Provided by: Jennifer Kirschenbaum, Esq.
February 4, 2025
Question:
Jennifer,
I am being solicited by companies selling AI products seeking access to my EMR. Is there a HIPAA risk participating?
Thanks,
Dr. O
Answer:
100%. Patient consent under HIPAA is typically limited to treatment, payment and operational purposes. While the argument is getting stronger that an AI contract is part of operational purposes, you are absolutely better protected in obtaining direct patient consent for AI participation, not to mention ensuring you have a proper Business Associate Agreement with any AI contractor you plan to give EMR access to.
An up and comping AI technology you have may heard of (because of Pelosi's recent investment) is Tempus AI, Inc. Tempus scored a major victory over Medicare, and is now approved as a reimbursable service with a unique CPT code. "Per the CMS policy to allow payment for certain Software as a Service (SaaS) devices in the Hospital Outpatient setting, CMS has assigned associated procedure codes for assessments with assistive algorithms like Tempus’ ECG-AF (CPT 0764T and CPT 0765T) to APC 5734, which has a Medicare rate of $128.90, effective January 1, 2025." Id.
Tempus (as per its website) offers several AI-powered solutions designed to support providers and researchers. Here’s how its platform can enhance clinical decision-making:
Jennifer,
I am being solicited by companies selling AI products seeking access to my EMR. Is there a HIPAA risk participating?
Thanks,
Dr. O
Answer:
100%. Patient consent under HIPAA is typically limited to treatment, payment and operational purposes. While the argument is getting stronger that an AI contract is part of operational purposes, you are absolutely better protected in obtaining direct patient consent for AI participation, not to mention ensuring you have a proper Business Associate Agreement with any AI contractor you plan to give EMR access to.
An up and comping AI technology you have may heard of (because of Pelosi's recent investment) is Tempus AI, Inc. Tempus scored a major victory over Medicare, and is now approved as a reimbursable service with a unique CPT code. "Per the CMS policy to allow payment for certain Software as a Service (SaaS) devices in the Hospital Outpatient setting, CMS has assigned associated procedure codes for assessments with assistive algorithms like Tempus’ ECG-AF (CPT 0764T and CPT 0765T) to APC 5734, which has a Medicare rate of $128.90, effective January 1, 2025." Id.
Tempus (as per its website) offers several AI-powered solutions designed to support providers and researchers. Here’s how its platform can enhance clinical decision-making:
- Hub: A digital platform for ordering and managing Tempus tests, allowing secure access to patient information and smart clinical reporting.
- One: An AI-enabled assistant that retrieves patient data, identifies relevant clinical trials and helps define research cohorts.
- Now: A suite of applications embedded within EHRs to streamline test ordering, genomic data integration and clinical trial updates.
- Lens: A research platform enabling scientists to analyze Tempus’ vast datasets through AI-driven insights.
- Pixel: AI-enabled imaging analysis that automates lesion tracking and reporting.
- Next: A care management tool that identifies gaps in patient treatment and delivers real-time notifications to providers.
- Assays: A range of genomic profiling tests to support precise treatment decisions.
- Algos: Algorithmic tools to assess biomarkers, predict treatment response, and refine cancer diagnoses.
- Patient consent - let's prepare and deploy a specific additional consent for patients to sign off on participation.
- Contractor contract review - let's not be cavalier when contracting with any outside AI vendor - take the service agreement process and BAA seriously and let's dig in to make sure you are financially and regulatorily protected.
