Achieving health IT interoperability, the seamless ability to share and utilize patient data among different Electronic Health Record (EHR) systems has long been an issue within healthcare. Complex healthcare systems require diverse EHRs and achieving interoperability can alleviate many complications. Interoperability augments EHR systems by enabling better workflows, reducing ambiguity, and allowing seamless data transfer among other systems and healthcare stakeholders. Ultimately, an inoperable environment improves the delivery of healthcare by making the right data available at the right time to the right people (HealthIT.gov). Despite the advantages of interoperability, few EHR vendors have dedicated the time and resources to achieve meaningful standards. With such advantages recognized by all parties throughout the entire healthcare industry, this leaves one to question why?
According to Miriam Reisman, author of EHRs: The Challenge of Making Electronic Data Usable and Interoperable, an estimated 63% of physicians were still using fax machines as a primary means of communication as recently as 2012. Although this figure may seem misleading, multiple factors continue to deter interoperability to this day. Reisman states
“hundreds of government-certified EHR products are in use across the country, each with different clinical terminologies, technical specifications, and functional capabilities. These differences make it difficult to create one standard interoperability format for sharing data” (Reisman).
Furthermore, healthcare organizations often acquire products from more than one EHR vendor and are specifically designed to meet that institution’s unique standards and needs. In turn, this makes interoperability within one organization exceedingly difficult, let alone on a universal scale.
Brian Lancaster, Nebraska Medicine Vice President of IT believes the current state of EHR design is a major problem for health data exchange and argues,
“if a project requires two different systems to talk to each other, they may not be interoperable. The problem is, each of these systems have so many configurations. It’s a quagmire. There’s huge pressure for the EHR to get the data sets right and all the complex workflows right, which is difficult. Can it be made easy? I don’t know” (O’Dowd).
Lancaster’s question reveals another obstacle to interoperability; not a technical obstacle but a cultural one. In order to achieve healthcare interoperability, a collaboration of essential “stakeholders including patients, providers, software vendors, legislators, and Health IT professionals” is necessary (Reisman 573). Collaboration from varying parties who disagree on interoperability standards, put their best interests first, and intentionally block patient information results in incessant challenges.
A Hopeful Path
Achieving EHR interoperability is a daunting yet not impossible task. Similar to incentivizing EHR adoption under MU, MACRA, and HITECH, the path to interoperability may occur if strong incentives promote it. Although interoperability or, ‘health information exchange’, was specified as a required capability of certified EHRs, it was delayed to Stage 2 of the MU program. In turn, EHR vendors subsequently shifted focus away from this functionality and are still catching up (Adler-Milstein). Indeed,
“weak regulatory incentives pushing interoperability, even in combination with additional federal and state policy efforts supporting HIE progress, could not offset market incentives slowing it. Without strong incentives that would have created market demand for robust interoperability from the start, we must now retrofit interoperability” (Adler-Milstein).
Reisman similarly argues “the government will need to provide stronger incentives to both providers and EHR vendors to promote interoperability” (Reisman). Incentives however, will not single handedly pave the way to full-fledged interoperability. Advancing sophisticated technologies and proper infrastructure such as Application Programming Interfaces (APIs) are also necessary. APIs are interfaces that promote interoperability among disparate health IT systems by enabling unrelated software programs to communicate and interpret data. APIs act as a bridge between two applications, allowing data to flow regardless of how the applications were originally designed (O’Dowd). APIs are an effective tool and receive ubiquitous support from healthcare organizations and government agencies such as the Centers for Medicare & Medicaid Services (CMS). Achieving universal interoperability will be a long and arduous journey dependent on cooperation from varying stakeholders. Among other objectives, the government must promote stronger incentives, health IT vendors must end information blocking, and healthcare organizations must adopt proper IT infrastructure technologies such as APIs.
Tapuria, Archana; Kalra, Dipak; Kobayashi, Shinji (2013). “Contribution of Clinical Archetypes, and the Challenges, Towards Achieving Semantic Interoperability for EHRs.” Healthcare Informatics Research, Vol. 19, No. 4.
Everyday healthcare practitioners record and log sensitive patient information via Electronic Health Records (EHR). The incessant electronic recording of patient data may include valuable information such as Social Security Numbers, mailing addresses, birthdays, and health insurance data. Such personal information “has a higher value on the black market than credit card information” (Elliot 1) because, among other uses, it enables access to medical care, the purchase of prescription drugs or the ability to submit false claims. With such high value, it’s no wonder EHR data is highly susceptible to theft. Indeed, the following analysis reveals how this growing issue impacts EHR vendors and what security measures can be taken to combat theft.
According to Clemens Scott Kruse and his colleagues,
“the privacy of patients and the security of their information is the most imperative barrier to entry when considering the adopting of electronic health records in the healthcare industry” (Kruse, Smith, Vanderlinden, Nealand 1).
Both healthcare organizations and EHR vendors are victim to financial and reputable scrutiny if they fail to meet security requirements and protect patient data. The minimum punishment for any violation of the Health Insurance Portability and Accountability (HIPAA) Act’s three pillars of security including administrative safeguards, physical safeguards, and technical safeguards is $50,000 per violation, with an annual maximum of $1,500,000. Unfortunately, cyber security has historically “been viewed as an IT challenge, is approached reactively, and is not often seen as a solution to protect the patient” (Health Care Industry Cybersecurity Task Force 9).
Cyber criminals are perfecting the art of theft in a growing number of creative ways. It is increasingly difficult to combat invisible criminals with the capability to suddenly breach what was thought to be a secure system. So what security measures can EHR vendors take to shift the approach from reactive to proactive? Furthermore, what role should the U.S. government have in promoting this shift in security tactics?
Under the Obama Administration, the U.S government enacted legislation including HTITECH and MU; both of which defined EHR security measures. If these measures have done little to thwart cybercriminal activity in recent years, should the government play a further role in determining security requirements? According to the Health Care Industry Cybersecurity Task Force, the answer is yes. One Task Force recommendation is to establish a
“Medical Computer Emergency Readiness Team (MedCERT) to coordinate medical device-specific responses to cybersecurity incidents and vulnerability disclosures. The MedCERT would be a trusted entity that is viewed as independent and neutral by all stakeholders and will work to arrive at ‘the ground truth’ of vulnerabilities and proposed mitigations” (Health Care Industry Cybersecurity Task Force 34).
The role the U.S. government ought to play in the future of Health IT security is up for debate. What is not up for debate however is the proactive role EHR vendors must now take. It is no longer acceptable to wait for a security breach to implement change. Indeed, EHR “manufacturers should manage security risks within their product risk management processes including safety risk management, and consider risks throughout the lifecycle (from concept generation through end of life recycling or disposal) and across all levels of the system supply chain. If any one of these lifecycle phases or system levels is left unaddressed, that represents a potential susceptibility to cyber-related risks” (Health Care Industry Cybersecurity Task Force 30).
Additionally, EHR vendors can implement a number of advanced, yet simple, security measures to prevent cyber theft. For example, clinicians, pharmacists, nurses, and other healthcare practitioners access their EHR system through a unique username and password. However, “this widely used, single factor approach to accessing information is particularly prone to cyber-attack as such passwords can be weak, stolen, and are vulnerable to external phishing attacks, malware, and social engineering threats” (Health Care Industry Cybersecurity Task Force 32).To thwart such threats, EHR vendors can promote the use of two-factor authentication measures by leveraging biometrics, such as thumbprint, or wearable technology that enables access to that sole individual.
EHR vendors can also utilize encrypted data, adopt role-based access to limit different levels of the system to employees who need to use that portion of the application,” and transition to web hosted networks where security measures are typically more advanced than on-site servers (Terry 2). It is the responsibility of every EHR vendor to promote the utmost in patient safety which today, extends beyond the periphery of healthcare facilities and clinical software applications EHR vendors provide. Ensuring patient safety is equally synonymous with protecting private information from invisible criminals who steal for their own gain.
When viewed through a specific lens, every American generation over the past 50 years can be associated with substance and drug abuse. The era of heightened political tension and rise of hippie culture in the 1960’s gave rise to psychedelic substances such as Lysergic Acid Diethylamide (LSD), commonly referred to as acid. President Nixon’s “Public Enemy Number One” campaign aimed at hindering LSD and amphetamine use in the 1970’s drastically increased the popularity of other drugs like cocaine. The mid 1980’s – 1990’s experienced an unprecedented and far-reaching distribution of drugs including heroin and crack-cocaine, turning inner city neighborhoods across America into warzones. What came next, what the American public struggles to grapple with to this day, is perhaps the worst drug epidemic this nation has ever faced; Opioid abuse.
Opioids are a class of drugs that include both illegal substances such as heroin and legal substances such as oxycodone, hydrocodone, codeine, morphine, and many others; these substances not only relieve pain but produce extreme euphoria. Although typically safe when administered by a prescriber over a short period of time, the euphoric affect leaves some individuals highly susceptible to dependence long after their prescription has expired. According to the National Institute on Drug Abuse,
“the rate of death from overdoses of prescription opioids in the United states more than quadrupled between 1999 and 2010, far exceeding the combined death toll from cocaine and heroin overdoses” (Volkow, Frieden, Hyde, Cha).
Since 2010, the death rate has increased another 35% and shows no signs of slowing down. With tens of thousands of Americans dying each year from opioid abuse, the U.S. government has taken initiatives to curb this epidemic.
Among these initiatives is the utilization and expansion of healthcare information technology and automation software. Ohio Governor John Kasich, for example, has allocated $20 million towards new technology and tools to thwart the dramatic increase in opiate abuse. In the “New Strategies to Fight Opiate and Fentanyl Crisis in Ohio (2016 -17)”, government policies include expanding automation processes such as Electronic Pharmacy Management systems. Indeed, new strategies include:
- Expanding integration of the Ohio Automated Rx Reporting system (OARSS) into the electronic medical records and pharmacy dispensing systems.
- Develop an OARSS training website for higher education and residency programs to simulate use of system for future prescribers and pharmacists.
- Use algorithms to develop proactive alerts for prescribers in the Ohio Automated Rx Reporting System.
- Develop a report in the OARSS to allow prescribers to view their prescribing habits comparted with their peers.
- State of Ohio Board of Pharmacy will explore providing access to the OARSS for certified drug courts in Ohio.
Pharmacy Management Systems are an essential tool in countering opioid abuse. Pharmacy automation systems track the distribution of prescribed opioids including dosage and advanced clinical tools such as e-prescribing enable direct communication between prescribers and pharmacists. In turn, pharmacists can more easily detect signs of abuse while eliminating fraudulent prescriptions.
Lt. Governor Brian Calley is tackling Michigan’s opioid abuse crisis head on; a state recording 95 opioid related deaths in 1999 to over 1,000 in 2016. Michigan lawmakers have advocated replacing an
“old and outdated antiquated system that did not have the level of width or the functionality in today’s practices to be effective” for years (Skubick).
Enter the Michigan Automated Prescription System (MAPS), a pharmacy automation system and preventative tool “that allows doctors, law enforcement, pharmacies and rehab centers to track who is giving and getting prescriptions. They look up a patient record in the system and look at what they’ve been dispensed by way of controlled substances within the systems” (Skubick). Although Michigan and Ohio have long campaigns ahead, the expansion and modernization of pharmacy automation systems is a significant step in the right direction.
Congress is also making significant steps by introducing bills such as the Heroin and Opioid Abuse Prevention and Treatment Act of 2017 and allocating funds to curb opioid abuse and provide treatment to those who suffer with dependence. In reality, the opioid abuse epidemic is unlike previous drug crises; primarily due to the fact opioids are, in most cases, legally prescribed. Whether it is a construction worker suffering from back pain or a high school student having a wisdom tooth removed, the need for opiates are typically legitimate. Thus, it is essential prescribers take the utmost responsibility and precaution when administering these powerful substances. In an age dominated by technology, prescriber responsibility, precaution, and medication safety starts with sophisticated pharmaceutical automation processes. Adopting and implementing this technology across the nation is the first step in combating this arduous crisis.
Check out the Wall Street Journal’s captivating documentary below to learn more.
President Donald Trump’s proposed budget to congress effectively cuts $22 million from the Office of the National Coordinator for Healthcare Information Technology (ONC) and millions of dollars from other federally funded health IT organizations. Although this budget has led many industry leaders to question the future of healthcare IT in an era of political uncertainty, strong resentment already exists between health IT vendors and bureaucratic agencies who continue to roll out strict provisions.
Healthcare IT, especially in regards to Electronic Health Records (EHR), has revolutionized clinical practices. The reduction of medication errors, the ability to communicate pertinent patient information across health care communities, and overall improved patient outcomes associated with EHRs are a testament to the recent advances in health care technology. Indeed,“Health IT can engage and support health care providers, patients, and consumers with access to timely and accurate clinical information from Electronic Health Records (EHRs) and other sources” (Basch, McClellan, Botts, Katikaneni). This notion has been widely accepted by the U.S. government and received bipartisan support with the passing of the 21st Century Cures Act in December of 2016; legislation requiring further provisions for health IT vendors to meet. Yet, research suggests most clinicians are dissatisfied with EHR systems and health IT products that cater more to government mandates than to specific needs of hospitals and private practices.
In the wake of Trump’s budget proposal, individuals such as Thomas Payne, MD, the board chair of the American Medical Informatics Association expressed their disappointment. Payne quoted
“This budget request stops progress in its tracks. The ecosystem that entices young scientists and clinicians to pursue their passion to help patients will be severely damaged, resulting in a downward spiral of innovation, delayed or forgone investment in new treatments, and a stagnant patchwork of IT-enabled patient care” (Sullivan).
Individuals from other organizations including the Healthcare Information and Management Systems Society (HIMSS) and the American Health Information Management Association (AHIMA) also expressed concern over the proposed budget.
AHIMA CEO Lynne Thomas Gordon quoted“The bipartisan passage of the Cures Act by Congress last year made clear that investment in our nation’s health IT infrastructure is critically important if we are to advance new drugs and devices and fully realize the benefits of a learning healthcare system” (Sweeney). Many now fear the budget cuts will slow, if not prohibit, the implementation of provisions outlined in the 21st Century Cures Act, which among other provisions, include improving interoperability and maintaining EHR standards under Meaningful Use (MU). However, it can be argued strict legislation has already enabled a downward spiral of innovation.
Additionally, one must question what is more essential to patient care; addressing health IT concerns physicians believe are most important to their patient’s health or tasking vendors to meet endless government mandates that diverts attention from such concerns and product innovation? So, what is next for Healthcare IT in the US, and more importantly, what sort of role will the government have throughout Trump’s presidency? The appointment of Scott Gottlieb, M.D. as Commissioner of the Food and Drug Administration (FDA) might provide an inkling of what’s to come.
Gottlieb’s nomination was supported by his close ties to the pharmaceutical industry and impressive resume; serving as the deputy commissioner for medical and scientific affairs at the FDA during the Bush administration. Gottlieb argues regulation of healthcare IT is “scaring away digital entrepreneurs” and will push a deregulation agenda (Sweeney). Deregulation may attract talent to an industry riddled with onerous mandates stemming from HITECH, ARRA, the 21st century Cures Act and MU. Yet, it should not be assumed deregulation will counter all unforeseen consequences of budget cuts. The correct solution will most likely have to incorporate a healthy balance. Although it is essential for the government to participate in a mission to advance healthcare IT, bureaucratic agencies may not necessarily be the proper body to dictate terms.
Indeed, deregulation has long been sought by both health IT vendors and physicians; many organization are now calling for the cancelation of MU Stage 3. Moreover, Evan Sweeney, author for FierceHealthcare argues,
“Those in the digital health industry are hoping for a behind-the-scenes shift that emphasizes collaboration and removes barriers to innovation” (Sweeney).
If Trump’s budget is approved, coupled with deregulation, it will be interesting to see how the health IT industry reacts. Will this inspire the private sector to shift focus from meeting federal mandates to improving patient care and innovation? Will MU Stage 3 be canceled and enable health IT vendors to work closely with their customers rather than work for the government? Although it is still too early to tell, the 115th US Congress will have to determine the fate of an industry that yearns to enhance technological innovation for those who need it most, America’s patients.
In 2009 the Obama Administration became the drivers of healthcare policy by implementing a series of legislative acts including the HITECH Act and its Meaningful Use (MU) standards. Over the last eight years, sweeping reforms and regulations effectively transformed the world’s 5th best healthcare system into an industry riddled with frustration. Today, many question the advantages of such regulations while others desperately yearn for the pre MU days of healthcare.
There is no doubt MU and HITECH had positive impacts on the healthcare industry at large. For example, the Medicaid EHR incentive program has increased EHR adoption in hospitals from 11.9% in 2009 to 59% in 2014 – a nearly fivefold increase. During roughly the same period, EHR adoption in office-based physician practices rose from 48% in 2009 to 78% in 2013 (Meigs, Solomon 2). Moreover, many
“physicians perceive that EHR use yields overall clinical benefits, more efficient practices and financial benefits, and improves timely access to medical records as well as the quality of communication with other providers” (Jamoom, Patel, Furukawa, King 1).
Despite these success stories and positive claims, the introduction of HITECH and MU is not without consequence from an end-user perspective.
In the wake of HITECH and MU, many EHR vendors were forced to slam on the breaks of technological innovation in order to satisfy strict regulations. This is particularly true for small-scale EHR vendors, the forerunners of healthcare IT innovation, who must accelerate the standards of innovation to compensate for a lack of abundant resources. Unfortunately, focusing on meeting the strict standards of MU hindered the abilities of small-scale EHR vendors to work intimately with physicians and truly understand their needs. Indeed,
“many people blame the HITECH Act and its meaningful use EHR program for incentivizing software vendors to craft products that meet the federal government’s specific criteria at the expense of innovative features and functionality” (Monegain 1).
What is more frustrating for EHR vendors is the significant growth in physician dissatisfaction with their technology. In Electronic Health Record Use a Bitter Pill for Many Physicians, Stephen Meigs and Michael Solomon argue,
“a recent study revealed that the use of EHR systems is a contributing factor to professional dissatisfaction among physicians. Dissatisfaction with EHR technology is trending upward, with 12% more physicians expressing unhappiness with their EHR system in 2012 than in 2010” (Meigs, Solomon 2).
It is likely this increase in dissatisfaction can be partially linked to the continuous roll out of burdensome regulations within MU stages 1 and 2. Moreover, it is naturally expected this level of dissatisfaction will rise with further impending regulations included in MU stage 3, expected to roll out in 2018. Indeed, Dr. John Halmaka, Chief Information Office of Beth Israel Deaconess Medical Center, recently stated,
“Stage 1 created a foundation of functionality for everyone, that was good. Stage 2 tried to change too much too fast and required an ecosystem of applications and infrastructure that did not exist. Stage 3 makes many of the same mistakes as Stage 2, trying to do too much too soon. There needs to be a new approach” (Shaw 1).
But what exactly will this new approach look like?
In many cases, EHRs that were designed pre-MU originally had high user satisfaction. Unfortunately, many software systems were redesigned to obtain MU subsidies and, subsequently, user satisfaction dropped (Monegain 1). Ultimately, federal regulations have incentivized EHR vendors to produce and implement a product that does not align with their innovative missions nor meets the expectations of healthcare facilities. In turn, what was expected to be a win-win scenario has increasingly resulted in a lose-lose.
Frustration is felt on both sides; both from the EHR provider and the physician. This notion is reinforced by the recent actions taken by the American Hospital Association (AHA). On November 30th, 2016, the AHA wrote a letter to President Trump and his administration asking to cancel Stage 3 of the Meaningful Use program (Slabodkin 1). In a letter signed by 5,000 member hospitals, CEO Richard Pollack quotes, “we urge your Administration to modify or eliminate duplicative, excessive, antiquated, and contradictory provider regulations.”Pollack also noted that hospitals are advancing health information technology and must ensure they “have the workforce and health IT infrastructure to best support care delivery” (Slabodkin 1).
The same can be said for EHR vendors who would love for the opportunity to get back to their mission of providing the most technologically innovative products available. According to Charles Webster, MD,
“most physicians today would not go back to pre-EHR days, but many who used EHRs before MU use would definitely go back to pre-MU days. The incentive-driven mandates have essentially pinned down the current crop of EHR technology from significant advancements” (Monegain 1)
and may continue to do so if MU Stage 3 is implemented. As physician dissatisfaction rises, EHR innovation stagnates, and tax payers continue to support this $35 billion dollar project, it is becoming increasingly difficult for anyone to justify MU or HITECH. Perhaps this is why Andy Slavitt, acting administrator of the Centers for Medicare and Medicaid Services announced,
“MU as it has existed – with MACRA – will be effectively over and replaced with something better” (Shaw 1). It is time EHR vendors get back to business and “ratchet up the competition based on features and functionality rather than merely meeting government criteria” (Monegain 1).
Until then, both hospitals and EHR vendors will have to anxiously wait until the HITECH and MU era is effectively replaced or ultimately canceled.
Jamoom, Eric W. et al (2016). “EHR Adopters vs. Non-Adopters: Impacts Of, Barriers To, and Federal Initiatives for EHR Adoption.” Healthcare (Amsterdam, Netherlands) 2.1 (2014): 33–39. PMC. Web. 14 Apr. 2017.