Health Information Management & Technology

About Health Information Management & Technology

California hospitals are committed to making health information easy to share so that patients and providers can make better informed decisions. This coordination leads to better health outcomes for patients and more efficient health care for all. CHA produces the California Health Information Privacy Manual to help hospitals ensure compliance with myriad state and federal laws.

CMS Requests Information on AI Use in Health Care

What’s happening: The Centers for Medicare & Medicaid Services (CMS) issued a request for information (RFI) on how artificial intelligence (AI) is used to improve health care delivery, with the goal of informing future rulemaking. 

What else to know: CMS will select organizations to showcase their AI products and services to educate the agency and inform future policymaking during a series of “Demo Days” starting in October. 

HQI Quality Quarterly Highlights Data-Driven Patient Safety Strategies

What’s happening: The July edition of Quality Quarterly explores why effective patient safety strategies are grounded in the timely collection and analysis of data and examines the rise in sepsis mortality rates in hospitals. 

What else to know: Quality Quarterly is intended to support the work of patient safety professionals by providing information on clinical developments, new technologies, and peer learning opportunities.   

ONC Finalizes Financial Penalties for Information Blocking

What’s happening: The Office of the National Coordinator for Health Information Technology (ONC) issued a final rule on provider disincentives for information blocking.    

What else to know: CHA is disappointed in the finalized policies and remains concerned about the selective application of penalties to certain health care providers, as previously outlined in comments

Hospitals Can Require Change Healthcare to Make Breach Notifications

What’s happening: The Department of Health and Human Services (HHS) announced that hospitals and health systems can require UnitedHealth Group to notify patients if their data was stolen during the Change Healthcare cyberattack on Feb. 22.  

What else to know: CHA is urging the California Department of Public Health to make a similar clarification under state law.  

HHS Launches New Program to Enhance Cybersecurity for Health Care Facilities

What’s happening: The Department of Health & Human Services’ (HHS) Advanced Research Projects Agency for Health launched a new program to enhance and automate cybersecurity for health care facilities. 

What else to know: The Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program will invest more than $50 million to create tools for information technology teams to better defend hospital environments. 

HHS Finalizes Privacy Rule to Protect Reproductive Health Information

What’s happening: The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued a final rule prohibiting entities regulated by the Health Insurance Portability and Accountability Act Privacy Rule from using or disclosing protected health information (PHI) to investigate or prosecute patients, providers, or others involved in providing legal reproductive health services. 

What else to know: The final rule is effective June 25, and covered entities are required to comply within 240 days. Hospitals will need to update their policies and procedures to comply with these new rules.