Opinion

HHS Policies to Promote Secure Exchange of Data Will Lead to Better Health Care

By Joseph Impicciche
February 10, 2020 at 5:00 am ET

Health care is undergoing dramatic transformation, and the entities accountable for delivering compassionate care to patients are being challenged to meet these new and evolving needs. The dimensions of this transformation are deep and wide, and the complexities of providing care extend far beyond those traditionally involved in managing patients’ health and wellness.

Health care providers are focused on the same goal: improving health and health care for patients and consumers. This requires coordination across an expanding number of constituencies who must have access to greater clinical insight, leveraged to accelerate the delivery of novel care models and therapies. Essential to these requirements is access to robust clinical datasets and tools that facilitate real-time clinical workflow integration so that comprehensive care coordination is available to and benefits all those we serve, while maintaining patient data privacy and security.

With the future of health care dependent on the ability to make data-driven decisions, we applaud the Department of Health and Human Services’ continuous efforts and leadership through the Office of the National Coordinator for Health Information Technology and the Centers for Medicare and Medicaid Services on advancing nationwide interoperability. The proposed new policies have the potential to take an important next step in granting consumers seamless and secure access to data and increase the vehicles for the exchange of electronic health information across providers and systems. They should be used as the starting point for further discussions and potentially thoughtful modification, led by the spectrum of stakeholders involved in the delivery and receipt of care.

Every day, providers, patients and consumers find themselves trying to piece together the health information they need from siloed systems across the care delivery continuum. Within each of these systems, information is entombed in proprietary data models that effectively create dependency on a single electronic health record vendor’s platform.

Exchanging health information from disparate platforms has proven cumbersome. It can be difficult to positively confirm a patient’s identity, as no unique national identifier exists. And even when records can be accurately matched, the scope of data exchanged is often limited and not fully supportive of integrated care delivery across the continuum.

It recently has been suggested that these gaps are not significant impediments to the delivery of coordinated, whole-person care. Some argue that closing these gaps will create unsupportable fiscal and administrative burdens for health systems and providers, as well as untenable privacy and security risks for patients and consumers.

New policies must acknowledge and seek to ease the cost and administrative burden on providers; appropriate timelines should be afforded, and privacy and security risks should be mitigated. However, a properly considered rule should ultimately be finalized because of the overall benefit it will provide to patients and providers alike. We believe the cost of doing nothing is too high; the persistence of current approaches will not be economically sustainable and will not support the more sophisticated approaches to privacy and security that will be required to adequately serve patients, consumers and providers across the continuum.

Today, after incredible focus and expenditure by federal agencies and tireless work at technology adoption by numerous stakeholder groups, we’re still very far from realizing our shared goal: a robust, standards-based, cloud-enabled health care information architecture that will support broad health care data interoperability and benefit patients across the continuum of care.

The failure is multidimensional and includes the lack of common data model implementation at scale, the lack of a national health care information identifier at the individual level, and the absence of a meaningful scope of application program interfaces across health care technology platforms — both legacy and newly emerging platforms outside the traditional health care ecosystem.

The solution lies in applying new technologies — some developed in other industries — to accelerate the democratization of commoditized health care data housed in modern cloud-based architectures. Accordingly, we applaud the work of HHS, ONC and CMS in tackling what is admittedly a complex issue. They are seeking to develop a forward-looking policy that drives common health care data model development, supports accelerated development of APIs and promotes the development of software applications that support provider, patient and consumer choice in health care technology to enable true multiparty health care process integration.

Without a doubt, the pursuit of democratized health care information must be approached carefully and in parallel to the evolution of more sophisticated privacy and security frameworks. Multi-stakeholder input will be required to ensure that next-generation privacy and security policies account for the technological capabilities, increasing cybersecurity threats and greatly expanded scope of health care constituencies that now exist.

Recognition of the importance of these capabilities is not new. Foundational support for their achievement rests with a sweeping series of federal legislation enacted over the last 20 years, including the Health Insurance Portability and Accountability Act, the Health Information Technology for Economics and Clinical Health Act, the Affordable Care Act and others. The broad goal underpinning each of these policies was to create the framework necessary for the efficient and effective creation, distribution and utilization of digital health care information to benefit patients.

The work to build on these foundational policies must continue. HHS’ proposed rule warrants careful consideration and thoughtful modification to minimize burden, ensure data privacy and security and provide appropriate time for implementation. With such changes, HHS’ new rules will help advance the progression toward a framework that allows data to be optimally available to improve patient care while providing robust privacy protections and data security.  

 

Joseph R. Impicciche, JD, MHA, is president and chief executive officer of Ascension.

Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.

Do NOT follow this link or you will be banned from the site!