Can smart cards help with compliance with the enhanced privacy standards created under the new American Recovery and Reinvestment Act (ARRA)?
Yes. Smart card-based patient ID cards answer a key ARRA policy concern regarding access to health information. ARRA establishes a Policy Committee to examine methods to facilitate secure access by an individual to an individual’s protected health information as well as methods, guidelines and safeguards to facilitate secure access by caregivers, family members or a guardian. The HIPAA Privacy Rule protects all individually identifiable health information held or transmitted by a covered entity. ARRA has expanded those protections beyond the HIPAA rule to include additional entities, such as vendors of personal health records. A major goal of the Privacy Rule is to define and limit how and when protected health information is used or disclosed by covered entities. Smart cards can help covered entities and ARRA-stipulated entities comply with both the HIPAA Privacy Rule and the security and privacy mandates under ARRA.
