As President Obama’s healthcare reform unfolds in the last years of his administration, critics and supporters alike are looking for objective data. Meaningful Use is a funding program designed to create health IT systems that, when used in combination, are capable of reporting objective data about the healthcare system as a whole. But the program is floundering. The digital systems created by Meaningful Use are mostly incompatible, and it is unclear whether they will be able to provide the needed insights to evaluate Obamacare.
Recent data releases from HHS, however, have made it possible to objectively evaluate the overall performance of Meaningful Use itself. In turn we can better evaluate whether the Meaningful Use program is providing the needed structure to Obamacare. This article seeks to make the current state of the Meaningful Use program clear. Subsequent articles will consider what the newly released data implies about Meaningful Use specifically, and about Obamacare generally.
Epic Systems, the market leader in electronic health record software (EHR), recently made a quiet but potentially transformative announcement that may finally shake the healthcare industry out of its technological doldrums.
Epic said it is prepared to support the creation of a more open interoperability platform for integration with other diversified healthcare applications. This will attract substantial investment to create software that operates, hopefully seamlessly, within the Epic EHR infrastructure. Expect Epic’s competitors to follow suit, eventually opening up the marketplace of installed EHRs to third-party software developers and the efficiencies of modern, post-EHR technology ecosystem.
Epic’s critics have often denounced the company for selling a mostly closed technology, dampening hopes for the creation of an ecosystem of best-of-breed applications that work together with the EHR to automate much of the care delivery infrastructure beyond patient intake and billing. The value of such an infrastructure is extremely compelling and so the company is under enormous pressure from its customers to become more open.
We know that health IT can help improve care quality. ONC and the Health Resources and Services Administration (HRSA) are working hard to ensure that all providers adopt and use EHRs. In the past, some researchers found that there might be a digital divide in health IT use, meaning that providers who mostly serve certain groups of people – particularly the poor and racial/ethnic minorities or people in rural areas – may be using health IT less than others.
Community health centers remain the largest provider of health care to underserved individuals in the US. They provide health care to more than 20 million Americans every year, including many who are poor, uninsured, or have no regular source of care.
In the past, health centers used health IT at a lower rate than other providers. In 2006, a survey showed that only 26% of health centers had any EHR capacity at all.
While there has been much focus lately on the ways in which ObamaCare is chilling the growth of private business, we should not overlook the continuing deleterious effects of the one surviving relic of HillaryCare, the Health Insurance Portability and Accountability Act (HIPAA). Quietly, September 23 came and went as the compliance effective date for a new rule, expanding the reach of HIPAA, and likely driving many smaller players out of the health care industry.
Spearheaded by then First Lady Clinton, HIPAA was established in 1996 to improve privacy of personal health information, referred to as protected health information, or PHI. It requires health care providers, known as “covered entities,” and their vendors, contractors, and agents with access to PHI, known as “business associates,” to comply with certain privacy standards under its “Privacy Rule,” and with certain security standards under its “Security Rule,” in order to protect sensitive health information that is held or transferred in electronic form.
Over the past decade, equipped with the noble aim of protecting our privacy, HIPAA has successfully demonstrated the power of the law of unintended consequences. Improved protection of PHI has been marginal. However, HIPAA has impeded communication among physicians, reduced physician time devoted to patient care, and deterred medical research. And all at an enormous cost of compliance. While estimates vary widely, the cost of compliance for many providers has been in the millions.
Now, rather than take heed, the government has decided to double down through expansion. Under the Health Information and Technology for Economic and Clinical Health Act (HITECH), a corollary of HIPAA, promulgated to create incentives to facilitate the development of healthcare information technology, the government has sought to update the requirements of HIPAA in light of the changing dynamics of technology and health practices, increasing the safeguards and obligations of health care providers and their business associates.
Health IT Week demonstrated a double barrel strategy to segregate patient information from provider information. Providers already have the power to set prices and health IT plays the central role.
By rebranding HIPAA as “Meaningful Consent” and making patients second-class citizens in Meaningful Use Stage 2 interoperability, providers and regulators are working together to keep it that way.
Essential consumer protections such as price transparency or independent decision support are scarce in the US healthcare system. The journalists are shouting from the rooftops.
There’s $1 Trillion (yes, $3,000 per person per year) of unwarranted and overpriced health services steering the Federal health IT bus with an information asymmetry strategy. Those of us that want to see universal coverage succeed need the information transparency tools to drive for changes.
Here’s how it works: The department of Health and Human Services (HHS) controls the health IT incentives and regulations. HIPAA applies to most licensed health services providers. Laboratories and devices are regulated by Medicare and the FDA.
Unlicensed services offered directly to patients, such as personal health records, web info sites and apps are regulated by the FTC. Separate regulatory domains facilitate the segregation of information and contribute to the lack of transparency by making patient-directed services use delayed and degraded information. This keeps independent advice from FTC-regulated service providers from illuminating the specific abuses.
The segregation of patient information from “provider” information is the current federal regulatory strategy. It’s even more so in the states. By making patients into second-class citizens, the providers can avoid open scrutiny, transparent pricing, and independent decision support.
Federal regulators then create a parallel system where information is delayed, diluted, and depreciated by lack of “authenticity”. This is promoted as “patient engagement”. For regulators, it’s a win-win solution: the providers support the regulation that enables their price fixing and many patient advocates get to swoon over patient engagement efforts.
The proof of this strategy became clear on the first day of Health IT Week – the Consumer Health IT Summit.
In the wake of the National Coordinator’s announcement that he is departing, there has been a flurry of tweets, blog posts, impromptu online polls, and conjecture about the most likely successor. To date, none of these conversations has resulted in a thoughtful assessment of the set of characteristics that would represent the ideal candidate, nor has there been any thorough review of the most likely candidates in the context of these attributes. The need for a rapid transition to a successor is well understood by all – yet there has been no indication that the Obama administration is in a hurry. Let’s hope that we can evolve them toward a greater sense of urgency. The fragility of ONC – and the importance of its health – can’t be overlooked.
Let’s consider some history:
The first two National Coordinators, David Brailer and Rob Kolodner, were appointed before ARRA. The agency was small, focused largely on certification (through CCHIT), standards (through HITSP) and policy. When ARRA arrived, David Blumenthal, a thoughtful, deliberate, policy-savvy internal medicine physician from Boston was brought in to lead the rapid expansion of health IT that was facilitated by the HITECH Act.
ONC expanded under Blumenthal from a team of ~ 30 people to a team of >100 in the two years that he was at the helm, and the agency published the 2011 certification criteria regulations, and collaborated with CMS to publish the regulations that defined stage 1 of the Meaningful Use incentive program. The policy foundation was that the three-stage program – to be implemented over six years – would evolve the nation’s care delivery system by causing adoption of EHR technology (stage 1) and then exchange of clinical information electronically (stage 2) and finally improved clinical outcomes (stage 3).
Farzad Mostashari, who joined Blumenthal as the Deputy National Coordinator early in Dr Blumenthal’s tenure, was quickly named as Blumenthal’s successor when Blumenthal announced his resignation in the Spring of 2011. Both Mostashari and Blumenthal pushed hard for Mostashari’s appointment – so that the consistency, focus and forward momentum of the organization could be maintained.
And so it was. Under ARRA, adoption of EHRs has skyrocketed. The CMS MU Stage 2 regulations and the ONC 2014 certification regulations were published, and the size of the agency has doubled to over 150 people. Recognizing the need for experienced partners to assist him in leading a larger agency – and growing national reliance on health IT and an essential component of the care delivery ecosystem – Mostashari hired David Muntz as the “Principal Deputy” (essentially the COO of the agency), Jacob Reider as Chief Medical Officer (leading a team of clinicians focused on quality and safety) and Judy Murphy as the Deputy National Coordinator for Programs and Policy (adding internal coordination support for ONC programs).
Just a little over four years ago, President Obama, in his inaugural address, challenged us as a nation to “wield technology’s wonders to raise health care’s quality and lower its costs.” This was an awe-inspiring, “we will go to the moon” moment for the healthcare delivery system. But the next thought that ran through the minds of so many of us who work on health IT issues was this: how were we going to get there?
And it was clear why. The promise of EHRs was enormous and we knew that paper-based records were a disaster. They lead to lots of errors and a lot of waste. I have cared for patients using paper-based records and using electronic records – and I’m a much better clinician when I’m using an EHR. In the weeks that followed Obama’s inaugural address, the U.S. Congress passed, and the President signed the Health Information Technology for Economic and Clinical Health Act, which contained a series of incentives and tools to drive adoption and “meaningful use” of EHRs. None of us knew whether the policy tools just handed to the Obama administration were going to be enough to climb the mountain to universal EHR use. We were starting at sea level and had a long climb ahead. Continue reading…
Join me in attacking an endemic problem in health care today by Hacking HIPAA. I am crowdfunding the development of a new legal form to be used on and after September 23, 2013 to allow patients to opt-in to easier health care communications – a Common Notice of Privacy Practices that is patient-focused. (Text me, please! Email me, please! etc.)
Depending on how much support this project garners, we can attack some related problems as well. Contributions at any level are welcome; contributions at the levels designated on the Hacking HIPAA Medstartr page get you a seat at the virtual table, voicing your concerns that need to be met in the CNPP and in follow-on projects.
I’m working on this project with two leading health care open source software developers, Ian Eslick and Fred Trotter. Check out Fred’s video intro to the project on the Medstartr page – you can find Ian and Fred online via the links on the project page, too.
Here’s an excerpt from the crowdfunding project page:
Right now we have the worst of all worlds with regards to patient privacy in healthcare. Patients are frequently subject to sub-standard security and privacy practices AND healthcare innovators are unable to deliver solutions that would be useful to patients because their technical approaches are uncomfortably novel for health care bureaucrats. Patients end up getting poor security and no innovation, the worst of all options. This problem is going to get worse before it gets better, since the new Omnibus HIPAA Rule will make cloud hosting of health care projects untenable very soon.
You probably saw some of the headlines last week where Box announced that is supporting HIPAA and HITECH compliance, signing Business Associate Agreements, (BAAs) and integrating with several platform app partners such as Doximity, drchrono, TigerText, and Medigram to help seed its new healthcare ecosystem. I also announced that I was formally advising Box on their healthcare strategy.
I was drawn to Box because of all the lessons I learned at Google building a consumer-directed, personal health record (PHR), Google Health. Google Health allowed you to securely store, organize and share all of your medical records online and control where your data went and how it was managed. It was unlike the other PHRs in the industry that were tethered to the provider or payor or part of an Electronic Health Record (EHR) system.
Sound good? Well, it was in theory. The big issue with Google Health was aggregating your data from the disparate sources that stored data on you. We had to create a ton of point-to-point integrations with large health insurance companies, academic medical centers, hospitals, medical practices and retail pharmacy chains. All of these providers and payors were covered entities in the world of HIPAA and were required to verify a patient’s identity before releasing any data to them electronically. It was a very bumpy user experience for even the most super-charged, IT savvy consumer.
I’m well aware that a good fraction of the people in this country – let’s call them Rush fans – spend their lives furious at the New York Times. I am not one of them. I love the Grey Lady; it would be high on my list of things to bring to a desert island. But every now and then, the paper screws up, and it did so in a big way in its recent piece on the federal program to promote healthcare information technology (HIT).
Let’s stipulate that the Federal government’s $20 billion incentive program (called “HITECH”), designed to drive the adoption of electronic health records, is not perfect. Medicare’s “Meaningful Use” rules – the standards that hospitals’ and clinics’ EHRs must meet to qualify for bonus payments – have been criticized as both too soft and too restrictive. (You know the rules are probably about right when the critiques come from both directions.) Interoperability remains a Holy Grail. And everybody appreciates that today’s healthcare information technology (HIT) systems remain clunky and relatively user-unfriendly. Even Epic, the Golden Child among electronic medical record systems, has been characterized as the “Cream of the Crap.”