Ohio Health Information Management Association - Legislative Updates

Red Flags Exception Passes House
Posted October 29, 2009

On October 20 the US House passed a bill exempting healthcare practices with 20 or fewer employees from complying with the Red Flags Rule. The rule, which takes effect November 1, requires that many businesses create and implement written identity theft prevention programs. The bill was introduced October 8 and quickly passed with unanimous approval under suspension of the rules. It was then referred to the Senate Committee on Banking, Housing, and Urban Affairs.

AHIMA has sent a letter to the Senate committee contending that excluding any portion of these medical practices from the Red Flags rule would make them an even larger target for identity theft and would hamper efforts to raise awareness of identity theft and its impact on healthcare fraud. Read more on the Journal of AHIMA Web site, including links to the legislation.

AHIMA Posts Analysis of FY 2010 Hospital Inpatient PPS Final Rule
Posted October 22, 2009

AHIMA’s analysis of the final rule regarding FY 2010 revisions to the Medicare hospital inpatient prospective payment system (PPS) has been posted on the AHIMA Web site. The final rule was published in the August 27 issue of the Federal Register and took effect on October 1. Access AHIMA’s analysis of the final rule.

Senate Finance Committee Passes Baucus Healthcare Reform Plan
Posted October 16, 2009

After several weeks of marking up the unnumbered “America’s Healthy Future Act of 2009,” the Senate Finance Committee passed the healthcare reform proposal by a vote of 14-9, including the vote of Senator Olympia Snowe (R-ME), the lone Republican to lend support. Drafted by Senator Max Baucus (D-MT), chair of the committee, the Congressional Budget Office (CBO) projects that the $829 billion legislation is projected to insure approximately 94 percent of Americans under age 65. The CBO is using 10-year projections. Before the full Senate can act on healthcare reform, the legislation will need to be merged with S. 1679, the “Affordable Health Choices Act,” which passed the Senate Health, Education, Labor and Pensions (HELP) Committee on July 15. The Senate hopes to have a combined measure considered on the Senate floor within the next few weeks. Both the Senate Finance bill and the Senate HELP bill contain healthcare administrative simplification provisions supported by AHIMA.

HHS Posts Breach Notification Forms
Posted October 16, 2009

The Department of Health and Human Services (HHS) has now posted forms for the reporting of information concerning breach of personal health information as required under the recently implemented breach notification rule. The electronic forms and limited instructions are located on the Office of Civil Rights Web site, under the heading “Health Information Privacy.” The HHS breach notification rule and these forms apply to HIPAA covered entities including business associates.

Analysis of FTC Breach Notification Requirements Posted
Posted September 17, 2009

An analysis of the Federal Trade Commission’s (FTC’s) final rule on health breach notification has been posted on the AHIMA Advocacy and Policy Web page. The analysis applies to the FTC final rule published in the August 25 Federal Register. This FTC rule relates to entities associated with electronic personal health information products but not covered by HIPAA. An analysis on a similar rule published by the Department of Health and Human Services (HHS) as an interim final rule is also published at the AHIMA site. View a copy of the final rule from the FTC. Both the FTC and HHS rules become effective next week.

CMS Publishes Draft Version of MS-DRGs for ICD-10-CM/PCS
Posted September 17, 2009

The draft version of v26.0 of MS-DRGs converted to ICD-10-CM/PCS is posted on the Centers for Medicare and Medicaid Services (CMS) Web site in full code and condensed code formats. This project was an exercise to evaluate the effectiveness of the general equivalence mappings (GEMs) and to learn how best to use them in converting data. The GEMs are a tool that assist in converting ICD-9-CM codes to the relevant ICD-10-CM/PCS codes (forward mapping) and ICD-10-CM/PCS codes back to the relevant ICD-9-CM codes (backward mapping). The GEMs were developed to assist CMS as well as all other data users who would need to convert ICD-9-CM data or payment systems to ICD-10-CM/PCS codes.

HHS Awards AHIMA Foundation $1.2M for State-level Health Information Exchange Consensus Project
Posted September 3, 2009

The US Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology has awarded the AHIMA Foundation a one-year, $1.2 million grant to continue the State-level Health Information Exchange Consensus Project to actively assist states with nationwide health information exchange (HIE) adoption, planning, and implementation. This supports the opportunities presented by the American Recovery and Reinvestment Act to advance HIE development in a way that has a positive impact on healthcare. Read the press release.

CMS Prepares for Measure Reporting through EHRs
Posted September 3, 2009

The Centers for Medicare and Medicaid Services (CMS) is taking additional action to pave the way for hospitals to transmit clinical quality measures to the agency via electronic health records systems.

In its proposed rule published in May to establish the 2010 hospital inpatient Medicare prospective payment system, CMS explained its intent to start a voluntary testing program to submit via electronic health records (EHRs) certain standardized data elements for the Reporting Hospital Quality Data for Annual Payment Update (RHQDAPU) program. The elements would cover stroke, venous thromboembolism, and emergency department throughput.

Now the agency is seeking public comment on voluntary testing with up to 55 facilities, with comments due by October 27. The data measures collected via EHRs would not substitute for submission of data elements required under RHQDAPU under current processes.

"The results of this voluntary testing process will enable CMS to assess the feasibility of collecting data elements via electronic health records as a future alternative to submission of manually abstracted chart data elements by hospitals, thereby potentially reducing the administrative burden associated with submission of quality measures for the RHQDAPU program," according to a notice published August 28 in the Federal Register.

HHS Breach Notification Rule
Effective September 23
Posted August 25, 2009

The much-anticipated interim final rule on breach notification for unsecured protected health information was published in the August 24 Federal Register (Vol. 74, No. 162, page 42740) by the Department of Health and Human Services (HHS). The rule becomes effective September 23 and covers all HIPAA-covered entities and HIPAA-related business associates. A separate rule is expected any day from the Federal Trade Commission (FTC) which will affect non-HIPAA related entities. Both rules stem from the American Recovery and Reinvestment Act (ARRA), signed into law on February 17.

The new breach notification interim rule provides updated guidance specifying the technologies and methodologies that render protected health information (PHI) unusable, unreadable, or indecipherable to unauthorized individuals. The new rule will be added as subpart D to part 164 of title 45 of the Code of Federal Regulations, and as such some of the definitions associated in part 164 will be moved accordingly.

Specifically, the breach notification rule identifies what is a breach of PHI information; how an entity might investigate an incident to determine the breach, and what steps the entity must follow should it be determined that a breach has occurred. A verified breach requires notification, as defined in the rule, of the affected individual(s) within a 60-day time period from when the breach is discovered (defined in the rule) as well as notification to HHS and potentially the media. In providing discussion of the rule, HHS also notes and comments on situations where the federal rule may reside side by side with a state breach notification rule.

Since this is an interim final rule, HHS will be taking comments via the Office of Civil Rights. There are two deadlines:

Comments on the provisions of the rule are due on or before October 23

Comments on the information collection requirements associated with the rule are due on or before September 8

Instructions on how to comment as well as the full text of the interim rule can be found in the August 24 Federal Register.

AHIMA has developed a number of resources to assist members with the breach notification requirements. Look for an analysis of the interim final rule in the next week, as well as AHIMA’s comments in the near future.

FTC Issues Final Rule for Breach Notification
Posted August 20, 2009

The Federal Trade Commission (FTC) has released a final rule requiring vendors of personal health records (and entities that offer third-party PHRs) to notify consumers when the security of their PHR data is breached. Despite efforts of the FTC and the Department of Health and Human Services to harmonize separate rules governing notification of breaches, the FTC rule will require considerable study. View the display copy of the rule. The rule will be published in the Federal Register soon, at which time it will become official.

HHS Moves HIPAA Security Enforcement to OCR
Posted August 6, 2009

Secretary of the Department of Health and Human Services (HHS) Kathleen Sebelius has announced a move of the enforcement of the HIPAA security regulations to the HHS Office of Civil Rights effective immediately. The July 27 directive was published in the August 4 Federal Register. Enforcement of the security regulations had been given to the Centers for Medicare and Medicaid Services (CMS) in October 2003, and has been discharged by the CMS Office of Electronic Security and Standards. The recent American Recovery and Reinvestment Act has provided added emphasis on information security and increased the enforcement actions that can be taken under HIPAA..

Inpatient PPS Final Rule on Display
Posted August 6, 2009

The hospital inpatient PPS (IPPS) final rule for fiscal year 2010 was posted for public inspection at the Office of the Federal Register on July 31. It will be published in the Federal Register on August 27. The Centers for Medicare and Medicaid Services (CMS) has decided not to implement a documentation and coding adjustment for fiscal 2010 until it has a full year of fiscal 2009 data. In the proposed IPPS rule for fiscal year 2010, CMS proposed to reduce future rates based on the observed increase in spending due to documentation and coding that occurred in fiscal 2008. However, information on the extent of documentation and coding effects on 2009 spending is not yet known. Based on a complete analysis of fiscal 2008 and fiscal 2009 data, CMS will consider phasing in future adjustments over an extended period beginning in fiscal 2011. In its comments on the proposed rule, AHIMA had opposed the proposed documentation and coding adjustment. Read AHIMA’s comment letter.

The final rule adds four new quality measures for which hospitals must submit data under the Reporting Hospital Quality Data for Annual Payment Update program to receive the full market basket update. View a copy of the IPPS final rule.

Senate Finance Committee Still Awaiting Turn for Healthcare Reform
Posted August 6, 2009

With the House Energy and Commerce Committee completing their consideration of healthcare reform, the Senate Finance Committee remains the lone congressional committee that has not completed formal consideration. The finance committee has yet to even begin its formal consideration of legislation but that does not mean it has not been active. The committee has been in negotiations to develop healthcare reform legislative language led by the so-called “G-6” group of members including chairman Senator Max Baucus (D-MT), ranking minority member Senator Charles Grassley (R-IA), and Senators Kent Conrad (D-ND), Jeff Bingaman (D-NM), Michael Enzi (R-WY), and Olympia Snowe (R-ME). The Democratic leadership in the Senate hopes to achieve a bipartisan deal by the time the Senate returns in September.

Inpatient Rehabilitation Facility FY 2010 Payment, Policy Updates Announced by CMS
Posted August 6, 2009

The Centers for Medicare and Medicaid Services (CMS) issued a final rule that updates inpatient rehabilitation facility (IRF) payment rates for fiscal 2010 and adopts a new regulatory framework that clarifies the coverage criteria for IRFs that will be effective on January 1, 2010. The coverage criteria provisions in the final rule establish requirements for preadmission screening of potential IRF patients, through which a facility can document that a patient is eligible for intensive rehabilitation services in an IRF setting, post-admission treatment planning requirements, and ongoing coordination of care requirements. Visit the CMS site for more information.

Final Rule for Skilled Nursing Facility FY 2010 Payment Rates Posted by CMS
Posted August 6, 2009

Last week, CMS announced adjustments to fiscal year (FY) 2010 payment rates to better reflect the cost of caring for Medicare beneficiaries in nursing homes. The final rule calls for payments to Medicare skilled nursing facilities to be reduced by $360 million, or 1.1 percent lower than payments for FY 2009. This adjustment to nursing facility payments is an effort to rebalance an earlier adjustment to the case-mix indexes and better align Medicare payments with costs. In addition to the payment rates update, the final rule also establishes a revised case-mix classification methodology and implementation schedule for FY 2011 and includes information on the transition to the minimum data set, version 3.0, including an implementation schedule. Visit the CMS site for more information.

FTC Announces Delay in Red Flags Rule Enforcement
Posted July 30, 2009

On the eve of the Federal Trade Commission’s (FTC’s) Red Flags Rule becoming effective, the Commission has announced that it will hold back on enforcing the requirements and additional three months until November. During this time the FTC indicates that it will continue its efforts to educate the affected parties on the rules designed to prevent identity theft. Healthcare providers became aware of the FTC’s intent about a year ago, and many small providers have expressed concern on how they would be able to meet the requirements of the rule while the FTC has indicated its concern that healthcare-related records (administrative and clinical) could be an excellent source of information for fraud. The FTC maintains a Red Flags Rule Web site designed to assist affected organizations in compliance with the rules.

AHIMA Officially Opens First Global Services Office
Posted July 30, 2009

This week AHIMA announced the official opening of a Global Services Office in Brussels, Belgium, establishing itself as the first multinational membership association serving HIM professionals on a global scale. AHIMA selected Brussels, in part, because of the city’s worldwide status as the European Union’s hub for top decision-making institutions. However, the decision to extend its outreach globally was rooted in the Association’s long-standing commitment to accurate health information internationally as the surest means of securing high- quality healthcare. In addition, AHIMA sees its multinational outreach as the proper response to globalization trends and implications in healthcare including digitization, e-health, cross-border care, medical travel and telemedicine.

“We believe that viable health information management (HIM) is necessary for the safe delivery of effective, quality healthcare, and that it should be recognized and practiced around the world,” said AHIMA President Vera Rulon. “For a while now, AHIMA has been actively looking into new development opportunities that promise to serve healthcare consumers as well as the greater healthcare community.” Rulon said just as important is the ability of AHIMA’s transnational outreach to advance HIM’s industry standards, grow its certified workforce, and accredit the educational systems required to advance the HIM practice around the globe. Read the press release.

Senate HELP Continues Health Reform Mark-Up: House Publishes Draft Bill
Posted June 25, 2009

The Senate Health, Education, Labor and Pensions (HELP) Committee has continued its mark-up of healthcare reform, the “Affordable Healthcare Choices Act.” The committee is slowly winding its way through numerous amendments and will even be considering an AHIMA-supported amendment to streamline the HIPAA standards adoption and development process. AHIMA has also been working with Senate and House staff on legislative language to reauthorize and expand allied health education programs under the Health Services and Resources Administration (HRSA). Senate HELP Democrats are hoping to finish the mark-up this week. The Senate Finance Committee will start their mark-up of healthcare reform after the July 4 recess. Although the House has not yet formally scheduled its consideration of healthcare reform, a draft bill is available.

CMS Issues Scam Alert
Posted June 25, 2009

The Centers for Medicare and Medicaid Services (CMS) has become aware of a scam where perpetrators are sending faxes to physician offices posing as the Medicare carrier or Medicare administrative contractor (MAC). The fax instructs physician staff to respond to a questionnaire to provide an account information update within 48 hours in order to prevent a gap in Medicare payments. The fax may have the CMS logo and/or the contractor logo to enhance the appearance of authenticity.

Medicare FFS providers (including physicians and non-physician practitioners) should be wary of this type of request. If you receive a request for information in the manner described above, please check with your contractor before submitting any information. Medicare providers should only send information to a Medicare contractor using the address found in the download section of the CMS Web site.

ONC Release Stimulus Time Table
Posted May 28, 2009

Citing its obligations to “act swiftly but thoughtfully” the Office of the National Coordinator (ONC) recently released an American Recovery and Reinvestment Act (ARRA) implementation plan to the public. The plan outlines over all implementation timelines and funding for both itself and other federal agencies. Included are timelines for issuing reports, rules, and guidelines for federal healthcare IT programs under the stimulus act. Although comprehensive, it does not address the definition of “meaningful use” or give any indication for a deadline as to when that definition may be provided. It also fails to provide guidance on certification and testing procedures for EHR systems. Read the full document (PDF).

Red Flags Rule Delayed until August 1
Posted May 7, 2009

The Federal Trade Commission (FTC) has delayed the enforcement date of the Red Flags rule until August 1. The final rule was published in the November 9, 2007 Federal Register. This regulation requires creditors and financial institutions, including those in the healthcare industry, to develop identity theft prevention programs. Last year, the FTC announced that it would consider healthcare providers to be creditors when they accept insurance and bill patients after services are rendered for any amounts that insurance does not pay, or if they regularly allow patients to set up payment plans after services have been rendered. It was originally scheduled to begin enforcement of this requirement on November 1, 2008, but due to concerns expressed by the healthcare community, the enforcement date was extended until May 1, and now delayed again. Read the announcement on the extension. The FTC has also established a dedicated Web site for information on the rule at http://www.ftc.gov/redflagsrule.

Hospital Inpatient PPS Proposed Rule for FY 2010 on Display
Posted May 7, 2009

The hospital inpatient prospective payment system (PPS) proposed rule for fiscal year (FY) 2010 has been placed on display at the Federal Register and is expected to be published on May 22. The Centers for Medicare and Medicaid Services (CMS) are proposing to make an adjustment of 1.9 percentage points for FY 2010 to remove the effect of increases in aggregate payments due to changes in hospital coding practices, as a result of adoption of the MS-DRG system, that do not reflect increases inpatients’ severity of illness. No changes to the list of hospital-acquired conditions or the payment implications of the present on admission indicator reporting options are being proposed for FY 2010. The proposed rule adds four new quality measures for which hospitals must submit data under the Reporting Hospital Quality Data for Annual Payment Update (RHQDAPU) program to receive the full market basket in FY 2011. CMS is also proposing to modify the RHQDAPU validation requirement starting with FY 2012 to improve the reliability and quality of the process.

CMS will accept comments on the proposed rule until June 30 and will respond to comments in a final rule to be made publicly available no later than August 1. Click here to submit comments electronically. Follow the instructions for "Comment or Submission" and enter the file code CMS-1406-P to submit comments on this proposed rule. AHIMA will be preparing written comments. Access the display copy of the proposed rule.

FTC Seeks Public Comment on Proposed Personal Health Record Breach Notification Rule
Posted April 23, 2009

The American Recovery and Reinvestment Act establishes the first federal requirements on health data breach reporting and notification. It assigns the Department of Health and Human Services to oversee organizations that qualify as covered entities and business associates under HIPAA. The Federal Trade Commission (FTC) is required to issue rules requiring vendors of personal health records and related entities to notify individuals when the security of their individually identifiable health information is breached. The FTC is seeking public comment on the proposed personal health records breach notification rule. All public comments must be received on or before June 1. The AHIMA Practice Councils will be reviewing and commenting on the proposed rule. To review the notice of proposed rulemaking and learn how to submit a public comment visit the Federal Register.

HHS Releases Guidance on Protected Health Information—ARRA
Posted April 23, 2009

The Department of Health and Human Services (HHS) released guidance specifying the technologies and methodologies that can be used to render protected health information (PHI) unusable, unreadable, or indecipherable. The HHS guidance was issued as required under the recently passed American Reinvestment and Recovery Act (ARRA), and is associated with that Act’s requirements related to breach notification. In releasing the guidance, HHS also requested comments that will be considered as the Department moves toward interim final regulations related to breach notification this summer. A copy of the new guidance can be found at the HHS Office of Civil Rights Web site. AHIMA is in the process of reviewing the guidance with its Privacy and Security Practice Council and will be responding to the HHS request for comments. The HHS release comes one day after the Federal Trade Commission released similar guidance for non-HIPAA entities that use PHI. .

IHTSDO, HL7 Announce Collaboration
Posted April 16, 2009

Prominent healthcare standards organizations have recently established formal collaboration agreements to advance sharing of health information. Health Level Seven (HL7) and the International Health Terminology Standards Development Organization (IHTSDO) have announced a collaboration agreement that will foster interoperability by eliminating gaps and overlaps between HL7 and IHTSDO standards. Both organizations plan to work within the context of the International Organization for Standardization (ISO) Technical Committee 215 (ISO/TC215) joint initiative on SDO Global Health Informatics Standardization. Click here for information.

Joint Commission’s Updated Hospital COP-related Requirements
Posted April 3, 2009

In January 2009, The Joint Commission posted 165 new and revised requirements as part of its hospital deeming application to the Centers for Medicare and Medicaid Services (CMS). Following successful discussions with CMS, a number of those requirements were considered equivalent to existing elements of performance or were already addressed in The Joint Commission survey process. As a result, the number of new and revised requirements has been reduced to 87. These updated conditions of participation-related requirements are posted online, along with a side-by-side comparison between the standards posted on January 5 and the March 26 release.

Hospitals will be surveyed on these requirements from April 6–June 30; however, non-compliance will not impact the accreditation decision. Hospitals will receive feedback separate from the official accreditation decision report on their efforts to meet these requirements. Beginning July 1, non-compliance will impact the accreditation decision.

Organizations should note that CMS’ final decision regarding the deeming application will be made later this year, and there may be further changes to the standards based on that decision. The Joint Commission remains confident that it will receive deeming authority. To view the requirements, visit the Joint Commission Web site.

Be Prepared for Changes in Accounting for All Disclosures
Posted March 27, 2009

Covered entities and their business associates that use electronic health records (EHRs) will be required to account for all disclosures of protected health information under a provision in the new American Recovery and Reinvestment Act. This includes disclosures made for purposes of treatment, payment, and healthcare operations—actions currently exempted under HIPAA.

Covered entities shopping for EHR systems should be aware of the new requirements. Those that purchase systems after January 1 of this year must be compliant with the new rule by January 1, 2011. Read more online at the Journal of AHIMA Web site.

ICD-10 and Electronic Transaction Standards Final Rules Become Effective March 17
Posted March 16, 2009

On January 15, the US Department of Health and Human Services released two final rules that will facilitate the United States’ ongoing transition to an electronic healthcare environment through adoption of ICD-10-CM and ICD-10-PCS and updated standards for electronic healthcare and pharmacy transactions. The effective date for both of these regulations is March 17. In accordance with the White House Chief of Staff’s memorandum of January 20, entitled “Regulatory Review,” which outlined a regulatory review process for new regulations published in the Federal Register prior to the start of the Obama Administration, a determination has been made that the effective date will not be extended and the comment period will not be reopened for either of these rules. The effective date is the date that the policies in the regulations take effect and new policies are considered to be officially adopted.

ODH Sets 2009 Medical Record Copying Fees
Posted February 9, 2009

The Ohio Department of Health (ODH) has determined what hospitals can charge for copying medical records in 2009. Click Here for details.

$20 Billion Allotted for Health IT in Economic Stimulus Proposal
Posted January 22, 2009

The House Ways and Means Committee has drafted legislation that includes $20 billion for health information technology (IT) to be included in the developing economic stimulus package. The health IT legislation calls for a range of elements including:

Codification of the Office of the National Coordinator for Health Information Technology
Investing $20 billion in health IT infrastructure and Medicare and Medicaid incentives to encourage doctors and hospitals to use health IT
Provisions for improvements for quality of care and care coordination, and reductions in medical errors and duplicative care
Privacy and security provisions that:
- Establish a federal breach notification requirement
- Expand privacy and security rules to a range of non-covered entities
- Allow patients to request audit trails for disclosures from their electronic health record
- Prohibit sale of patient information without their authorization
- Require providers to attain patient authorization for fundraising and marketing activities
- Expand enforcement and increase penalties for violations.

The development of the stimulus plan continues to be a very fluid situation and we will continue to keep you aware of the developments regarding this important legislation. AHIMA will also continue to work with Congress on a range of provisions included in the stimulus legislation including those related to the health information management and informatics work force.

HHS Publishes HIPAA Transaction Final Rule
Posted January 22, 2009

The final rule for modifications to the HIPAA electronic transaction standards was published by HHS in the January 16 Federal Register (74FR3296). The rule for the most part will become effective on March 17; the exception is for subrogation of pharmacy claims paid by Medicaid. There are several compliance dates depending on the covered entity and its size which will be described in a future analysis, but healthcare providers should prepare to be compliant by April 1, 2010. The modifications call for upgrading HIPAA X12 4010 standards for version 5010 and NCPDP standard to D.0. The release of this final notice coincides with that for adoption of ICD-10-CM and ICD-10-PCS. The new HIPAA standards will be able to recognize the various ICD versions and also will accommodate industry requested revisions that have been requested over the last six years.

HHS Publishes ICD-10-CM/PCS Final Rule
Posted January 22, 2009

The Department of Health and Human Services (HHS) published the final rule regarding the adoption of ICD-10-CM and ICD-10-PCS in the January 16 Federal Register. The compliance date for implementation of ICD-10-CM and ICD-10-PCS as a replacement for ICD-9-CM is October 1, 2013. Maps between ICD-9-CM and ICD-10-CM and ICD-10-PCS are already available and will facilitate conversion to the ICD-10 code sets. The ICD-9-CM Coordination and Maintenance Committee, which will be re-named the “ICD-10 Coordination and Maintenance Committee” once ICD-10-CM and ICD-10-PCS are implemented is the public forum that will be used to discuss updates to the ICD-10 code sets. This committee will consider issues such as maintenance of the maps and a possible moratorium on updates to the ICD-9-CM, ICD-10-CM, and ICD-10-PCS code sets in anticipation of implementation of the ICD-10 code sets.

Click here to access the final rule. For up-to-date information and resources pertaining to ICD-10-CM/PCS implementation, go to AHIMA’s ICD-10 Web page.

2009 ICD-10 Files Posted on the CMS Web Site
Posted January 8, 2009

The Centers for Medicare and Medicaid Services (CMS) Web site has been updated with the 2009 version of the general equivalence mappings, updated version of ICD-10-PCS, reimbursement mappings, sample of MS-DRGs converted to ICD-10, and the respective user guides found here.

HHS Secretary Announces New Privacy Principles
Posted January 8, 2009

Before a packed audience attending the Nationwide Health Information Network Forum in December, HHS Secretary Michael Leavitt announced his department’s long-awaited privacy principles closely associated with health information exchange (HIE). “Finding the balance between increased access to information and privacy is very important. If we don’t have it, we won’t succeed,” Leavitt emphasized. “Consumers shouldn’t be in a position to have to accept privacy risks they don’t want. Each consumer should be able to choose products and services that best fit their health needs and privacy preferences.”

The secretary highlighted eight principles that should extend to consumer personal health information (PHI) use no matter where the information is located or transmitted:

simple and timely individual access to their PHI;

correction or amendment of inaccurate or erroneous information in their record;

openness and transparency as to the policies and practices related to information collection, use, and disclosure;

individual choice about with whom, when, and how PHI is or is not shared;

limitation on the collection, use, and disclosure of PHI to “specified purpose”;

record holders must take reasonable steps to ensure data integrity;

PHI should be protected with administrative, technical, and physical safeguards; and

accountability for the stewardship of the PHI by all handlers of that information.

In addition to releasing the principles, “Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information,”the secretary also announced several tools to help consumers and HIEs advance toward privacy protection and consumer access to their information. These principles and tools can be found at http://www.hhs.gov/healthit/privacy/.