Will 2019 be the year of the interoperability tipping point in American healthcare?
The American Health Association (AHA), Association of American Medical Colleges (AAMC), and several other healthcare system organizations recently joined a chorus of entities promoting interoperability in its report “Sharing Data, Saving Lives: The Hospital Agenda for Interoperability.” As this report advanced the cause for accelerating interoperability, it also revealed six pathways to full interoperability.
Here, you’ll learn those six pathways and what they mean for achieving interoperability at your organization.
6 Pathways to Full Interoperability
In their report, the hospital associations explained the six pathways to full interoperability as:
- Security and privacy. Stakeholders must be able to trust that shared information is secure, and manufacturers need to embed security and privacy requirements into each layer of the infrastructure.
- Efficient, usable solutions. Data needs to be available when and where it’s needed.
- Cost-effective, enhanced infrastructure. The infrastructure used to connect information sharing networks has to be secure, cost-effective, and updated over time.
- Standards that work. Connected systems require new and improved standards that are used consistently.
- Connecting beyond electronic health records. Interoperable systems must expand the reach of data sharing to address social determinants of health and population health.
- Shared best practices. All stakeholders need to collaborate to build on which practices work.
Let’s briefly unpack each of these pathways to understand the obstacles to achieving interoperability – along with what others have done to overcome those obstacles.
1. Security and Privacy
Health data sharing is a key portion of interoperability, but risks can arise when more providers have access to patient data.
This increase in the number of providers accessing data can translate to improved patient care, but it also presents opportunities for health data to be inappropriately accessed or compromised.
Certain privacy and security requirements need to be “built in” to interoperability infrastructure, including:
- Data classification. Without data classification, how will you identify data that may be subject to stricter standards than HIPAA? Or how will you agree upon specific privacy and security obligations with your interoperability partners?
- Data access controls. Once you agree on which data will be exchanged, how will you control who has access to the data or portions of the data? Will you use access controls like role-based access control (RBAC) to ensure users can only work with the minimum data necessary to fulfill their job duties?
2. Efficient, Usable Solutions
Interoperability is only successful if:
- The end user finds the exchanged data useful
- The data exchanged improves the quality of healthcare
HIMSS defines interoperability as “the ability of health information systems to work together within and across organizational boundaries in order to advance the effective delivery of healthcare for individuals and communities.”
A system is not interoperable, then, if it requires a physician to wade through reams of unnecessary data to emerge with only an incomplete record of the patient’s health history and medical care.
Instead, an interoperable system must support patient matching and the provider’s ability to get a complete record of the patient’s health history and medical care across healthcare provider systems.
But patient matching has grown as a concern for the healthcare industry: A January 2019 GAO report noted that patient matching is difficult, but that it could be improved by common healthcare data standards, which help ensure medical records are matched to the correct patient.
3. Cost-Effective, Enhanced Infrastructure
Here, we can look to industries outside of healthcare: for example, mobile phones and cable technology, which have a nationwide data exchange platform that is both non-proprietary and vendor neutral.
Lack of agreed-upon or consistent data standards can make it cost-prohibitive for many healthcare providers to create interoperability between competing EHR systems.
Application programming interfaces (APIs) have emerged as a key tool for deploying a cost-effective interoperability infrastructure – specifically the use of nonproprietary APIs based on the HL7 FHIR interoperability standard. (Fast Healthcare Interoperability Resource (FHIR) is a standard describing data formats and elements, as well as an API for exchanging electronic health records.)
4. Standards that Work
The 21st Century Cures Act, enacted in 2016, contains a key standard to streamline and standardize data exchange: The Trusted Exchange Framework and Common Agreement (TEFCA) standard, which shows how to support information sharing. The HHS released Draft TEFCA Specifications in January 2018, and organizations are increasingly using these specifications to streamline and standardize data exchange.
Under TEFCA, a Recognized Coordinating Entity (RCE) would administrate TEFCA and use the framework to build out a single set of guidelines and technical standards. Health information networks can agree to follow the requirements outlined in the common agreement to become qualified health information networks (QHINs) and help HIEs communicate.
5. Connecting Beyond Electronic Health Records
Historically, patient data within EHRs has been narrowly focused on the clinical and medical aspects of an individual’s health. That’s because a patient’s health conditions were typically evaluated and treated in a clinically focused, disease-centered approach; EHR data reflects that focus.
Today, we recognize that other factors can impact an individual’s health. Social determinants of health (SDOH) can range from the individual’s ability to obtain healthcare and their nutrition to the condition of their home and neighborhood.
But either much of this SDOH data is missing from EHRs, or these systems are not designed to collect and manage one data. With the support of the ONC, EHR and clinical system vendors today are working to expand capabilities to include this type of patient data.
6. Shared Best Practices
Even though 10 years have passed since HITECH articulated the need for a nationwide system for the electronic use and exchange of health information, full nationwide interoperability remains unrealized.
That’s precisely why health entities should share what works in their interoperability practices – so that these shared best practices can spur interoperability that serves the needs of patients, caregivers, and providers.
Some best practices include:
- Data governance. Before attempting interoperability, all involved need to create data ownership and control agreements. Interoperability partners, such as health systems, may work in competitive markets and feel hesitant to share data; agreed-upon data governance plans can help allay suspicion and build trust among participants.
- Legal and/or policy changes. Healthcare providers must comply with several regulations, along with federal and state laws, governing data exchange. Interoperability projects must be designed to accommodate changing regulations and laws. HHS, for example, has requested input by February 2019 regarding possible HIPAA changes around information-sharing. If HIPAA changes occur, how will interoperability projects need to be changed?