The National Community Pharmacists Association (NCPA) has sent a letter to the deputy director for health information privacy, Office for Civil Rights, U.S. Department of Health and Human Services, arguing that that expanded privacy rules could create significant problems for community pharmacies
For example, the letter—written by John Coster, senior vice president of government affairs for the NCPA—referred to Section 13405(c) of the HITECH [Health IT for Economic and Clinical Health] Act requiring covered entities that use or maintain an EHR to provide, upon request, an accounting of disclosures made for treatment, payment and healthcare operations purposes through an EHR over a three-year period. Under the law, entities would have to account for all disclosures of information.
According to Coster, many pharmacies have information systems in place that are not designed to comply with a requirement to account for the amount of transactions required by the new law.
“Our members who have invested heavily in technology may be forced to abandon existing systems for brand new systems that would comply with the mandate,” Coster wrote. “To do so would prove too costly for many independent pharmacists.”
“Although pharmacies have been on the leading edge of adoption of health IT, our members will have to make significant modifications and upgrades, such as the breach notification requirement, the accounting of disclosures requirement, and patient-requested restrictions nondisclosures,” concluded Coster. “Small independent pharmacies will be adversely impacted as they may be more resource-challenged than others.”