6 mins read
May 14, 2021
New rules from the US Department of Health & Human Services on patient data interoperability – including the Interoperability and Patient Access final rule – are set to usher in a new era in healthcare where patients are allowed to safely access and share their data with providers and third parties as they see fit.
This will not only enable a more seamless care experience for patients but will also allow providers and third parties to more easily access and share critical information, ultimately helping to foster new healthcare services never before thought possible. With these new mandates coming into play, opportunities to truly integrate digital health tools into traditional healthcare settings are increasingly emerging.
Apps, for example, will be able to fully harness patient data without roadblocks to offer new mechanisms for advanced care, allowing providers to remotely monitor patients and alert them when medical tests and appointments are overdue. With the data shackles removed, healthcare can be transformed – leading to better access to patient data, improved interoperability, and increased innovation.
Historically, health plans and providers have been understandably reluctant to share information both for competitive and regulatory reasons. However, as the new rule is implemented, consumers will exercise increasing control as to how and with whom their EHI is shared. This will usher in unprecedented risk, including risk to privacy, as third-party developers can directly access patient data, and risk to monetization of data with the rise of new applications that circumvent traditional regulatory gatekeeping policy. Understandably, the costs to establish, maintain, audit, and retain EHI will be borne by health plans, providers, and potential patients.
To stay relevant, health plans will need to embrace this new reality via a consumer-focused strategy and not just check the box. Survival requires not only getting on board with these newly defined needs but getting in front of them by putting the member at the center of value creation while transforming how data is tracked and managed. This may take some deep, authentic introspection, and asking questions such as:
At its core, this rule is about transparency and giving individuals the ability to move across health plans and providers and have both their clinical and administrative information move with them and be accessible throughout their journey. Bottom line certified IT developers will empower individuals to actively engage in their health care in an unprecedented way, through a seemingly limitless set of new use cases, such as these, at the highest level:
To understand how to best meet the new mandate’s requirements, there are several considerations healthcare organizations should keep in mind as they prepare for July 1, 2021, when the Centers for Medicare & Medicaid Services begin enforcing the rule.
First and foremost, there should be a commitment to a “no harm” approach, with risk management and consumer privacy being critical drivers of this ethos. It will be imperative that healthcare systems strike a balance between governance and security that enables greater value delivered at the individual, population, and system levels.
A second consideration: Meeting the requirements while also protecting patient information is crucial so it’s important to remove any unnecessarily complicated processes and complex variables that may hinder or delay moving forward in the given timeframe. For starters, stick to already effective security foundations and policies that are in place. Resist the urge to re-write and re-think the security and governance plan from scratch. Rather than large-scale creation of new policies, aim for augmentation and evolution of what you are already doing successfully today.
It’s also important to accept, and prepare for, the fact that the system may be resistant to change. There are always entrenched and competing interests at play within healthcare. Many may feel threatened by the mandate that strives for greater openness. Some organizations will remain reactive to legislation while others will embrace the intent. The goal should be to ensure no harm and achieve progress while upholding the overall charter that ensures patients and members obtain data sharing rights.
The Interoperability and Patient Access final rule not only makes the providers think about achieving patient interoperability. Apart from that, it also pushes to step towards delivering patient-centric care. With patients being able to access their health data easier, healthcare providers can better provide an effective healthcare system in the long term.