The feds want to give consumers more control over their data — are healthcare organizations prepared?
July 12, 2019
By Cristin Gardner
2019 is shaping up to be a pivotal year for healthcare consumerism and interoperability. In February, the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) released two eagerly anticipated rules focused on giving patients greater access and control over their own health information. The control covers both clinical (electronic health records) and administrative (insurance claims) data.
That policy push was followed up in May with the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) releasing expanded guidance for sharing data with patients under the Health Insurance Portability and Accountability Act (HIPAA). HHS OCR clarified that when a patient shares protected health information with a third-party app or requests their healthcare provider share their health data with an app, the provider organization is not liable for any subsequent use or disclosure of the data and is obligated to comply with the patient request.
These recent moves underscore the big changes that are being driven by three forces converging: government mandates, tech giants seeking to disrupt healthcare, and rising consumerism. Every other industry has been transformed by the digital revolution — shopping, financial services, entertainment, you name it. Healthcare, on the other hand, has been intractable against these forces that were changing everything else around it. Now, healthcare must play catch-up to meet a new level of consumer demand for data access, portability, simplicity and usefulness.
Take women’s breast health as an example. Every single woman has unique breast tissue and comparisons to prior mammograms are necessary in order to determine what is normal for each woman over time. Despite the importance of priors, one in four women do not have access to their priors at the time of screening, which leads to callbacks, unnecessary duplicate testing and anxiety. Even more disconcerting is that women diagnosed with breast cancer will show up without their records to their oncology appointment.
One reason is that women are not aware of the importance of prior mammograms for comparison. The other major reason is that 80 percent of provider offices are still sharing patient records and diagnostic images using a CD. Or, worse, they are sharing records with hard copies and faxes. Those outdated technologies are not easily shared, and no longer functionally exist in the consumer world.
The reluctance to provide patients with more portable methods ranges from resistance to change, to data blocking to prevent patient leakage. The impact, however, is a poor patient experience and poor patient outcomes. CDs are often unreadable, for a variety of reasons, by the receiving doctor. In addition, the onus is usually on the patient to pick up and drop off CDs. When their health is in jeopardy, many women do not want to wait days for the CDs to be mailed or run the risk of the CD being lost, thus many end up being the courier. That is, if they have not moved to another geographic location where proximity would be another barrier.
In today’s highly mobile and connected world, technology is not the problem. Consumers have grown accustomed to instantaneous data sharing in all other aspects of their lives. The technology companies and disruptors that have orchestrated disruption on behalf of consumers now have their sights set on healthcare. They are bringing the consumer mindset to meet patients where they are and support their expectations for a simpler, more seamless health experience.
As digital platforms and cloud-based apps for storing medical information in a secure HIPAA-compliant way become more mainstream, provider organizations must prepare for increased patient demand to deliver in this format. Additionally, they should prepare for proactive government mandates that catalyze change and ensure compliance.
While the ONC and CMS proposed rules are not expected to be finalized until fall 2019, the recent guidance from OCR is clear. The guidance encourages data sharing and creating improved access for patients to their medical data. Clarifying policy surrounding liability protects healthcare organizations while supporting consumer demands for easier access and transparency of medical information.
During a Health IT Advisory Committee meeting last week, national coordinator for health IT, Donald Rucker, M.D., said “Once the patient downloads their data, their data is their responsibility. Once they download their information to an app, then they need to sort out the secondary use issues. The liability for stewardship of the data ends once the patient downloads it.”
Smartphone apps have already profoundly changed consumer behavior. Clinicians now have an opportunity to be partners in the health-focused version of digital applications. Easier patient access and portability of their medical data is the first step.
About the author: Cristin Gardner is director of consumer products and markets at Life Image.
2019 is shaping up to be a pivotal year for healthcare consumerism and interoperability. In February, the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) released two eagerly anticipated rules focused on giving patients greater access and control over their own health information. The control covers both clinical (electronic health records) and administrative (insurance claims) data.
That policy push was followed up in May with the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) releasing expanded guidance for sharing data with patients under the Health Insurance Portability and Accountability Act (HIPAA). HHS OCR clarified that when a patient shares protected health information with a third-party app or requests their healthcare provider share their health data with an app, the provider organization is not liable for any subsequent use or disclosure of the data and is obligated to comply with the patient request.
These recent moves underscore the big changes that are being driven by three forces converging: government mandates, tech giants seeking to disrupt healthcare, and rising consumerism. Every other industry has been transformed by the digital revolution — shopping, financial services, entertainment, you name it. Healthcare, on the other hand, has been intractable against these forces that were changing everything else around it. Now, healthcare must play catch-up to meet a new level of consumer demand for data access, portability, simplicity and usefulness.
Take women’s breast health as an example. Every single woman has unique breast tissue and comparisons to prior mammograms are necessary in order to determine what is normal for each woman over time. Despite the importance of priors, one in four women do not have access to their priors at the time of screening, which leads to callbacks, unnecessary duplicate testing and anxiety. Even more disconcerting is that women diagnosed with breast cancer will show up without their records to their oncology appointment.
One reason is that women are not aware of the importance of prior mammograms for comparison. The other major reason is that 80 percent of provider offices are still sharing patient records and diagnostic images using a CD. Or, worse, they are sharing records with hard copies and faxes. Those outdated technologies are not easily shared, and no longer functionally exist in the consumer world.
The reluctance to provide patients with more portable methods ranges from resistance to change, to data blocking to prevent patient leakage. The impact, however, is a poor patient experience and poor patient outcomes. CDs are often unreadable, for a variety of reasons, by the receiving doctor. In addition, the onus is usually on the patient to pick up and drop off CDs. When their health is in jeopardy, many women do not want to wait days for the CDs to be mailed or run the risk of the CD being lost, thus many end up being the courier. That is, if they have not moved to another geographic location where proximity would be another barrier.
In today’s highly mobile and connected world, technology is not the problem. Consumers have grown accustomed to instantaneous data sharing in all other aspects of their lives. The technology companies and disruptors that have orchestrated disruption on behalf of consumers now have their sights set on healthcare. They are bringing the consumer mindset to meet patients where they are and support their expectations for a simpler, more seamless health experience.
As digital platforms and cloud-based apps for storing medical information in a secure HIPAA-compliant way become more mainstream, provider organizations must prepare for increased patient demand to deliver in this format. Additionally, they should prepare for proactive government mandates that catalyze change and ensure compliance.
While the ONC and CMS proposed rules are not expected to be finalized until fall 2019, the recent guidance from OCR is clear. The guidance encourages data sharing and creating improved access for patients to their medical data. Clarifying policy surrounding liability protects healthcare organizations while supporting consumer demands for easier access and transparency of medical information.
During a Health IT Advisory Committee meeting last week, national coordinator for health IT, Donald Rucker, M.D., said “Once the patient downloads their data, their data is their responsibility. Once they download their information to an app, then they need to sort out the secondary use issues. The liability for stewardship of the data ends once the patient downloads it.”
Smartphone apps have already profoundly changed consumer behavior. Clinicians now have an opportunity to be partners in the health-focused version of digital applications. Easier patient access and portability of their medical data is the first step.
About the author: Cristin Gardner is director of consumer products and markets at Life Image.