Navigation of health IT regulatory landscape requires CIO vigilance

As the regulatory and reimbursement landscape in health IT continues to rapidly evolve, so too does the role of the hospital CIO. It wasn't until recently, however, that CIOs were looked upon to improve patient care, according to FierceHealthIT Editorial Advisory Board member Indranil Ganguly, vice president and CIO at CentraState Medical Center in Freehold, N.J. In fact, he said during FierceHealthcare's recent webinar, "The evolving role of hospital CIOs and CMIOs," for the better part of three decades, billing and administrative functions were a hospital CIO's primary responsibility.

"In the 1970s, '80s and even the early '90s, CIOs typically reported to the chief financial officer," Ganguly (pictured right) said.

Ganguly pointed to two milestones that seemingly changed the course of hospital CIO activity: the passage of the Health Insurance Portability and Accountability Act in 1996, and the release of the Institute of Medicine's "To Err is Human" patient safety report in November 1999.

"HIPAA was the IT area's first real foray into heavy involvement on a regulatory issue," Ganguly said. "HIPAA was viewed, rightly or wrongly, as an IT issue, which meant that CIOs and other IT folks found themselves tackling compliance issues as a key part of their job.

"The report, meanwhile, really put patient safety on every hospital's radar screen, and by default, every hospital CIO's radar screen."

Today's CIO has no shortage of regulatory and reimbursement issues to worry about. Brad Thompson, a healthcare attorney and partner at law firm Epstein Becker & Green in Washington, D.C., outlined some of those issues on the webinar, including U.S. Food and Drug Administration oversight of medical devices, and guidance created to provide education to the public about the regulatory lay of the land.

Thomspon (pictured left) specifically pointed out that CIOs will be impacted by the FDA's Safety and Innovation Act, signed into law last summer. The legislation, he said, calls on the Office of the National Coordinator for Health IT, the Federal Communications Commission and the FDA to develop a master plan for health IT regulation by the end of this year. With that in mind, though, he said that government doesn't always get it right when it comes to such matters.

"[CIOs] should get involved in the process and provide input," Thompson said, pointing out that just last month, ONC concluded the process of accepting applications for membership in its FDASIA workgroup.

Thompson also said that while electronic health records presently are not regulated as medical devices by the FDA, officials have pointed out that they do meet such criteria. He added, though, that the FDA has been collecting data on patients being injured due to poor quality EHRs.

"They're in sort of a wait-and-see mode," he said. "They are watching [EHRs]."

To that end, Ganguly said, CIOs must remain vigilant.

"As IT professionals, we're going to have to be watching that landscape quite aggressively to be able to respond to various demands," he said. "We need to be able to help our organizations react nimbly to change."

To learn more:
- here's the webinar on-demand (registration required)