In the news, the North American healthcare IT market is forecast to reach $31 billion by 2017. “Business associates,” as defined by the HIPAA Omnibus Rule, are advised to ensure that compliance programs are in place, and reports continue of healthcare data breaches — some resulting in financial penalties.
Healthcare IT Market Projected To Climb To $31.3 Billion
Research and Markets’ “North American Healthcare IT Market by Application Delivery Mode & Component — Forecasts to 2017” projects significant growth in the market. The firm estimates a CAGR of 7.4 percent with an increase from $21.9 billion in 2012 to $31.3 billion by 2017. The forecast attributes the growth to “demand for clinical information technology, administrative solutions, and services.”
Are You A “Business Associate”?
Dave Newell, director of CTG’s security solutions practice, spoke with HealthITSecurity.com for an article on building a HIPAA-compliant security program. In his comments on the HIPAA Omnibus Rule, he says one of biggest changes related to security is the rule about business associates. “We see a lot of companies that may be a data center provider or IT staffing provider, if they didn’t see HIPAA coming for them before, then they don’t see HIPAA coming for them now. There isn’t much of a way for them to find out, nor do they have a HIPAA compliance program in place,” he says.
EHR Provider Sued For Breach Of Contract
A Healthcare IT News article reports a Montana hospital has filed suit against NextGen Healthcare, alleging the EHR system the company provided does not meet 2014 Meaningful Use criteria. The suit also alleges the company did not install the system by the date specified in the software agreement. The article points out this is not the first time an EHR provider has been sued for breach of contract: in 2012, a Kansas medical center sued Cerner Corporation after alleging the company failed to meet certain requirements in its agreement.
Data Breaches Result In Fines
A physican practice in Massachsetts has been fined $150,000 following a data breach investigation. The resolution agreement also calls for correction action to address HIPAA compliance deficiencies. A gov.infosecurity.com article says the breach involved a thumb drive stolen from the vehicle of one of the practice’s staff members. The drive, containing patient information, was never recovered. The Department of Health and Human Services' Office for Civil Rights says this is the first time a HIPAA settlement relates to not fully complying with breach notification requirements. The article quotes Mac McMillan, CEO of the consulting firm CynergisTek, who says this should be a wake-up call for other organizations. "Understand the risk in your computing environment — and that includes mobile devices or media. And if you're going to put patient information on a mobile device or media, encrypt it." The article briefly discusses financial penalties in two other breach cases: a $50,000 penalty that resulted from the theft of a laptop and a $400,000 penalty following a disabled server firewall.
Study Intends To Show Benefits Of Smartphones For Home Care Aides
A Health IT Outcomes article reports Aetna Better Health of Illinois and Addus Home Care are planning a study on the impact of providing smartphones to home care aides. The pilot program intends to demonstrate the benefits of smartphones to report the health conditions of patients in real time as a prevention measure.
For more news and insights, visit BSMinfo’s Healthcare IT Resource Center.