March 25, 2009, 5:40 PM — The stimulus package is like a good Easter egg hunt, you're sure to find a treat for yourself somewhere. VARs that target the healthcare market will be interested to know that the stimulus package includes amended rules on the Health Insurance Portability and Accountability Act (HIPAA). The new rules state that doctors must keep records of when they disclose any patient information; previously, doctors were able to sahre information on treatment, payment, or other healthcre reasons, without having to note timing information. Practices will also have to post a notice of any data security breach if ten or more patients are affected, and if 500 or more are affected, they must use a media outlet and notify HHS.
It's a small change, and it doesn't take effect until 2014. Nonetheless, HIPAA analysts and security experts are already saying that health care practitioners need to take action now. Sysetms will need to incorporate more detailed logging information, and older systems will have to be retrofitted to comply.
The good news is that there's money--specifically, $19.2 billion--for incentives to encourage healthcare providers to digitize patient records and deploy other healthcare technology. IBM is already encouraging its SaaS developers to take advantage of the provision.