Proposed ACO Rule Addresses PrivacyAccountable Care Organization Participants Would Share Data
The rule establishing the Medicare Shared Savings Program, called for under federal healthcare reform, would enable hospitals, clinics, long-term care facilities and other providers in a region to form Accountable Care Organizations to improve care for the chronically ill and share in savings that may result. Participation in ACOs is voluntary. The Department of Health and Human Services is soliciting comments on the proposal.
The proposal stresses that ACOs must "comply with the limitations on the use and disclosure of individually identifiable health information that the HIPAA Privacy Rule places on HIPAA covered entities, as well as other applicable privacy and confidentiality requirements."
In describing the goal of ACOs, HHS Secretary Kathleen Sebelius said, "Accountable Care Organizations will improve coordination and communication among doctors and hospitals, improve the quality of the care the patients receive and help lower the costs." One way of achieving these goals, for example, is to improve access to primary care so patients avoid trips to the emergency room.
Health Information ExchangeThe ACO approach to managing the quality and cost of care for the chronically ill would rely heavily on information sharing. Compliance with federal coordination of care requirements, according to the proposal, may require "the establishment and use of health information technology, including electronic health records and an electronic health information exchange, to enable the provision of a beneficiary's summary of care record during transitions of care both within and outside of the ACO." Compliance also may require the use of remote monitoring of patients, telehealth and predictive modeling, according to the proposal.
The proposed rule would require Medicare beneficiaries to opt out if they did not want their Medicare claims data shared among ACO participants. "We are particularly interested in comments on the kinds and frequency of data that would be useful to ACOs, potential privacy and security issues, and the implications for sharing protected health information with ACOs, and the use of beneficiary opt-out, as opposed to opt-in, to obtain beneficiary consent to the sharing of their information," the proposal states.
The proposal also would require that 50 percent of primary care providers in an ACO be meaningful users of electronic health records by year two of the program. The HITECH Act provides financial incentives to hospitals and physicians who are meaningful users of EHRs. To qualify for stage one of the incentives, EHR users must conduct a risk assessment and take action to mitigate any privacy risks identified. Additional security requirements are under consideration for stage two (See: Tiger Team Tackles EHR Requirements).
Fraud and Abuse, Antitrust IssuesIn addition to the rule authorizing the ACO program, federal authorities this week issued a proposal for potential waivers of certain fraud and abuse rules for ACO participants. These include the physician self-referral law, the federal anti-kickback statute, and certain civil monetary penalty law provisions.
Also, the Federal Trade Commission and the Department of Justice issued a proposed policy statement regarding ACOs and antitrust issues. "The policy statement is intended to ensure that health care providers have the antitrust clarity and guidance needed to form pro-competitive ACOs that participate in both the Medicare and commercial markets," the proposal states. The statement describes the conditions under which ACOs could fall into antitrust "safety zones" or be eligible for expedited antitrust reviews.