A Wish-list from the Trenches of Health Information Technology

• Publication year: 2017

A Wish-List from the Trenches of Health Information Technology

Sam Snider

A WISH-LIST FROM THE TRENCHES OF HEALTH INFORMATION TECHNOLOGY

Sam Snider^*

During the 2016 U.S. Presidential campaign, President-elect Donald Trump outlined a seven-point plan for Healthcare Reform¹ that began with a call for the immediate repeal of the Patient Protection and Affordable Care Act² (the ACA), enacted in 2010 and more commonly known as "Obamacare." With President-elect Trump's November 29 announcement of Rep. Tom Price, R-Ga., and author of six consecutive versions of a bill proposing full replacement of the ACA, as his nominee for Secretary of the Department of Health and Human Services (HHS)³ , President-elect Trump is continuing to focus on healthcare cost containment and consumerization efforts. However, as the head of HHS, Rep. Price will also need to spend considerable focus on the regulation and oversight of the health information technology (HIT) systems that form the backbone of our modern and evolving healthcare system.

As an orthopedic surgeon, Rep. Price is well versed in HIT matters. While in Congress, he was an advocate of flexibility in the implementation and enforcement of the Centers for Medicare and Medicaid Services (CMS), Meaningful Use Program, and reducing providers' reporting requirements under the Health Information Technology for Economic and Clinical Health

[Page 258]

Act ("HITECH Act") of 2009. As a result, I would expect that HIT matters will be a priority for HHS under Secretary Price, although taking a backseat to his initial focus on amending or repealing the ACA.

This Article provides my personal wish-list of items that I would like to see HHS, and in particular the Office of the National Coordinator for Healthcare IT ("ONC") and the Office for Civil Rights ("OCR"), address during President-elect Trump's term. I believe that these suggestions would significantly enhance the ability of the U.S. healthcare system to provide safe and cost-efficient patient care, while facilitating the exchange of healthcare data throughout the healthcare system My wish-list focuses on four areas: Interoperability, Privacy and Consent, Information Security, and Industry Involvement.

I. Interoperability

In September 2015, the ONC released the Federal Health IT Strategic Plan 2015-2020⁴ , which focused on a vision of "High-quality care, lower costs, healthy population and engaged people"⁵ and established four overarching goals for the federal government during the 2015-2020 timeframe: first, advance person-centered and self-managed health; second, transform healthcare delivery and community health; third, foster research, scientific knowledge and innovation; and fourth, enhance the nation's IT infrastructure.⁶ My wish-list focuses on the fourth goal of enhancing the nation's IT infrastructure, as I believe it is the foundation upon which the three other goals are built. As is evidenced by the 2015 Plan, and considering that 78% of physicians and 96% of hospitals used certified electronic health record ("EHR") technology, ONC is now heavily focused on three priority areas relating to healthcare interoperability—the seamless and secure flow of health information⁷ to any point in the healthcare system in which that information can be beneficially used. As set forth in its 2016 Report to Congress on Health IT Progress (the "2016 Report"), the ONC's three priority areas are:

[Page 259]

1. Promoting common standards to facilitate the seamless and secure exchange of data, including through the use of standardized, open application programming interfaces ("APIs")
2. Building the business case for interoperability, particularly through delivery system reform efforts that change the way the CMS pays for care to reward quality over quantity of services
3. Changing the culture around access to information through: combating information blocking; ensuring that individuals know they have a right to access and transmit their health information and that health care providers know they must provide access to the individuals; and reminding health care providers that they are legally allowed to exchange information in the course of treatment or coordinating care⁸

A. Continue Current ONC Interoperability Priorities

The first item on my interoperability wish-list for the incoming Trump administration is that it continues supporting the ONC's high level focus as outlined by the 2015 Plan and the 2016 Report. Regardless of political debates of the deep philosophical and practical differences of opinion around healthcare payment and insurance reform, advances in clinical and administrative software technology along with the rise of incredibly sophisticated data mining tools provide the opportunity for meaningful, perhaps revolutionary, advances in the delivery, efficiency, and efficacy of healthcare; in addition, it can provide the foundation for dramatic improvement in the quality and length of the lives of all Americans. There is very little debate about the attractiveness of a world in which one's complete and comprehensive health record is available at any time and at any point of care, or one in which the world's smartest minds have vast quantities of current and complete de-identified data to mine to identify causalities, correlations, and cures, for intractable diseases like cancer and Alzheimer's. These end states simply cannot be accomplished without true data, liquidity, and interoperability within the U.S. healthcare system, and given the number of players within that system—300+ million patients, several hundred thousand doctors, tens of thousands of individual healthcare practices, thousands of HIT vendors, private health insurance companies, federal payers, employers, state governments, etc.—federal leadership is absolutely necessary, though not sufficient, to achieve true interoperability, and the ONC is generally on the

[Page 260]

right track. At the ground level, however, there are an extremely high number of practice problems that must be solved. The two biggest, in my view, are the need to identify and assign health data, regardless of its provenance (e.g. from a primary care physician, acute care provider, wearable, or home health technology, etc.) to the appropriate patient when a comprehensive record for that patient needs to be compiled, and the development of a single and robust set of technical interoperability standards that allow HIT vendors to develop interface technology once, rather than developing slightly different interfaces or connection types to every HIT platform or tool. The next two interoperability wish-list items address these concerns.

B. National Patient Identifier

The next item on my wish-list is the development of a national patient identifier. An individual's health data is generated from a huge number of sources—one's primary care physician, every specialist one sees, supportive specialists such as radiologists, or acute care providers such as hospitals, afterhours practices, and the like, and increasingly from wearables and home-based devices ranging from consumer devices like FitBits and Apple Watches to glucose monitors, smart scales, and other sources of clinically relevant data. To transition to a person-centered versus provider-centered healthcare system, and to facilitate overall health rather than the treatment of chronic or acute conditions, all of this data, from all of these systems must either "live" in a single record, or be available at any time at any point of care. There are a wide range of strategies currently employed to "match" health data to patients, ranging from patient matching used by individual EHR vendors to match patients within their databases, to efforts such as those of the Sequoia Project working to develop frameworks for "Cross-Organizational Patient Identity Matching"⁹ , to the College of Healthcare Information Management Executives' National Patient ID Challenge, a "$1 million crowdsourcing competition aimed at incentivizing new, early-stage, and experienced innovators to accelerate the creation and adoption of a solution for ensuring 100% accuracy in identifying patients in the U.S."¹⁰ However, as the description of the CHIME National Patient ID Challenge suggests, even the

[Page 261]

most sophisticated organizations today are at best capable of matching data to patients 95% of the time, with more common success rates of less than 50%.

Failed patient matching is not a trivial matter. According to a recent article citing a 2014 ONC study, every instance in which an electronic patient match fails, it costs the Mayo Clinic $1,400, and causes Intermountain Health, a large and extremely sophisticated health system, to spend $4-$5 million annually on technologies and processes to reach the 95% rate noted above.¹¹ In addition to the administrative burden, the patient health implications of a patient record mismatch are obvious.

A national patient identifier would be a significant step in eliminating both the health and financial impact of poor patient matching. Indeed, a national patient identifier was a component of the first draft of the enabling regulations from the original HIPAA statute in 1996, but was blocked in 1998 due to concerns around privacy, security, and the potential for a "big brother-like, government-controlled database." Legislation prohibiting expenditures on the development of a national patient identifier followed soon after.¹² These concerns are certainly real. As 2015 and 2016 have shown, the healthcare industry as a whole is extremely vulnerable to cyberattacks, and there are important federalism and privacy concerns about the creation of a centralized national patient identifier system. However, the privacy and security concerns already exist, and in many ways are worse in the current system. For example, all patient matching algorithms that I know of rely on a combination of data including name, sex, date of birth, and social security...