In case you missed it, the Office of the National Coordinator for Information Technology (ONC) just published a
draft of a framework for trusted exchange of health information data that they believe is essential to creating true healthcare information interoperability between systems. This framework is mandated in the 21st Century Cures Act (Section 4003) which directed the ONC to create such a framework.
It appears that Congress and the ONC has figured out that in order to get the promise of health information technology (HIT), one must first create an environment in which information can be freely and appropriately shared between healthcare providers. That environment appears to consist of a variety of pieces:
1) "A oommon method for authenticated trusted health information network participants"
2) "A common set of rules for trusted exchange"
3) "Organizational and operational policies to enable the exchange of health information among networks, including minimum conditions for such exchange to occur"
4) "A process for filing and adjudicating noncompliance with the terms of the common agreement."
To accomplish these goals, the proposed framework is intended to support four primary outcomes:
- Provide an environment in which providers can access patient data regardless of its source
- Provide patients the ability to aggregate their health information from a variety of sources
- Provide payers and providers with the ability to aggregate data across patient populations for analytics purposes
- Require the HIT industry systems to provide a series of application programming interfaces (API's) through which other systems can acquire information from them. This is aimed squarely at enabling entrepreneurs to acquire and use ePHI to improve healthcare information access.
This requires the creation of a regulatory infrastructure to both certify and monitor health information networks who would become the providers of this data, along with a specific and growing list of the minimal data quality and availability requirements necessary to be certified as a provider of healthcare data. To do this, ONC proposes to create a Recognized Coordinating Entity (RCE) to develop both the certifications and the resulting "common agreement" by which these providers are permitted to share this data.
One of the bumps in the road, of course, is HIPAA and what data exchanges are permitted from anyone who inquires for it. This, in turn, will require some tweaking of Business Associate Agreements (among others) to ensure that the permitted uses for this data exchange are enabled.
The detail gets even more interesting, and is, perhaps, the stuff of another blog. Suffice it to say that certain practices that appear common would not be permitted (such as restricting access of patient information to competitive systems), that data exchange would be predicated on adoption of industry standards (as opposed to being proprietary), and limiting the exchange of data to one-patient-at-a-time.
This is visionary, and likely represents our best hope for true interoperability. Here's hoping they can make it happen.
What do you think?
Dennis A. Tribble, PharmD, FASHP
Ormond Beach, FL
DATdoc@aol.com
The opinions expressed herein are my own, and not necessarily those of my employer, nor of ASHP.