- mHealth tools and platforms could go a long way toward bridging the “health IT chasm” that exists between healthcare providers and their patients.
Digital and connected health tools play a big part in two policy documents unveiled at a Capitol Hill briefing today by the American Medical Informatics Association. The documents – a paper published in JAMIA and a list of “policy action Items” – seek to connect the dots in establishing a collaboration between doctors and patients to advance value-based care.
AMIA President and CEO Douglas Fridsma, MD, PhD, FACP, FACMI, said the nation has made significant progress in adopting digital health tools over the past five years, but the healthcare system is still largely comprised of siloed groups unwilling or unable to share information.
“We have made great progress in adopting EHRs in the last six years, but now our charge is even more difficult,” he said during the briefing. “Now we must develop and implement strategies that allow all stakeholders – patients, clinicians, researchers, developers and policymakers – to truly benefit from a connected, innovative health ecosystem. Policy recommendations developed in this paper have given decision-makers a host of options necessary to accomplish this.”
“These recommendations are meant to help decision-makers understand that the idealized vision for our digitized healthcare system is within grasp,” added Julia Adler-Milstein, PhD, an associate professor at the University of Michigan’s School of Information and lead author of the paper. “Coordination – above all else – is how we take the health IT tools of today and achieve the promise of better patient care of tomorrow.”
In its paper, the AMIA offers 17 policy recommendations. They are:
- Clarify the Health Insurance Portability and Accountability Act (HIPAA) to state that patients have a right to all data maintained by a covered entity’s designated record set or to a digital copy of their legal medical record through guidance by the Office for Civil Rights;
- Include in EHR certification and provider accreditation that patient data is transmitted in a manner that preserves computability;
- Extend HIPAA or HIPAA-like requirements to non-covered entities. If not politically viable, convene industry stakeholders to develop coordinated “codes of conduct;”
- Monitor widespread and persistent market failures to address data inaccuracy and poor usability that put patients at risk;
- As the market for mHealth and other consumer-facing applications matures, encourage multi-stakeholder coordination of standards within classes of patient-generated health data and eventually incorporate into health IT certification standards;
- Through public-private collaboration, pursue a digital infrastructure, including commercial EHRs, that enables machine-readable consent and specimen tracking and alerts clinicians and patients about available research opportunities;
- Incentivize clinicians and health care systems to partner with researchers to identify potential clinical research candidates using tools such as phenotyping algorithms;
- Federal officials work to ensure that APIs are standards-based and published in the public domain as a component of the federal Health IT Certification Program;
- APIs include core data elements that have received community endorsement resulting from collaborations between specialty societies, informatics experts, standards developers, and health IT vendors;
- The National Library of Medicine should house and manage metadata crosswalks once standardization across clinical societies for common datasets has been established;
- Develop an empirically based regulatory compliance framework for documentation simplification that assesses costs and benefits of standardizing and collecting specific data elements, places higher value on elements with minimal collection burden, and places higher value on documentation that supports patient care and improved outcomes;
- Deconstruct quality measures in the electronic environment by developing common data elements required for quality measurement, resource use, and research;
- Collect, extract, and report use of a common data model of elements that are of high value to multiple stakeholders;
- Revise evaluation and management coding guidelines and consider removing prescriptive components of time-based billing;
- Aggressively pursue alternative payment models that have demonstrated benefits to cost and quality;
- Create a cross-agency collaboration to produce a framework that includes “common rule” updates to facilitate secondary use of data for research, common Data Use and Reciprocal Support Agreements, common enforced technical functionalities and specifications based on standard APIs, and data portability from HIPAA-covered entities; and
- Create a public-private collaboration to develop a process that ensures a minimum level of privacy, security, safety, and effectiveness while not hampering innovation.
In calling for improvements to HIPAA, the AMIA paper points out that patient information is being gathered in mHealth devices – such as the Fitbit and Apple Watch – that don’t fall under HIPAA’s definition of a covered entity. This puts pressure on the healthcare industry to develop codes of conduct for mHealth platforms.
“Achieving an environment in which access to a broad scope of health-related data, facilitated by appropriate privacy and security protections, will not be sufficient to ensure that data are also accurate and usable,” the paper concludes. “Indeed, broader access, even if secure, could introduce new risks, especially for technology that is not regulated. While accuracy issues exist for data both within EHRs and generated by consumer devices, the resulting harm is not yet known. Policymakers should therefore monitor these issues and identify areas where market forces may not be sufficiently strong to protect consumers.”
The AMIA also calls on the healthcare industry to develop “harmonized standards” for the different data streams coming from mHealth devices, such as information from wearables that transmit disease-specific data. It also calls for API standards that would ease the flow of data from one location to another. This would go a long way toward developing platforms that can easily synch data from mHealth devices and wearables into the EHR.
Finally, the AMIA paper calls for the government and private sector to work together on a framework for vetting mHealth apps for privacy, security, safety and effectiveness.
“This could be part of a clinical practice improvement activity under the merit-based incentive payment system, which incentivizes novel approaches to improve care,” the paper concludes. “In the future, broadening consideration beyond apps to enable integration of algorithms and other analytics tools/outputs along with shareable knowledge will help ensure that vetted technologies are widely available and their future iterations improve from a solid foundation.”
Alongside the report, the AMIA also issued a set of 11 “Policy Action Items.” They are:
- The Department of Health and Human Services should clarify the HIPAA “right to access” includes a right to all data maintained by a covered entity’s designated record set; or, to a digital copy of their legal medical record through guidance by the Office of Civil Rights.
- The Office of the National Coordinator of Health IT should develop certification requirements alongside provider attestation that patient data is transmittable in a manner that preserves computability. One potential approach is to amend certification, which prohibits the use of the “unstructured document” template as part of the CCDA, and require vendors to develop an import/export functionality for all data maintained electronically, making computable records access easier for patients and less burdensome for providers.
- Efforts to allow research participants to have access to their data and their results, as articulated by the Precision Medicine Initiative – renamed to the All of Us Research program – must continue to develop. This effort can and should be used as a testbed for new technologies and new policies.
- Increasingly patients are using mobile apps, wearables and social media communities to monitor and manage their health. Non-covered entities or NCEs are poised to handle more patient data, and there are very few controls or norms around how mHealth solutions handle patient data, or what protections such solutions should provide. Congress would be smart to skate to where the puck is heading by investigating this issue as outlined in a recent ONC report in the near-future.
- Encourage continued adoption of 2015 Edition Certified Health IT so that standards-based APIs, published in the public domain, become a standard feature and can continue to be deployed by providers. Additionally, efforts by ONC to support standards development and harmonization through its Tech Lab must continue.
- Encourage partnerships among specialty societies, informatics experts, standards developers and health IT developers to develop more robust APIs, and leverage the National Library of Medicine to house and manage such works for others to use.
- Aggressively pursue alternative payment models through Medicare and Medicaid that have demonstrated benefits to cost and quality outcomes.
- Invest Agency for Healthcare Research & Quality (AHRQ) funds to conduct research on clinical documentation and pilot alternatives to evaluation and management (E&M) coding through the CMS Innovation Center (CMMI) as outlined in Section 941 of the Medicare Modernization Act of 2003.
- Make effective Common Rule revisions as finalized in the January 19, 2017 issue of the Federal Register. There are numerous provisions of that final rule that will facilitate secondary research with EHRs and other health IT.
- Develop the trusted exchange framework and common agreement outlined in the 21st Century Cures Act, and include extensions of that framework to include provisions for research.
- Establish a public-private partnership to develop an application and mHealth vetting process that ensures a minimum level of privacy, security, safety and effectiveness. Such an effort could be sustained by making participation in such evaluations a “clinical practice improvement activity” under CMS’ Quality Payment Program.