The Big Fib
By Weary Healthcare Traveler
On Tuesday, May 7, Don Rucker appeared before the Senate to garner support for ONC’s new rule relating to 21st Century Cures. Although he used complex language and invoked incantations of magic like JASON, Restful Services, APIs, AI, ML, and OAuth2 to US Senators who all just nodded and went back to their scripted questions, this is my summary of what he was really championing in that hearing.
The Baseless Promise that Apps and APIs will revolutionize health and healthcare records. There is no evidence to suggest this at all after almost a decade of patients having the ability to download their own medical records, billions of dollars of venture capital spent on startups, and a wide range of APIs available across all the major healthcare vendors. This includes both standard FHIR and proprietary APIs available through agreements with third parties.
The Big Stick of severe penalties for the new vague crime of data blocking of patients and venture capitalists seeking data perpetrated by doctors, health systems, or technology developers who submit to ONC in support of their ever more ridiculous programs which continue to torture doctors in the name of CMS quality management and payment programs.
Of course, given the lack of any traditional enforcement for such a nebulous crime, ONC’s plan is to invoke False Claims Act laws to create a Sword of Damocles over any vendor or steward of patient data who does not submit fully to the Baseless Promise and the new rule.
The False Flag of claiming patient data rights as the primary rationale for their new rules, as ONC has fully submitted to the venture capitalists of Silicon Valley and other special interests who wish to exploit patient data on a massive scale. The Big Stick is big, but of course specifically designed by ONC to not be big enough to reach the new bread of app developers mentioned in The Baseless Promise who would abuse patient data through complex and intentionally deceitful terms and conditions (they are not covered by HIPAA or ONC Certification.
Rucker misleads the Senate by claiming that OAuth 2, a beautiful standard that works in other industries, will provide protections for patients when in fact he simply means that the patient would retype their passwords and afterwards the same rules that apply to Facebook, Google, Cambridge Analytica and the like would magically protect our most sensitive and personal data. It won’t.
The Big Hero as ONC tries to claim the high ground defending all that is right and just. And,but for the evil forces of vendors, health systems, and wicked data blockers would be able to fix up healthcare in a matter of months if everyone just got behind their new rule. Per Rucker previously, to wait even a month for additional input would have dire consequences to patients.
The Big Villains are said to be EHR vendors, who through their mandated support of ONC, CMS, and other payer requirements, try to help doctors and health systems cope with a fundamentally polluted reimbursement and regulatory system and are cited as the cause of burnout as thanks for their efforts. These vendors will inevitably stand accused under these new regulations for not fully supporting the data broker industry and be subjected to The Big Stick.
And, oh, gag me – this notion that EHR vendors have gag clauses is ridiculous. Asking customers not to publish trade secret intellectual property is not a gag clause. Health systems and provider contracts almost always tip the other way, restricting vendors from sharing any confidential information they may have. That would include basics like fee schedules, business expansion, and acquisition plans, but also observable medical errors that providers and pharmacists make on a routine basis even after overriding a warning to stop and reconsider. That’s where the real gag clauses exist.
If EHR vendors actually had gag clauses, I doubt you’d have the level of ONC- and AMA-sponsored EHR bashing you have today. Let EHR vendors protect their intellectual property and use well-established methods through Patient Safety Organizations for any real EHR safety problems.
The Evil Empire is healthcare providers and systems who themselves hoard data with a fearful eye toward outsiders who seek to exploit it. Fearful because HIPAA will crush them if they make even an innocent mistake in their stewardship of patient data. And now fearful that patients won’t understand how their data, their family history, and their genetic information was permanently released to the Internet and sold many times over when the terms and conditions of an app seemed to assure patients it wouldn’t do so when the patient connected the app to their doctor’s EHR.
All this in spite of health systems now offering online portals and apps that rival any travel, banking, or self-serve app found in any other industry. Going back to the Baseless Promise, only about 35% of patients even sign up to use their apps and portals at the urging of their doctors and health systems which, like airlines, also benefit from patient self service.
So, finally, The Big Fib. Through this new rule and under the flags of innovation and healthcare reform, our government (this administration as well as the previous) is on a path to sell out American patients to a data broker industry that has spent over a decade and countless millions of dollars lobbying for unwitting and uninformed patients to allow their data to be used in ways they can’t even imagine. This False Flag above is in large part sponsored by the a data broker industry worth hundreds of billions of dollars seeking hundreds of more billions.
What should we be focused on instead of ONC’s “Game of Thrones” heroes and villains narrative?
The healthcare industry is largely built on a model of cost shifting from patients without coverage or covered by government-subsidized programs to patients with employer-sponsored commercially insurance. That worked out in a world with more commercial than government subsidized patients. With the Medicaid expansion, there are now more people on subsidized plans and fewer on commercial plans, and thus we have run out of the ability to shift costs. Prices and deductibles are rising fast because neither insurance companies nor healthcare providers want to take a hit to revenue or their bottom lines.
There is not a quick solution here because it is more beneficial for politicians to campaign on the issue of healthcare coverage than to come together to create a bipartisan solution. We need more than a Baseless Promise to fix healthcare. We need to press Washington to unwind this hairball of a reimbursement system.
Healthcare providers seek to enhance and protect their relationships with patients and often do so by using data and services in beneficial ways, leveraging their unique relationship with the patient and their stewardship for the patient data under HIPAA. This can be used for good and as well for evil. Rethinking regulations to protect patients by enforcing rational HIPAA-protected interoperability including both doctor to doctor exchange, but also patient to their chosen apps with full awareness, audit abilities, and responsibilities similar or under HIPAA for those app providers. Force apps to protect patient data in a reasonable and accountable manner similar to health providers.
Get over the fixation on EHR vendors as villains. They have done more to dramatically enhance patient outcomes, reduce medical mistakes, and improve convenience, consistency, and compliance in healthcare over the last decade than any other technical innovation. Spend a moment contemplating this array of regulatory and payer requirements and the explosion of medical knowledge unaided by automation. If enough providers hate their EHR when EHRs are being built to deal with the rules providers choose to submit to, then maybe they’ll stop buying certified EHRs and take the penalties as CMS dictates.
If ONC and DOJ continue to abuse vendors who work in good faith to support these complex and ambiguous programs on ridiculous timeframes, maybe those vendors should simply decide to no longer offer certified EHRs. What would happen in this industry if ECW, Greenway, Allscripts, Epic, and Cerner walked away from the ONC certification program?
Maybe most important of all, stop using exaggerated anecdotes and innuendo to “make your case.” As leaders of ONC, CMS, Congress, and industry, it’s time to put some science and integrity to work in crafting a better-functioning health system for Americans. Many billions of API transactions and hundreds of millions of patient records are being transported across health systems and with apps, also made available directly to patients every year. To hear senators read from their scripts that “we still don’t have interoperability” is embarrassing.
Will it be better 10 years from today than it was 10 years ago? Of course it will, but not if we continue to exaggerate and fool ourselves to the benefit of those who continue to seek to exploit patients and their data. This willful campaign of misinformation will likely lead to a backlash by patients when they realize their government has sold them out to data brokers.