SAN MATEO (04/14/2000) - Less than six months removed from Y2K, the health care industry is readying itself to face yet another deadline-oriented IT infrastructure upheaval aimed at bringing bring health care providers into the electronic age.
The Health Insurance Portability and Accountability Act (HIPAA) standards, set for release in June, promise to let companies automate many of their business processes through better data exchange and establish stringent privacy guidelines for patient information. Similar to other industries scrambling to define data and application exchange standards primarily through XML, the technical hurdles will be imposing.
"The business of health care has not changed fundamentally since the turn of the last century in regards to IT technology," said Dr. John Lumpkin, director at the Illinois Department of Public Health, in Springfield, who serves as a chairman on the National Committee of Vital and Health Statistics. "If we're really going to see enhancements in quality and efficiency, we have to look at every other industry that has used automation to achieve those goals."
In the 1996 HIPAA act, an "Administrative Simplification" part of the law required the U.S. Department of Health and Human Services to create new standards for the messaging of health information identifying individual patients.
The proposed regulation requires all health care organizations that maintain or transmit electronic health information to adopt the new standards or suffer stiff penalties and possible imprisonment. Once the final standards are adopted, health care providers will have 24 months to comply. Small health plans get 36 months to fall in line.
The new standard will address information security, privacy, EDI (electronic data interchange) and unique identifiers issues.
Dusting off and measuring up old legacy systems for new code and systems integration should pay huge dividends in the long run for a fast-graying health care industry, which relies heavily on paper processes. But Lumpkin said HIPAA's preparations do mirror those of Y2K.
"There will be people who will wait until the last minute to make necessary changes. Of course, if their legacy system is an orphan, then they're going to have some problems."
Vendors are offering different approaches to assist the health care community as it prepares for the undisclosed regulations -- and many of those options revolve around outsourcing.
E*Healthline.com, an Internet-based health care information management ASP (application service provider) is utilizing Computer Associates International Inc.'s Unicenter systems management and Jasmine ii development platform to build a service for providers to perform a variety of health care transactions.
"This [service] is allowing me to get back into the patient room and not have to worry about IT problems," said Dr. George A. Jutila of the Fortuna Family Medical Group, in Fortuna, California.
Care Data Systems, a health care industry systems integrator in Chicago, creates an integration engine module to allow older systems to exchange information in different formats. Steven Riney, chief IT officer at St.
Joseph's Regional Health System in Stockton, Calif., says the service will help him rehost data on legacy systems and conform to HIPAA. Riney is also looking to Object Management Group-led CorbaMed standards for data exchange.
Microsoft Corp.'s view is that HIPAA won't necessitate an overhaul of their entire systems, said David Lubinski, practice manager of Microsoft Healthcare Practice.
In about three weeks, the company will release examples on its Web site of code it is creating to illustrate how a system can build HIPAA-compliant transactions over its BizTalk framework using XML.