliant with the HITECH Act, blockchain solutions are coming to the fore.
Many feel blockchain technology will revolutionize data sharing. Blockchain is a distributed system for storing and accessing data. Though most are aware of this technology in relationship to cryptocurrencies, the possible use-cases for the healthcare industry are massive in scope.
To wit, the decentralized, secure leger is talked about positively in a white paper published by Deloitte. It states that blockchain can improve data interoperability, privacy, and security of private health-related documents.
Inoperability and secure integration in blockchain allows for ease of sharing while protecting client data. It also offers a discounted cost per transaction – i.e., every time a patient’s data needs to be shared, that normally time-consuming data retrieval process is expedited. Real time processing makes data sharing in this way not only HITECH compliant, but less expensive for healthcare providers.
Blockchain also reduces inconsistent data standards, inconsistent rules and permissions, and creates a rule-based method for accessing patient data that is permissioned and secure.
Legislation changes in the HITECH Act for 2018 will be made only after comments about the proposed updates from healthcare industry stakeholders are reviewed. This is an opportune time for HIPPAA privacy rules to meet with the increased security and scalability of blockchain; this technology is maturing just as HIPAA does.
With increased concern over payouts to clients for private data breaches, blockchain technology could make these incidents a thing of the past.
$5 million paid by Advocate Health Care Network in a data breach settlement, and Aetna having to pay $17 million in a similar wide-scope security breach early this year, are examples of why this technology could have such far-reaching implications. The current methods of securing data are clearly vulnerable.
While large healthcare organizations like Aetna state, “. . . we are implementing measures designed to ensure something like this does not happen again as part of our commitment to best practices in protecting sensitive health information,” using current methods of securing data continue to fall flat.
The most cutting edge way to secure data is through blockchain technology. Biometrics and other identity authentication tools are used to give access to data so that not just your patient has to give permission to retrieve it, but so do employees, partners, sales-channels, contractors, doctors and nurses. Data is protected from 3rd parties with encryption and obfuscation of the data until it is again retrieved from a permissioned person.
Companies wishing to be HIPPAA compliant in 2018 can turn to blockchain for securing sensitive patient data. Changes to HITECH legislation will only reflect this growing trend, and continue to support decentralized, permissioned blockchain frameworks to avoid costly data breaches.
In the future, we will likely also see information verified and authenticated as well as monetized on the same blockchain, so even payments for healthcare services will be streamlined and protected accordingly.