Periodicals, blog posts and journal articles are great for gaining an understanding of complicated laws such as HIPAA and the HITECH Act. But, if you are responsible for such an area for an organization, I highly recommend that you read the actual text of the regulation.

Reading the regulations will help you avoid the trap of subscribing to conventional wisdom that is NOT wise. Having an understanding of what the regulations really say will help you find the best solution for your organization.

And, I find that the laws are surprisingly readable. In the case of the Meaningful Use Final Rules, the first 85% of each rule is ONC’s response to all of the comments that they received. These are very insightful and, in my opinion  well-written. The actual regulations are really just a few pages and are a very quick read. The most confusing part is when the rule’s reference a specific standard using the legal number system. But that is navigable (the Find function is your friend).

Mike Silverstein wrote a wonderfully candid story on HISTalk. Everyone that buys heatlcare IT needs to read the entire post. This part in particular is a gem…

“Their [healthcare IT startup companies’] game plan is often the same: spend a bunch of money to hire salespeople who can go out and sell something, then hope something sticks and figure out the rest later.”

My take is this…due diligence is more important than ever and most of us aren’t doing it right.