August 19, 2009
Certification Follow-up
The HIT Policy Committee held its monthly meeting last Friday. Certification of electronic health records systems was again a topic of considerable discussion. There was some push-back on the marginalization of CCHIT that seemed to have been implied at the July meeting.
Here is my summary of the certification discussion: HHS certification of a system means that a user of such a certified system will qualify for ARRA incentives if the other criteria for Meaningful Use are met. The National Institute for Standards and Technology (NIST) is expected to take the lead in accrediting organizations aiming to offer HHS certification. NIST is not expected to certify systems itself but will work with the Office of the National Coordinator (ONC) to develop the process. The committee mentioned that the precise number of certification organizations has not been determined. All that is clear is that there will be one or more organizations involved.
My sense from listening to the discussion is that committee members have come to better appreciate the complexity of certification than was apparent during the July meeting. There was concern that use of multiple certifying bodies might create confusion about the certification process and criteria throughout the health IT industry.
The HIT Policy Committee indicates that it will rely on CCHIT for continuing advice in order to leverage existing certification work whenever possible in its advisory role to the ONC. The committee, however, seems committed to separating the development of criteria for certification from the actual testing process. Presumably this means that the HIT Policy Committee will take the lead in setting the timing and criteria for certification in the future.
Wednesday, August 19, 2009
Tuesday, August 18, 2009
August 18, 2009
Health Information Exchange
I attended a conference recently where health information exchange (HIE) was discussed. One of the presenters asserted that the technological aspects of HIEs are easy problems to solve compared to developing governance that can be agreed upon by all stakeholders. I will discuss these two HIE issues in this session.
Health information exchange is one of the three legs of the stool of essentials necessary for exchange of clinical information among providers who use electronic medical records (EMRs.) The other two legs are EMR adoption by providers and hospitals and utilization of standards. HIEs are a major component of the infrastructure that will enable information exchange in the future. Recall that exchange of information is one of the key requirements of the evolving definition of Meaningful Use under the American Recovery and Reinvestment Act. Many HIE projects have been developed over the last 10-15 years. One of the lessons learned is that the successful development and implementation of HIEs is difficult to achieve. There have been many failures. A standardized approach has not been adopted and communication of lessons learned has been challenging.
A time consuming and difficult step in creation of HIEs has been the development of a governance structure. This requires a collaboration of multiple stakeholders. These participants often have conflicting agendas. It is not unusual for the development of a governance structure to take one to three years. Regional alignment of stakeholders and sharing of common organizational missions may expedite the process.
The governance model results in preparation of a business plan, rules for adoption of a robust privacy and security policy( including consumer information sharing consent policies), data sharing agreements, and selection of technologies to be utilized as well as vendor selection.
Technical issues are not trivial. Security and privacy considerations include developing the means of authorization, authentication, data encryption, and consent management. Many HIEs will need to provide master patient indices, master provider indices, de-identification services, data repositories, data registries, and database management services such as data warehousing.
I think there is a good argument for utilizing a different approach from the traditional HIE. A web-based business could offer all the technical features through careful selection and integration of the products of several current vendors. The governance conundrum could be handled by development of thoughtful policies and procedures for the business. A key element would be carefully crafted data use and sharing agreements (DURSA). Security and privacy provisions must meet or exceed HIPAA requirements. Then the package could be sold as a subscription service-similar to cable TV or cellular phone service. The painful development of governance structures could be circumscribed. The whole process of developing functioning HIEs should be accelerated significantly. Now is the golden period for private enterprise to step in and develop new HIE models. Sharing of information no longer will be optional for providers, labs, x-ray facilities, hospitals and others under provisions of ARRA.
Health Information Exchange
I attended a conference recently where health information exchange (HIE) was discussed. One of the presenters asserted that the technological aspects of HIEs are easy problems to solve compared to developing governance that can be agreed upon by all stakeholders. I will discuss these two HIE issues in this session.
Health information exchange is one of the three legs of the stool of essentials necessary for exchange of clinical information among providers who use electronic medical records (EMRs.) The other two legs are EMR adoption by providers and hospitals and utilization of standards. HIEs are a major component of the infrastructure that will enable information exchange in the future. Recall that exchange of information is one of the key requirements of the evolving definition of Meaningful Use under the American Recovery and Reinvestment Act. Many HIE projects have been developed over the last 10-15 years. One of the lessons learned is that the successful development and implementation of HIEs is difficult to achieve. There have been many failures. A standardized approach has not been adopted and communication of lessons learned has been challenging.
A time consuming and difficult step in creation of HIEs has been the development of a governance structure. This requires a collaboration of multiple stakeholders. These participants often have conflicting agendas. It is not unusual for the development of a governance structure to take one to three years. Regional alignment of stakeholders and sharing of common organizational missions may expedite the process.
The governance model results in preparation of a business plan, rules for adoption of a robust privacy and security policy( including consumer information sharing consent policies), data sharing agreements, and selection of technologies to be utilized as well as vendor selection.
Technical issues are not trivial. Security and privacy considerations include developing the means of authorization, authentication, data encryption, and consent management. Many HIEs will need to provide master patient indices, master provider indices, de-identification services, data repositories, data registries, and database management services such as data warehousing.
I think there is a good argument for utilizing a different approach from the traditional HIE. A web-based business could offer all the technical features through careful selection and integration of the products of several current vendors. The governance conundrum could be handled by development of thoughtful policies and procedures for the business. A key element would be carefully crafted data use and sharing agreements (DURSA). Security and privacy provisions must meet or exceed HIPAA requirements. Then the package could be sold as a subscription service-similar to cable TV or cellular phone service. The painful development of governance structures could be circumscribed. The whole process of developing functioning HIEs should be accelerated significantly. Now is the golden period for private enterprise to step in and develop new HIE models. Sharing of information no longer will be optional for providers, labs, x-ray facilities, hospitals and others under provisions of ARRA.
Subscribe to:
Posts (Atom)
Posts
