Healthcare IT – Making Sense of the Regulatory Scene

The Healthcare IT market opportunity is significant and not without its challenges.  It represents one of the fastest growing sectors of the US economy and is expected to be a $50 billion plus market by 2014.

What solution provider/VAR would not want to be a part of a potential $50 billion market in the coming years? Jumping in to the HIT (healthcare IT) space can indeed prove challenging, given the hand that regulation plays in this space.

When key acronyms like ARRA (American Recovery and Reinvestment Act), HIPAA (Health Insurance Portability and Accountability Act), EMR (electronic medical records), EHR (electronic health record), HITECH (Health IT for Economic and Clinical Health Act) and others get tossed around, one sure hopes they understand the implications each has on the HIT solution. When you then add a layer of regulatory oversight and ever tightening data privacy/security laws, it makes for an even more interesting mix. One false move and it could cost your customers in many ways….whether it be a costly data breach, a billing mix up, or a detour in the critical flow of healthcare information from one provider to another, thus hindering or compromising patient care.

Given the confidential nature of medical records, it only makes sense that there is a need for oversight. Just as credit card and banking transactions containing sensitive information getting into the wrong hands can wreak havoc on a business’ credibility, the same can be said for medical records. The DHS (Department of Homeland Security), as well as many states, are carefully monitoring (and regulating in many cases) the flow of PII (Personally Identifiable Information) to ensure proper steps are being taken to protect the context of these records. One case in point is the recently enacted Massachusetts Privacy Law (MA 201 CMR), with stiff penalties attached to even the most minor breaches.

Before a solution provider jumps into the HIT space it is important for them to realize that these solutions are often more complex than they appear on the surface. It requires much more than the simple addition of medical equipment to the network infrastructure. One needs to understand the data flow of a medical practice from the time the patient first comes in for an appointment to simple changes like updating their insurance information to seeing the doctor, to then getting a few tests or x-rays and finally a prescription and a follow up visit. When you add  the processing of the medical charges through insurance, the patients co-payment, the potential for Medicaid processing, and other government considerations; a simple office conversion suddenly becomes  complex.

The CompTIA Healthcare IT Community is gearing up to tackle these challenges and much more. Join in the discussion and have your voice heard as we develop training materials, guidelines for credentials and possible certifications, and cover other topics. Learn more at www.comptia.org/communities.