As many suspected and hoped they would, the Office of the National Coordinator for Health IT and the Centers for Medicare and Medicaid Services offered a bit of regulatory relief this week – extending some compliance timelines for their respective interoperability rules during the COVID-19 pandemic.
But the importance of the data exchange and patient access provisions stipulated in the ONC and CMS regs has not faded, even as providers are preoccupied with battling coronavirus.
Indeed, some industry stakeholders have argued the public health emergency is an object lesson in why easy, API-enabled consumer access is important.
“The COVID-19 pandemic gripping the nation underscores the importance of these regulations in enabling greater data exchange and providing patients with their information,” said Ben Moscovitch, Pew Charitable Trusts’ project director for health information technology, in letter earlier this month urging HHS to implement the rules “without additional delay.”
Even in announcing the months-long compliance pushbacks, CMS Administrator Seema Verma made the point that, “now more than ever, patients need secure access to their healthcare data.”
Also sharing that view is Ryan Howells, principal at Leavitt Partners and executive director of the CARIN Alliance, who explained why in a recent HIMSS20 Digital presentation.
In his talk, Interoperability and the Power of the Consumer, Howells discussed the value of the ONC and CMS final rules, and described larger efforts nationwide to pave the way for more smartphone-enabled data aggregation via APIs and open standards.
Even though the new regs won’t be enforced in their entirety as soon as was first envisioned, he said, the push toward “person-centric value-based care” is here to stay.
The rules have shifted data-sharing expectations from a “may-share situation to a must-share situation,” said Howells. “Data exchange is going to be much more prolific and is no longer optional.”
Consumer-directed exchange, where apps and APIs help patients aggregate data where and when they wish, “similar to how they aggregate their data in the internet world,” will offer huge new opportunities for population health, he said.
Sure, there’s long been an individual right of access under HIPAA, said Howells. “It’s existed for quite some time. But now there’s an opportunity to do that digitally and at scale.”
COVID-19 has posed its own challenges with regard to data sharing, he explained. In a situation that calls out for wider, more comprehensive and expeditious sharing of information for public health reporting, it’s still often “very difficult for public health agencies to access the data they need.”
HIPAA allows that healthcare organizations to share public health data, of course, said Howells, “but it’s a may-share situation, not a must-share situation – meaning covered entities don’t have to share their data with those agencies.”
Efforts to contain coronavirus are a clear example of what should be a “must-share” situation, not just with public health agencies, but with other providers as needed, he said. “But now we’re running into a second problem: Individual covered entities have data use agreements that prohibit data sharing with other organizations.”
These new API and patient access rules, once they’re enforced, will help solve a lot of that, said Howells.
“With consumer directed exchange, we have the ability for the consumer now to give consent and say, ‘This is my data and I’d like it to be shared with the public health agency, CDC, my hospital, state or local officials, etc.’
“That becomes a new paradigm that hasn’t existed before,” he added. “Using the power of APIs, we will quickly get to the point where that data sharing gets much easier, it becomes more consumer-centric, and allows for another option to be able to share that data with individual apps and public health agencies and third parties that may need access to it.”
Email the writer: [email protected]
Healthcare IT News is a publication of HIMSS Media
Source: Read Full Article