Section 0.3 Overview State Mandates for e-Health

This tool includes some of state and federal laws and mandates that guide and support e-Health activities. In addition, it includes some laws and mandates that Social Service s agencies need to be aware of when planning for e-health.

Time needed: 2 hours Suggested other tools: NA

How to Use 1. Review the material below to understand laws and mandates that apply to your profession.

Minnesota Laws and Mandates for e-Health The table below lists the Minnesota mandates for e-health. See the following discussion of some of the most important points below.

Title Statute Resources

Electronic Health Minnesota Statutes Minnesota’s 2015 Interoperable EHR Mandate Record Technology 62J.495 (2015 Interoperable Electronic Health Record Mandate)

Electronic Prescribing in Minnesota Electronic Prescription Minnesota Statutes Drug Program 62J.497

Minnesota Statutes Health Information Exchange Oversight Health Information 62J.498,62J.4981 and62J.4982 Exchange (HIE) Oversight

Minnesota Health Minnesota Statutes Health Records Act Fact Sheet (pdf 44Kb/2 pgs) Records Act 144.291 through144.298

Uniform Electronic Minnesota Statutes Healthcare Administrative Simplification Transactions & 62J.536 Implementation Guide Standards

Section 0 Overview—State Mandates for e-Health - 1 The Minnesota Mandate for Interoperable Electronic Health Records In the table above, there is a link to information about Minnesota’s 2015 Interoperable EHR Mandate. This mandate became law in 2007. The law mandates that all healthca re providers in the State of Minnesota implement an interoperable electronic health rec ord by January 1, 2015. This mandate extends to Social Services agencies. The Minnesota Department of Health Office of Health Information Technology (OHI T) has developed comprehensive documents that explain the mandate. Read their over view here: http://www.health.state.mn.us/e-health/hitimp/2015mandateguidance.pdf In addition to the overview, OHIT maintains a web page on this topic, which includes Frequently Asked Questions (FAQs). Read those FAQs here: http://www.health.state. mn.us/e-health/hitimp/. One important requirement of the mandate is that the interoperable EHR must be eithe r ONC Certified EHR Technology or Qualified EHR Technology. See below for guid ance from OHIT on certified and qualified technology.

Certified EHR The EHR must be certified by the Office of the National Coordinator (ONC) pursuant to the Federal Health Information Technology for Economic and Clinical Health (HIT ECH) Act. This criterion applies to providers if a certified EHR is available for their s etting. This criterion shall be met if a provider is using an EHR that has been certified within the last three years, even if a more current version of the EHR has been certifie d within the three-year period. A comprehensive list of currently certified EHRs is ava ilable at http://www.healthit.hhs.gov/chpl.

Qualified EHR If a provider does not have a certified EHR available for their setting, then the provide r must have a qualified EHR. This is an electronic record of health-related information on an individual that includes patient demographic and clinical health information, and has the capacity to:  provide clinical decision support  support physician order entry  capture and query information relevant to health care quality  exchange electronic health information with, and integrate such information from, other sources In addition, the e-Health Advisory Committee and MDH encourage providers to have an EHR with the capacity to securely:  incorporate clinical lab test results as structured data  support transitions of care, population health and quality improvement  allow patients or their representatives access to view online, download and transmit their health information1

1 http://www.health.state.mn.us/e-health/hitimp/2015mandateguidance.pdf

Section 0 Overview—State Mandates for e-Health - 1 Federal Incentives for Meaningful Use Since 2009, the most important national incentive for e-health has been the HITECH Act, which provides funding for eligible providers and hospitals in the United States to adopt and “meaningfully use” EHRs by 2015. Follow this link to learn more about Meaningful Use (MU): http://www.cms.gov/Regulations-and- Guidance/Legislation/EHRIncentivePrograms/Meaningful_Use.html and (http://www.healthit.gov/policy-researchers-implementers/hitech-act-0) Unfortunately, many Social Services agencies are not eligible for Meaningful Use ince ntives. This is because incentives go only to MDs or Advance Practice Registered Nur ses like CNSs, Nurse Midwives, or Nurse Practitioners2. In some rare cases Physician’ s Assistants are eligible.

Laws and Mandates Specifically for Social Service Agencies Many social service agencies employ behavioral health and/or home health care provid ers. Please refer to the Behavioral Health and Home Health HIT toolkits for mandates that apply to those domains. Everyone has heard of HIPAA, the set of regulations that control access to and privacy controls for health information. The Stratis Health toolkits for Behavioral Health and Home Health provide a series of tools to help you understand how to work with HIPA A in an e-health world. Here is a list of the regulations.  Health Insurance Portability Accountability Act (HIPAA), 45 CFR section 164.501  Health Insurance Portability Accountability Act (HIPAA) Privacy and Security Rule added in 20003  Health Insurance Portability Accountability Act (HIPAA) Omnibus Final Rule added in 2013 4  Minnesota Data Privacy Act  Minnesota has additional laws governing data privacy. See link below. o Minnesota Government Data Practices Act, Minnesota Statute Chapter 13 (https://www.revisor.mn.gov/statutes/? id=13.01&year=2013&keyword_type=exact&keyword=Minne sota+Government+Data+Practices+Act)  Additional Regulations affecting those who work with substance abuse.  CFR 42, part 2 requires that clients provide written permission any time any personally identifiable information is released to another party. http://uscodebeta.house.gov/view.xhtml?req=granuleid:USC- prelim-title38-section7334&num=0&edition=prelim

2 All these APRNs are eligible only if they serve 30% or more Medicaid clients.

3 45 C.F.R. 160 and 164 modifications made for the HIPAA final rule effective March 26, 2013

4 65 Fed. Reg. 82,474 (Dec. 28, 2000).

Section 0 Overview—State Mandates for e-Health - 1  Title 38 Section 7332 Protections extend to some special types of data: See link here: http://www.gpo.gov/fdsys/granule/USCODE-2011- title38/USCODE-2011-title38-partV-chap73-subchapIII-sec7332/content- detail.html  Family Educational Rights and Privacy Act (FERPA) applies to those who work with students and their families. See link here: http://www2.ed.gov/policy/gen/guid/fpco/pdf/2012-final-regs.pdf

In general, social service agencies and their employees understand the HIPAA require ments that cover protected patient information apply to them. Further, social workers understand their ethical and professional responsibilities to ensure trusting, confidentia l relationships with their clients. An excellent article, titled Consent, Authorization, and Notice under HIPAA Privacy Regulations5, available from the National Association of Social Work, discusses these issues from the perspective of social workers. As your agency moves ahead with e-health projects, you will need to think carefully a bout how you will exchange information and how you will ensure your clients underst and what you are sharing, why you are sharing, and give you permission to do so.

Copyright © 2014 Stratis Health. Updated 03-10-14

5 http://www.naswdc.org/practice/behavioral_health/mbh0201.asp

Section 0 Overview—State Mandates for e-Health - 1