New technologies and systems are improving the way patients and providers can use health care data to improve treatment processes. If patients are given access to their health care data, this access also improves their overall well-being, as they can use this data to move freely between providers and use mobile apps to track their health and find treatment more easily.
At the forefront of efforts to introduce new rules that make it easier for patients to access their data are Steve Posnack, executive director of the office of technology at the Department of Health and Human Services Office of the National Coordinator for Health Information Technology, and Elise Sweeney Anthony, director of the office of policy at ONC, who discussed ways to improve patient access to data at the CXO Tech Forum: Health IT Modernization April 4.
ONC’s new rules are currently out for public comment.
“One thing we really focused on was the flow of information,” said Anthony. “[That means] ensuring that, as much as possible, information is flowing where it needs to go for the benefit of the provider and the patients that they serve.”
While improving the flow of information previously focused on the technical aspects, Anthony said that ONC is planning to change its certification process to address behavioral impediments to data access, such as company practices that discourage transparency and encourage information hoarding.
In the future, health care providers and other companies that store patient data could be charged with “information blocking," a civil violation punishable by a severe fine or other disincentive, if they are withholding data for any reason other than ones that the HHS has narrowly defined.
“Those are around things like privacy, security and preventing harm,” said Anthony. “All of the exceptions we’ve laid out are focused on a case-by-case analysis. But across the rule … our focus is on supporting the effective and secure flow of electronic health care information.”
Over 90% of hospitals have adopted electronic health care records since 2009, Posnack said, as well as approximately 75 to 80% of ambulance services. Given the incentives to adopt, he sees this as the next step in improving access from the rules ONC issued in 2012, which led to the majority of health care providers creating patient portals so that patients could easily see their data online.
“We are looking to other industries’ technology implementation,” Posnack said. “Part of the law includes a reference that health IT developers now need to make application program interfaces (APIs) — that are already prevalent in a lot of other industries’ software interactions — available as part of one of their legal requirements.”
Anthony said she sees the responsibility to enact policies like these across all federal agencies as an opportunity for ONC. “We think about interoperability throughout the federal sphere,” she said, highlighting past cases where ONC worked with the Center for Disease Control to develop appropriate pregnancy standards for providers during the early days of the Zika epidemic, as well as coordinated with the Centers for Medicare and Medicaid on interoperability and innovation programs. In 2015, before the new rule mandated that health IT developers included APIs in their software, ONC worked with CMS to develop APIs on a functional level, which now helps to define the standards in the rule.
Posnack highlighted the benefits of working with the private sector to ensure HHS can make the most of new technologies. “In health IT now, you really can’t do anything meaningful or impactful without data,” he said. “A lot of the work we do now is figuring out how to translate the data that’s accessible to health care providers, population analytics companies [and] patients, and translating that into impact.”
ONC has solicited feedback from both the private sector and other federal health care agencies to ensure that it can implement any improvements that would make that data more useful for everyone involved. Moreover, it can share the private sector’s feedback with other agencies — and vice versa — to increase communication throughout the health care industry. For example, Posnack said, “a lot of the work we do is to clear out the misunderstandings from a federal policy and industry perspective,” such as ensuring IT developers are in compliance with the Health Insurance Portability and Accountability Act (HIPAA).
Looking ahead to the rollout, Anthony said she is focused on ensuring it provides a foundation to improve interoperability and patient access to data while also allowing for innovation. The rule accounts for a two-year delay for developers to design new health IT systems that adhere to the rule before rolling out those systems to health care providers.
“We want the industry to keep moving as fast as possible,” said Posnack, highlighting what he called the regulator’s dilemma, "and then equally we have a statutory mandate to run the health IT certification program. You need to have a level of consistency and a baseline that is expected by the entire industry so that app developers and other services know where to point their strategy.” His focus will be on providing a timeline to IT developers as well as updating the standards in the rule as necessary.
So far, the feedback on the new rule has been good, Anthony said, and they have received feedback from health insurance providers, health information exchanges, health information networks, to name a few of the stakeholders. The feedback so far has been especially helpful in defining information blocking and including provisions surrounding patient access, including that patients can receive their data electronically and that providers can switch electronic health record systems when appropriate.
“There may still be some areas we need to adjust,” Anthony said. “And that’s okay. Every time we do a new rule, we want to know where we’ve hit the right points and where we’ve missed the mark, so that we can put together a final rule that works for the community.”
Anthony encouraged everyone to comment on the new rule during the public commentary period, especially related to how the rule as it stands will affect stakeholders across the spectrum. “Comments are due May 3,” said Anthony. “We really value diverse perspectives, whether that’s a patient, provider or a consultant.”