Stage 2 Rules Affect Mobile Health

Technology related to mobile health applications gets more attention in the final rules regarding Stage 2 requirements for achieving meaningful use of electronic health records.

The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health IT released their final Stage 2 rules last week. Mobihealth News analyzed the lengthy documents to see how m-health fared in the new rules, which go into effect in 2014.

Primary m-health-related changes in the CMS rule, according to the Mobihealth News article, include:

• Requiring health-care providers to assess whether they need to encrypt protected health information data while at rest, in reaction to multiple breaches of PHI from mobile devices.
• Requiring providers to use computerized physician order entry – which specifically can include a mobile device -- for 60 percent of patients and 30 percent of laboratory and radiology orders.

Primary changes affecting m-Health in the ONC companion rule, according to Mobihealth News:

• Vendors may develop mobile patient-engagement apps using technology that meets basic requirements for EHR certification, including secure email, portals and mobile applications using a variety of transport standards.
• Separate certification is not required to adapt certified EHR technology for a mobile app.
• Encryption is required for mobile devices, and EHRs must be able to create an audit log of such encryptions if the system allows local storage of data on the devices.

In a blog post earlier this week, ONC’s Dr. Farzad Mostashari said the Stage 2 update “means that we are able to break down barriers to the electronic exchange of information and decrease the cost and complexity of building interfaces between different systems while ensuring providers with certified electronic health record technology have the tools in place to share, understand, and incorporate critical patient information.”