ExactData - Next Generation Systems Testing

Introduction:

New regulations, Affective in 2010 make HIPAA Compliance even tougher for those who use data test sets that contain electronic medical and personal information. These new regulations, not only make it tougher for both Entities, such as Health Care Providers, and their Business Associates to comply with the updated HIPAA Privacy Rule, it now requires Entities and Business Associates to notify individuals, as well as the secretary of the Department of Health and Human Services (HHS) and even the Media in some cases, if a breach of the HIPAA Privacy Rule occurs.

This Article will describe why the new rules apply to the use of data test sets that contain real medical or personal information, what the Privacy Rule and HITECH rules require, and the possible criminal and civil penalties that can be incurred for non-Compliance.

Electronic Medical Records Data Test Sets (EMRDTSs)

Beginning in the late 1980’s and early 1990’s, Electronic Medical Records (EMRs) began to be used in large volume. These EMRs were seen as a way to improve the quality of health care, improve the efficiency of health care providers, and help increase the security of patient’s personal medical information. However, the current volume of clinical data (and therefore EMRs) essential to the practice of medicine today simply cannot be processed by the unaided human mind. This is why the use of computers and IT applications have become a crucial part of controlling and maintaining EMRs in the health care industry.

Because the IT applications required for transmitting and maintaining EMRs at current technology levels are continuously evolving and increasing in size, it is often necessary to use Data Test Sets (DTSs) to test and maintain IT applications. The use of DTSs to test and maintain IT applications is especially prevalent in the health care industry, because of the sheer volume of EMRs currently in use. In addition, the health care industry’s need for testing and maintaining IT applications requires a specific set of DTSs. These test sets include specific information vital to the health care industry.

Throughout this article, when I refer to DTSs, I am referring to Electronic Medical Records Data Test Sets (EMRDTSs). These are DTSs specific to the health care industry. EMRDTSs are used in the health care industry to perform software validation and training to avoid errors during operations. In most cases, sets of real data are used for testing. These real data tests sets are the types of EMRDTSs that this article addresses when discussing compliance with any regulations. Finally, in the last section of the article, I will discuss how any AHIPAA compliance issues can be avoided by using synthesized EMRDTS.  Download the full brief.