The House gave final passage to the sweeping bill on Monday. medical bill This includes adding protections for home care workers, better preparing health care facilities for cyberattacks, and establishing new regulations for state health information exchange.
The bill was adopted by a vote of 112-37. The vote was divided primarily along party lines.
The section on additional protections for home care workers was enacted in the wake of the October killing of Joyce Grayson, a visiting nurse who worked at a nursing home in Willimantic.Media outlets say man charged with murdering girlfriend Reported.
“The many people affected by Joyce Grayson’s death know how important this effort and this conversation is,” said Rep. Christine McCarthy Behey (D-Fairfield), co-chair of the Public Health Committee. I know what’s going on,” he said.
The bill would require a home health care agency to collect certain customer information upon admission and to make that information available to employees assigned to that customer. Information may include a history of violence against health care workers, domestic violence, drug use, psychiatric history, sex offender registry listings, crime rates in the municipality where the person lives, and any weapons or safety hazards in the area. This includes whether or not there is. House. The measure prohibits agents from denying customer service or refusing to provide data based solely on the data collected.
The proposal would also require home health agencies to conduct monthly safety assessments with direct care staff and implement a health and safety training curriculum for home care workers. State social services commissioners must ensure that agencies provide evidence that they have implemented a training curriculum to continue receiving Medicaid reimbursement.
In addition, home health agencies must report verbal threats or abuse of clients to the state, and the Department of Public Health must inform the Legislature’s public health committee about the number of incidents and what steps they are taking to ensure safety. You must report annually on what you have done.
The measure also adds accountability measures for cyber-attack preparedness in healthcare facilities. Beginning January 1, 2025, hospitals will be required to annually submit their cybersecurity breach response plan to an audit by an independent certified cybersecurity auditor or professional certified by the Information Systems Audit and Management Institute or similar organization. there is. Auditors will review the plan’s adequacy and identify areas for improvement, making it available for inspection by state agencies such as the Department of Public Health.
This provision of the bill was enacted after three Connecticut hospitals suffered cyberattacks that forced patients to be transferred for weeks, disrupted facility operations, and caused financial hardship due to billing difficulties. It is something that
Records obtained by the Connecticut Mirror show facilities such as Rockville General Hospital, Manchester Memorial Hospital and Waterbury Hospital. cancel Almost half of elective procedures were performed, and X-rays and CT scans, which are critical to treating patients with potential strokes and heart attacks, were sometimes unavailable for nearly six weeks.
Lawmakers pledged to better prepare for future cyberattacks. An earlier version of the bill would have required states to provide resources to hospitals in the event of a ransomware attack, including wireless communications systems, intranet systems for secure communications, heart monitors, fax machines, and other equipment. It was mandatory. This proposal was revised due to budget constraints.
The bill adopted Monday also changes rules for the exchange of health information across the state. This allows health care providers to operate exclusively as employees of covered entities under the Health Insurance Portability and Accountability Act, even if they do not have patient medical records or are licensed by a state. The covered entity is exempt from connecting to the network under certain circumstances, such as when the covered entity is legally responsible. (for decisions regarding the protection or disclosure of health information).
Providers may also share information with exchanges where prohibited by state or federal privacy or security laws or where patient consent is legally required but not obtained. There is no need to do so, the measure says. The working group will study privacy and cybersecurity issues related to exchanges.
The 40-section bill also:
- Creates a home health worker safety grant program.
- Requires health departments to obtain educational materials on gun safety practices for primary care providers to provide to patients.
- Requires the Consumer Protection Bureau to investigate prescription drug shortages.
- Hospitals and other healthcare facilities will be able to record data on the time employees spend requesting pre-authorization or pre-authorization from healthcare providers.
- It is a discriminatory practice for a nursing home to deny a prospective resident solely because he or she is receiving mental health services.
- Establishes a definition of “direct care” with the goal of minimizing nursing home staffing levels.
- Requires the Commissioner of Mental Health and Addiction Services to establish peer-run respite centers (operated by contracted nonprofit organizations) to provide peer respite and support services to adults.
- Requires licensed hospice agencies to encourage staff to spend three weeks each in a pediatric intensive care unit or pediatric oncology unit to develop skills and expertise in preparation for their role in pediatric hospice care.
- Allows physicians and physician assistants employed in facilities licensed by the state health department to form unions in certain circumstances.
Rep. Susan Johnson (D-Windham) said provisions that strengthen protections for home care workers are needed.
“This is what happens when you don’t take precautions to make sure people are protected,” she said, referring to Grayson’s killing. “These are not things we want our providers to experience. We don’t want to see them assaulted. We don’t want to see them killed. , we want to make sure they are protected when they enter the home.”
Rep. Farley Santos, D-Danbury, praised the move to expand hospice services for children.
“As the father of a son who passed away and required pediatric hospice care, what we’re going to do in this section is outline the need across the state. We’re going to outline what the costs are going to be,” he said. . “We will also look into how these services can be expanded. As someone whose family has had to rely on those services, I commend the committee for placing this section here. To do.”
Rep. Tammy Nuccio (R-Tolland) expressed concern about proclamations in the bill that could drive up overall health care costs, such as the requirement that certain insurance policies cover coronary artery calcium scans.
“All the orders we pass do nothing to reduce health care costs,” she says. “It just means the insurance company has to pay out more money, which increases claims and therefore increases the cost of treatment.
“I’ll be here again in June, [insurance] Interest rates are reviewed and everyone throws up their hands in derision that interest rates have gone up and insurance premiums are so high. There’s not a single person in this chamber who will stop and say, “What did we do last Congress to raise insurance premiums?” In healthcare? ”
The Senate approved the bill last week by a vote of 34-1. Sen. Rob Sampson (R-Wolcott) was the only dissenter.
Sen. Saud Anwar, co-chair of the Public Health Committee and a contract physician at Manchester Memorial Hospital, said thousands of people were “lost” during a prolonged technology outage at three Connecticut hospitals affected by the cyber attack. “They weren’t able to get the level of care that they needed.” I should have gotten it. ”
“Unfortunately, it is only a matter of time before more hospitals in the state are affected by cybersecurity and cyberterrorist attacks,” he said. “This is an important thing for us to work on. It’s important to be prepared. If you plan ahead, the risk and complication rate will be much lower.
“Every day, hospitals and health care systems across the country are breached by cyberattacks, putting hospital and patient information at risk. That’s why you need a plan.”
The bill now heads to Governor Ned Lamont’s desk for his signature.