Introductions 2 New Jersey State Office of EMS Agencies have a - - PDF document

Webinar New Jersey EMS Data Reporting Law

1

Introductions

2

New Jersey State Office of EMS

• Agencies have a responsibility to comply with the new law
• OEMS will support the efforts as much as they can
• The goal is to fill in gaps in what we know and what we do

not about EMS in New Jersey

• Make the system better for the patients
• Not intended to be negative in any way

3

Senate 5 / Assembly 4925

• Signed July 21, 2017
• Effective January 17, 2018
• 3 Main Elements
• New Jersey EMS Task Force
• EMS Dispatch Data
• EMS Patient Data

4

NJ EMS Task Force

• Shared services among numerous agencies in New Jersey

to respond to major events - planned and unplanned

• Outgrowth of September 11 attacks
• Law formally establishes Task Force under the

Commissioner of Health

5

EMS Dispatch Data

• Electronic reporting of EMS dispatch and response information
• Interact with existing systems to the extent possible
• Department shall furnish any programs developed for

accessing and using the data

• Call type, response times, locations, etc.
• Develop quality performance metrics and protocols based on

data

• Response time data will be publicly available

6

Mandatory Dispatch Data

• The date, time, and location
• Nature and circumstances of the emergency, as provided

to the dispatch center

• Identity of each EMS provider dispatched to the scene
• Any other particulars of the request as may be relevant or

as may be required by the commissioner.

7

NEMSIS Data

• National EMS Information System
• Uniform data mapping and terminology for all EMS

providers around the country

• Ensures that everyone using a particular word in the data

set means the same thing

• Response Time
• Intubation Attempt
• This is a FORMAT for the Data

8

Who Must Report?

• Each EMS Provider:
• Any association, organization, company, department,

agency, service, program, unit, or other entity that provides pre-hospital emergency medical care to patients in this State, including, but not limited to, a basic life support ambulance service, a mobile intensive care unit, an air medical service, or a volunteer

• r non-volunteer first aid, rescue, and ambulance

squad

9

What Must You Report?

• The date, time, and location of the encounter
• The nature of the medical emergency, number of persons requiring emergency

medical services and the condition of each person

• Any emergency medical treatment or other services provided, including any

specific procedures performed, any medications administered including, but not limited to, an opioid antidote

• Name and certification of each EMS provider staffing the provider unit
• Other EMS providers responding
• Outcome of the encounter, including treated, refused additional treatment,

transported to a hospital or other health care facility, transferred to another EMS provider for further treatment, or died

• Any other particulars of the encounter as may be relevant or as may be required

by the commissioner

10

When Must You Report It?

• Not specified
• N.J.A.C. 8:40-3.6(d): A copy of the patient care report shall

be given to an authorized representative at the receiving health care facility. This shall be done no later than 24 hours after completion of the call. Additions to the

• riginal report shall not be made once a copy has been

delivered to the receiving health care facility, unless such changes are initialed and dated by the person making the change and the receiving health care facility is provided with a copy of the changes

11

Where Does This Take Place?

• At the patient’s bedside during the encounter
• At the hospital after transferring patient care
• At the building after the call is complete

12

Why Is the Data Being Collected?

• FOR THE PATIENT
• Continuity of Care
• Documentation of Care
• FOR THE SYSTEM
• Quality Improvement Efforts
• Research
• FOR THE STATE
• Global Data Collection and System Improvements
• Opioid Epidemic
• FOR YOU!
• Know What YOU Are Doing
• Individual and Department Levels

13

How is the Data Collected?

• NEMSIS compliant Electronic Patient Care Record (ePCR) Systems
• Could Write Paper Charts and Enter in Manually After the Fact -

Duplication of Effort, Increased Concerns

• OEMS Offers Basic Image Trend Product Free of Charge
• Other Commercial Products
• emsCharts (GoldenHour)
• ZOLL
• SafetyPad

14

HIPAA

• Health Information Portability and Accountability Act

(1996)

• Minimum Standards for Health Information Privacy and

Security

• Health Information Technology for Economic and Clinical

Health (HITECH) Act in 2009

• Expanded coverage of HIPAA and Breach Requirements

15

HIPAA Terms

• Protected Health Information: (PHI): Information that can

be traced to a specific individual that relates to an individual’s health condition

• Covered Entity (CE): A healthcare provider that transmits

PHI in electronic form for a HIPAA-covered transaction

• Business Associate (BA): Anyone or anything that uses

PHI in work for a covered entity

16

Covered Entities

• 45 CFR 160.103 - A covered entity transmits ANY health

information in electronic form in connection with a transaction

• Transaction means the transmission of information

between two parties to carry out financial or administrative activities related to health care. It includes the following types of information transmissions

• Health care claims or equivalent encounter information

17

HIPAA Security

• Protects PHI
• Ensure Confidentiality, Integrity and Availability
• Protect Against Reasonably Anticipated Breaches
• Includes Administrative, Physical, and Technical

Safeguards

18

HIPAA Privacy

• Use of PHI - Permitted and Prohibited (INTERNAL)
• Disclosure of PHI - Permitted and Prohibited (EXTERNAL)
• Consent of the Patient
• Treatment, Payment, and Operations (TPO)
• MANY Exceptions
• Right to Individual Access

19

What Do You Need?

• HIPAA Privacy Officer
• HIPAA Privacy and Security Policies
• Log or System for Access and Release
• Authorization Process
• Applicable Forms
• HIPAA Audit
• TRAINING

20

HIPAA Penalties

• Without Knowledge or Reasonable Diligence: $100

minimum, $50,000 maximum

• Reasonable Cause (Not Willful Neglect): $1,000 minimum,

$50,000 maximum

• Willful Neglect (30 Day Remedy): $10,000 minimum,

$50,000 maximum

• Willful Neglect (Not Corrected): $50,000 minimum

21

Cybersecurity

• Where is your Data?
• Who has access to your Data?
• Do you have Policies and Procedures in place to address

these issues?

• What technology do you use? How secure is it?
• Who is responsible for implementing this and ensuring

compliance?

• How are you going to prepare for this?

22

emsCharts

• NEMSIS 3 compliant with state data repository
• Safe and secure with HIPAA compliance
• Customer configuration and customization options
• Continuous customer support
• Integrations built with multiple CAD vendors and Billing

23

Conclusions

• Compliance Program with HIPAA Privacy and Security and

Cybersecurity Best Practices

• Joint Program of Keavney & Streger and XPAN Law Group
• Flat Fee of $2,000 Per Agency
• In-Person Training
• Policies and Procedures
• Prices May Vary for Larger EMS Agencies

24

Contact Information

• Keavney & Streger - njemslaw.com - info@njemslaw.com
• XPAN Law Group - xpanlawgroup.com -

administrator@xpanlawgroup.com

• emsCharts - emscharts.com - sales@emscharts.com
• Penn Care - penncare.net - tara@penncare.net

25