08-07-13 | Blog Post

Standardizing Health Information Exchange Without Sacrificing PHI Security

Blog Posts

The HHS OCR Acknowledges Need for Standards and Incentives for Health Information Exchange Across the Full Care Spectrum … Without Sacrificing PHI Security

On the heels of announcing his retirement as National Coordinator of Health IT, Farzad Mostashari joined Patrick Conway, MD, Director and CMS Chief Medical Officer and Cindy Mann, Director, CMS Center for Medicaid and CHIP Services in an online webinar to respond to the public input received to the joint CMS/ONC Request for Information on advancing interoperability and HIE.(1) The RFI received more than 200 submissions from providers, payers, organization, and consumers, and this morning’s webinar exceeded the maximum of 1000 participants. (2)

Dr Mostashari kicked off the webinar reiterating the mantra that has been a hallmark of his communications throughout his tenure: “Patient information should flow wherever the patient goes. Coordination should be rewarded. HHS will continue to rely on policies and regulations to accelerate the exchange of information.”

Mostashari reiterated that the current EHR incentive programs are “necessary, but not sufficient to accomplish” health information exchange – a sentiment consistent with his statements in recent HIT Policy Committee meeting. (3) Mostashari went on to acknowledge that successful exchange of patient health information will depend on a successful business case supporting health information exchange. Payment models were highlighted as an opportunity to drive the business imperative and create the context for sharing information.

“We cannot let it be profitable to hoard information, and unprofitable to exchange information.”

The public feedback spoke strongly to the gaps of the current meaningful use incentives that left Long-Term and Post-Acute (LTPAC) and Behavioral Health (BH) care providers. Some of the proposals from the public feedback included direct incentives for LTPAC and BH providers, inclusion of LTPAC and BH providers in State Innovation Models.

Another consistent point of feedback to the RFI was a clear call for standards for information exchange across the full spectrum of care. Farzad admitted, “We were not really focused on standards development, but we did get a lot of feedback and we realized the gaps in our approach and the need for interoperability across the spectrum of care. We will respond to that. We need data elements standardized across the spectrum of care.”

Mostashari responded to the common criticism that banking ATMs already exchange sensitive financial information nearly instantly across the country. If the banking industry can figure it out, why is it so hard to exchange patient information? First, Mostashari reminded the audience that it took at least a decade to get ATMs successfully coordinating information in a standard way across the country.

Secondly, that ATMs deal with about 7 fields of information that effectively are all in one dimension – the exchange of currency. Health information, spanning anything from a doctor’s hand-written notes from a patient visit to a huge image from an MRI scan or XRAY to a patient’s DNA genome, is much more complex and varied in it’s size, format, and total number of data points captured during a patient’s course of care.

“If we were setting up a system to exchange patient height information, it would be relatively easy.” But in addition to the complexity of health data itself “trust issues are critical’ and other factors like business motives and fragmentation throughout the care system “make it difficult”. He reiterated, “It IS complicated. but we are making progress.” The key, according to Mostashari, is incremental improvement to continue moving forward in a safe and secure way.

Mostashari referred the importance of protecting health information several times as critical to maintain and fortify throughout the ongoing transition to health information exchange. “Privacy and security issues are first and foremost … when we talk about health information exchange. If we wanted an optimal engineering solution, it wouldn’t be as hard. We want a TRUST-OPTIMAL solution. Patients have to be able to trust their providers and know that their information is secure and private and that there won’t be any surprises.”

Other proposals included use of reimbursement codes to denote care coordination of telehealth, eVisits, radiology and remote evaluation and measurement, an extension of the Stark and anti-kickback exceptions for donation of EHR software.

Much of the RFI feedback reflected ongoing and widespread confusion about health information exchange, and Mostashari implored those interested in the progression of health information exchange to become as informed as possible. He expressed that HHS OCR “needs to to a better job communicating the roadmap. Far too many people have far too many questions; we can’t count on everyone going to http://wiki.siframework.org.

A white paper explaining the proposals and feedback to the Request For Information is here –

http://www.healthit.gov/sites/default/files/acceleratinghieprinciples_strategy.pdf (PDF)

More information about Health Information Exchange: http://www.healthit.gov/HIE.

HIPAA Compliant Hosting White PaperFor more about health IT security, read our HIPAA Compliant Hosting white paper.

This white paper explores the impact of HITECH and HIPAA on data centers. It includes a description of a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing, and vendor selection criteria.

Related Articles:
Encrypting Health Record Data in Michigan Health Information Exchange
Michigan and Ohio are syncing up – health records, that is. State health information exchange groups, the Ohio Health Information Partnership CliniSync and Michigan Health Connect have joined forces to allow residents of Ohio to seek medical treatment in Michigan. … Continue reading →

Michigan Health Information Exchange (HIE) Invests in Secure Network
In order to ultimately improve patient care and reduce wasted resources, the healthcare industry continues to undergo its digital makeover in an effort to streamline their workflow and step into the 21st century. Complementing the adoption of EHR systems, network … Continue reading →

Secure Health Information Exchange: Preparing for a Disaster
The ONC (Office of the National Coordinator for Health) recently blogged about disaster preparedness and health information exchange (HIE), citing the recent Hurricane Isaac as a reason for concern about accessing and locating health records in another state. In the … Continue reading →

(1) Advancing Interoperability and Health Information Exchange
(2) Advancing Interoperability and Health Information Exchange (CMS-0038-NC)
(3) Testimony before the Committee on Finance (PDF)

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved