Findings of our annual survey show how the federal stimulus law is driving project priorities
The American Recovery and Reinvestment Act of 2009 is known colloquially as the stimulus law.
When it comes to stimulating the attention of the healthcare industry, so far the law has lived up to its name.
It remains to be seen whether the premier healthcare information technology initiative of the sweeping, year-old stimulus law—its multibillion-dollar electronic health-record subsidy program—will work as planned.
Several key pieces still need to fall into place before Medicare and Medicaid, the programs handling the subsidies, will be ready to funnel an estimated $14 billion to $27 billion in net payments into the purchase and meaningful use of EHRs by hospitals and office-based physicians.
For example, there is only a proposed definition of meaningful use committed to writing. It wasn't released by the CMS until late last year, and David Blumenthal, head of HHS' Office of the National Coordinator for Health Information Technology, said at a recent federal IT advisory panel meeting that the CMS rule was “not set in stone.” View all IT survey charts
IT to take bigger bite of capital spending
Providers rate what's hot and what's not
PHRs, portals both popular and not so popular
Privacy issues still a concern
How we did it
Meanwhile, the procedure has not been adopted yet by the ONC for accrediting organizations capable of testing and certifying EHRs as having all the functions necessary to meet meaningful-use criteria. Federal privacy guidelines on how patients can control certain disclosures of their medical records are not yet in place. Further, the ONC just hired Georgetown University researcher Joy Pritts on Feb. 16 to the new, stimulus law-mandated position of chief privacy officer.
Yet, if findings from Modern Healthcare
's annual information technology survey are a fair guide, the stimulus law most certainly has drawn the attention of the provider portion of the healthcare industry.
Meaningful-use, interoperability and quality-reporting requirements, stiffer privacy and security requirements, breach notification standards—all IT areas addressed by the stimulus law—dominated this year's survey.
For example, meeting meaningful use was mentioned most often among a list of 19 IT priorities to be addressed in the next 24 months, selected by better than two-thirds of survey respondents.
Similarly, meaningful use ranked first among 21 possible “hot button” IT priorities, selected by 58% of survey participants (See related story detailing the “hot-button” issues).
The survey results also revealed a fair amount of skepticism and trepidation about stimulus law programs and requirements. A sizable minority, about 31% of respondents, indicated they question whether they'll be able to comply with the stimulus law's meaningful-use criteria, particularly during the first stage of the subsidy regime, where the initial criteria for the Medicare portions of the program will be the same for both the 2011 and 2012 payment years. (States, in coordination with the CMS, can set more-stringent meaningful-use criteria for their EHR subsidy programs under Medicaid.)
That minority of respondents answered that they either were unsure, somewhat unlikely or highly unlikely to be able to meet the meaningful-use requirements in time for the initial payments to begin in 2011. The number of skeptics dropped to about 14% of survey respondents for the 2013 and 2015 payment years.
Similarly, while a plurality (46%) of respondents indicated they thought their organizations would benefit from a stimulus law-funded regional IT extension program, 42% were unsure and 12% didn't believe it would be beneficial.
Healthcare data privacy and security rules that were stiffened and broadened by the stimulus law also emerged as a cause of concern among some survey participants, particularly the heightened responsibilities the new law places on handlers of patient information in the event of a data breach.
John May, chief financial officer at 41-bed Wetzel County Hospital, New Martinsville, W.Va., may be typical of many survey respondents this year.
“Our biggest challenge is going to be to get compliant with the ARRA,” May says. For now, however, he says, “We're nowhere near that, and a lot of it is going to depend on our vendor being in compliance.”
“We'll make it over the total term of this thing, but whether or not we'll make it in year one, we're not sure,” May says. “We're not a critical-access hospital, but we're a small hospital, so I'm not sure how we're going to get this money at this point.”
The way May sees it, providers are co-dependent with their IT system vendors, and that feeling of not fully being the master of your own stimulus ship contributes to the anxiety problem. In May's case, his partner is Computer Programs and Systems Inc., or CPSI, based in Mobile, Ala.
“I'm just praying that CPSI is going to meet the requirement or we're going to be sunk,” May says. “Our canoe's going down.”
“All the hospitals are in kind of the same boat,” he adds. “Whoever your vendor is, they're the ones who are going to have to meet that challenge. It's going to be driven by whether our vendor is going to get there.”
If not, May says, “We'd have to do a complete changeover” to a different vendor's IT system at a cost that he estimates would be between $1 million and $2 million for his hospital.
Time is truly crucial with the stimulus law, according to William Bria, chief medical information officer for the Shriners Hospitals for Children system based in Tampa, Fla., and chairman of the Association of Medical Directors of Information Systems, or AMDIS, a professional association for physicians in applied medical informatics. And time isn't on the side of the government or providers.
The clock starts Oct. 1, 2010, on the first “payment year” for EHR subsidies under the Medicare portion of the program. Penalties for noncompliance with meaningful use kick in after 2015.
“I think the public face that most everybody is trying to put on it is that they want to get the dollars and want to be in compliance with the best safety and quality metrics around,” Bria says. However, that brave face only masks the real angst.
“The time frame is short; the maturity of the vendor market is not where it should be,” Bria says. “So, the idea of not having as much standardization and as much ‘routine-ization' of the entire process as well as the (inadequate) technology becomes more of a concern to the naive IT consumer as they learn more.”
Bria says there is an even higher level of skepticism among “the older heads,” such as many AMDIS members, who look at the compressed timeline for EHR implementation and meaningful use under the stimulus law and think, “My God, this took me a lot longer than what they're talking about. What changed this to plug-and-play?”
Bria is working with a team of AMDIS members to compose a formal response to the meaningful-use proposed rule before the public comment period closes in mid-March.
“Even with the massive administrative might of the federal government, some of this stuff is going to be impossible to get their arms around in the same time frame in which they're going to reward you or punish you,” Bria says. “What I think the cooler heads are saying is, ‘They're going to push this out to a longer time frame.'
“After 30 years, do I think this is wonderful? Absolutely,” Bria says. “The idea of having data and demonstrating improvement of quality, oh, yeah; this is fantastic. Medicine has been really dragging its feet and clawing the wall; it's past time.
“But the idea that you could screw things all up and have a backlash, absolutely that's possible,” Bria says.
Donald Mon is vice president of practice leadership and Harry Rhodes is director of practice leadership at the American Health Information Management Association, a Chicago-based association for medical-records professionals.
Mon says he was surprised Modern Healthcare's survey findings didn't reflect even larger percentages of respondents focusing on the stimulus law.
“I thought meeting meaningful use would have been much higher than that, in the upper 80s or 90s,” Mon says.
One of three mandatory elements of meaningful use Congress specified in the stimulus law is information exchange to improve patient care. (The other two are electronic prescribing and clinical quality reporting.)
Participating in a local, regional or statewide health information exchange ranked No. 7 in the list of priorities survey respondents indicated they'd undertake in the next 24 months. Just over 25% of survey participants selected participation in an exchange as a priority, which Mon found encouraging news for promoters of exchanges.
“The fact that even 25% are considering participating in an (exchange) of any kind is a significant number,” Mon says. “You're hearing some of the stories that some of the entities don't see the benefit of an (exchange), but here you see 25% are considering participating. It's a pretty good number that you could start building in some sustainability out of.”
A ban on the sale of healthcare data was one of several amendments to the privacy provisions of the Health Insurance Portability and Accountability Act of 1996 included in the stimulus law. Most survey respondents didn't bat an eye at the new restrictions, and Rhodes says he's not surprised.
“From what I hear from the industry and people I know, there are various people trying to make money off data sales, but most people shy away from that,” Rhodes says. “You're not seeing a lot of people involved in data sales, so it's not going to have any effect at all.”
Only 2% of respondents indicated that the ban on data sales would have a negative impact on their operations. Another 88% thought it would have no effect, and 10% saw a positive impact (See related story on privacy issues).
The new breach-notification requirements are another story, though. A plurality of survey respondents, 44%, saw a “negative impact.”
“If you read the final rule for breach notification, the upshot is you're going to beef up your security,” Rhodes says. “A lot of people are behind. I'm getting a lot of e-mails from folks in the industry on how do I do this and do that? How do I secure e-mail, how do I secure information on the network, right down to simple things, like what is encryption?”
When it comes to security, “there are still gaps,” Rhodes says.