Submit your article of up to 500 words in length, subject to editing for clarity and brevity (please note: I run only original articles that have not appeared on any Web site or in any publication and I can’t use anything that looks like a commercial pitch). I’ll use a phony name for you unless you tell me otherwise. Thanks for sharing!
HIE: To Be It or To Do It
By Kipp Lassetter, MD
Since the start of the ARRA-generated deliberation over the definition of meaningful use, health information exchange (HIE) has become one of the healthcare industry’s hottest buzz terms. Yet ask what this crucial term means and you may have trouble pinning down a consistent response.
HIE has typically been viewed as a synonym for a regional health information organization (RHIO). However, as the industry has evolved, the real-world use of the term has expanded, making HIE a notoriously gray area. Distinguishing between an HIE as an entity and HIE as an action is key to resolving this confusion.
An HIE-as-RHIO — like CalRHIO or the Delaware Health Information Network (DHIN) — is a regional entity run by a third-party, neutral organization with a fixed governance structure. But in its broader sense, HIE is an action and an objective that applies more broadly within the care community to any hospital, health system, and physician practice pursuing health information exchange.
In the realm of this broader definition of HIE-as-an-action, hospitals, health systems and RHIOs share the common goal of exchanging healthcare information with their affiliated physicians, laboratories, member hospitals, payers, other ancillary service providers, and with patients directly.
In fact, hospitals, health systems and RHIOs can use the same technology to ensure the acquisition of data from disparate systems across dispersed care locations and publish that information to data consumers. With a sufficiently robust HIE technology, these data consumers — including providers, payers, hospitals, and patients — can, in turn, publish information to the network, producing a bi-directional exchange of actionable health information.
It is important to pay attention to this distinction between the concepts of HIE as an entity and HIE as an action, i.e. organizations like RHIOs and the act of exchange itself. If HIE is a requirement for demonstrating meaningful use, does the government declaration refer to HIE as an entity (an HIE organization) or does it refer to the action (the exchange of health information)? Though this may appear to be a purely semantic argument, the distinction becomes relevant when selecting a health information exchange solution.
If a vendor promotes its product as an HIE solution, does that mean the solution provides health information exchange only within the four walls of the hospital? Or is it also capable of connecting to broader state, regional, and/or national health information exchange platforms? The latter aligns best with the government’s current explanation of meaningful use.
Per the federal HIT Policy Committee’s revised recommendations for meaningful use, the capability to exchange health information is required where possible in 2011. Also, significantly, participation in a national HIE is required by 2015. This clarification suggests that hospitals and health systems should ensure that their HIE solution delivers two levels of capabilities — providing data exchange within the organization and then seamlessly connecting to broader HIE platforms.
Kipp Lassetter, MD is the CEO of Medicity.
This could be scary. These are the people who responded to the over 40,000 complaints of privacy violation citizens sent to them by having DOJ investigate and penalize a handful of individuals for identity theft.
On the other hand, most privacy complaints were for disclosures of PHI that do not violate HIPAA because there is nothing much left in it to violate. HIPAA was gutted in 2002 and virtually every player in the healthcare system (all CEs and BAs) was granted the right to use and disclose every American’s PHI without consent for TPO. People are outraged to learn that when others decide to use, disclose, or sell their PHI, it is no longer a privacy violation because the Bush Administration removed the key consumer protection in the HIPAA Privacy Rule.
Once HIPAA was gutted and over 4 million CEs/BAs can decide when to use and disclose our data, there was not much left to protect consumers. Ensuring the security of health databases and software is very critical, but alone, without consumer control over PHI, is not enough to make systems trustworthy.
HIPAA is an exposure rule now; HITECH did not restore the patent’s right of consent at the federal level. But, the right to health privacy still exists in Constitutional and common law, so complaints about privacy violations sent to OCR have to be dealt with via the state and federal court system instead, which is almost impossible for an individual to pursue. HITECH did authorize state AGs to enforce HIPAA, but again, the key enforcement that patients want is the right to control use and disclosures of PHI, which do not violate HIPAA, but do violate medical ethics and Constitutional and common law.
Looks like OCR will now enforce security requirements and will eventually make the rules to ban sales of PHI (they will go through a rulemaking process and propose amendments to HIPAA, so HIPAA will comply with the ban on sales required by HITECH).
Again, OCR has not met the public’s expectation of being the watchdog for their interests.
Deborah Peel, MD is a practicing physician and a board member of Patient Privacy Rights.
The PACS Designer’s Review of Meaningful Use Concepts
By The PACS Designer
With the American Recovery and Reinvestment Act of 2009 (ARRA) allocating funding for Healthcare IT solutions to promote meaningful use of software solutions, TPD thought it would be good to review how it can be accomplished meaningfully.
We’re all aware of the controversy surrounding CCHIT-certified EMRs and what they can bring to the adoption of usable software for physicians without significantly impeding their daily work routines. While obtaining the CCHIT certification draws attention for the vendor to their product offerings, it doesn’t guarantee that using their EMR will bring new efficiencies to your practice. The reason is there’s much more to the implementation than the a standalone certified EMR solution.
First, when installing an EMR solution, you need a central database location to store patient data for further clinical use in daily activities. Typically the EMR vendor supplies a data storage location for its software only. This causes another silo to be created with limited functionality ,thus hampering its expansion for other data collection activities (i.e. lab results and other data parameters). If the EMR solution comes with a data port to receive and send data, then some progress is possible for further integration efforts for the practice.
When it comes to measuring meaningful usage, it should be viewed with a broad spectrum of daily activities beyond the clerical function that is present in most EMRs.
One early benefit of an EMR that physicians can utilize is the e-prescribing function. If the EMR software has an export function, you will be able to forward your prescriptions to the appropriate pharmacy, thus eliminating the need for giving the patient a paper copy and/or faxing it for the patient. Also by using electronic forwarding for prescriptions, you are beginning the meaningful use process which should prove that payment for performance is actually happening within the practice.
An example of an e-Prescribing application is "The National ePrescribing Patient Safety Initiative (NEPSI)", which is a joint project of dedicated organizations that each play a unique role in resolving the current crisis in preventable medication errors. Their website, Nationalerx.com, offers physicians a free solution that will help them create an electronic prescription that can be forwarded to a pharmacy. Also, by using such an application, CMS will pay each physician $3K to $5K for proving that meaningful use is taking place within an EMR system.
Some other questions that need answering are:
- Does the EMR solution permit import of lab results through a data port? If not, it should not be viewed as enhancing further meaningful usage.
- Does the EMR solution have export capabilities to send data to a remote storage location for redundancy and secure archiving purposes? If not, what other method will you use to protect valuable patient data parameters that could populate a PHR for the patient, or a Continuity of Care Record (CCR) for another provider?
In summation, the most practical solution should interface with a master database to permit easy creation of electronic prescription capabilities, a data import/export feature, and adequate security protection to insure safe meaningful use concepts.
Finally, while it doesn’t affect the primary care marketplace to any great degree, it is important to note that the trend for the future will be migrating data from numerous silos into a federated architecture to enhance the chances for data sharing, and also help in the review of trends to improve the overall quality of health treatment processes.