The HHS Office for Civil Rights nets a cool $34 million in a proposed budget from the Bush administration, but what amount will be used on privacy rule enforcement isn’t known.
The Health Insurance Portability and Accountability Act mandated steady increases in funding through 2003 — earmarked to the Health Care Fraud and Abuse Control Account — for enforcement agencies that take aim at Medicare and Medicaid fraud.
While some observers wondered whether funds for the HCFAC would begin to taper off once the HIPAA mandate expired, the administration’s budget keeps spending for 2004 in line with anticipated expenditures for 2003.
Under the proposed fiscal 2004 Health and Human Services budget, the Centers for Medicare & Medicaid Services would receive $10 million to begin activities related to enforcement of HIPAA’s transactions and code sets, security, and identifier rules, as well as the promulgation of a HIPAA enforcement rule. The budget would include $34 million in total spending for the Office for Civil Rights, the agency charged with enforce the privacy rule, though the amount appropriated for privacy rule enforcement was not disclosed.
To see the budget estimates, go to http://www.hhs.gov/budget/04budget/fy2004bib.pdf.
Kaiser called the plan the “largest ever transition to a paperless medical record system.” The plan would cost approximately $1.8 billion to revise its Automated Medical Records platform; it will use a “next-generation system” from Madison, WI-based Epic Systems Corporation, Kaiser announced.
The goal is to provide physicians and other health care staff with proper authorization instant access to patients’ medical records, as well as to give patients the ability to schedule appointments, request scrip refills and ask for referrals.
Kaiser said it was aware of the risks to patient privacy, but said the system will comply with the Health Insurance Portability and Accountability Act’s privacy and security rules. The HMO claims patient records would not be accessible to outside researchers or employers, and that the system protects against hacker attacks by employing appropriate security checks and audits.
“We are committed to protecting our patients’ privacy and fully complying with government privacy provisions. That is why we selected a system with state-of-the-art security, with many levels of password protection,” said Permanente Federation executive director Francis Crosson.