The Affordable Care Act, or Obamacare, is bringing major changes to the healthcare industry, such as electronic health records, the transition to ICD-10 coding standards and outcome-based healthcare.
As a result of these changes, most medical group IT administrators will be forced to turn to outside IT contractors, such as network service providers, for help migrating to new systems and platforms.
That is the view of Ted Devine, CEO of online insurance agent TechInsurance. "IT consultants and network service providers will be a crucial part of the adoption of Obamacare mandates for the foreseeable future," he said. "But because they're working in such a highly regulated industry, it's crucial that IT administrators heavily vet contractor credentials before hiring."
Devine says these outside contractors bring with them significant – but readily addressed – new risks, which is why TechInsurance has put together a comprehensive three-step risk management guide for healthcare providers looking to hire a new network service provider.
The first step is to make sure contractors are Health Insurance Portability and Accountability Act (HIPAA)-compliant: HIPAA calls for physical, administrative, and technical safeguards for sensitive patient information, and requires that the contractors and subcontractors they work with meet these data security guidelines as well.
Secondly, it is important to make sure contractors are HITECH-aware: Healthcare providers must implement electronic health records (EHRs) by 2015. To incentivize swift adoption, the Health Information Technology for Economic and Clinical Health (HITECH) Act makes available direct payments to healthcare providers who demonstrate "meaningful use" of EHRs.
As such, contractors and network service providers should not only understand how to implement systems for EHRs, but also be able to document meaningful use of those systems. Thirdly, check for liability insurance: because of the significant liability exposure in handling sensitive patient information, healthcare providers should require network service providers to hold robust liability insurance policies, demonstrating they can afford the financial costs associated with non-compliance.
Devine added that failing to address this risk can potentially result in lawsuits, fines, and closure.
Obamacare, Affordable Care Act, ACA, ICD-10, electronic health records
