In 2016, the 21st Century Cures Act required that the U.S. make progress toward interoperability, which it defined as “all electronically accessible health information” to be accessed, exchanged and used “without special effort on the part of the user.”
In December, seven years after the passage of the bill, the Department of Health and Human Services finalized a rule that will penalize providers for blocking access to electronic health information.
But instead of accomplishing what the 21st Century Cures Act attempted to do, the rule misses the mark. It defines interoperability as access to a U.S. Core Data for Interoperability (USCDI v3). On Wednesday the Centers for Medicare and Medicaid Services issued its interoperability standards as part of its prior authorization rule issued using Health Level 7 for transfer of data between providers.
That data does not include the full patient record, excluding information such as the use of non-medication substances, food allergies, physical activity assessments, notes on medication instructions, and other items.
To mandate access to only a limited set of data is to fail to take advantage of available information that could dramatically improve health and health outcomes while protecting privacy and reducing unnecessary health care costs. The sharing of health information is binary — you either share it or you do not. The bits-and-pieces approach to information sharing distorts rather than enhances the clinical interaction.
A patient of one health system wants and expects that any provider to whom they grant access is able to see their full health record rather than a limited set of data. Patients do not always have the choice of where they receive care, and the business priorities of a health system should not override patient well-being or choice.
Congress and HHS need to go back to the drafting table and develop a rule that recognizes that patients, not health systems, own their data. Any federal mandate must require that all health systems use currently available means to ensure a full health record follows the patient rather than be held hostage by the shareholders or balance sheet of a health system.
Furthermore, the rule also fails to fully address the growing potential of artificial intelligence to either facilitate or undermine health and health care improvement in the 21st century. The stark reality is that our health information systems are stuck in the 20th century, with fragmented data, outdated methodologies, and proprietary barriers that impede health outcomes improvement. Updating it will require embracing AI, which works by combining large data sets, rather than focusing on only a baseline set of information. All health systems and providers must fall under any interoperability rule, including the approximately 1 in 5 private practice offices not covered under the newly announced rule. We need to facilitate this transition through incentives and tax breaks.
We can no longer accept or employ data sets made up of disparate, inadequate, or siloed parts that do not include accurate and complete information on the communities and patient populations of focus. As AI changes and adapts, the algorithms that are being progressively developed and refined with machine learning to improve health care will be unsuccessful unless the data sets collected and analyzed are based on complete and comprehensive electronic health record and other personal health information sources. These records must encapsulate an individual’s comprehensive health narrative, rather than only a baseline set of information, forming a rich and coherent data repository capable of effectively exploiting AI’s transformative potential.
Health care providers and patients understand the substantial benefits of having precise and tailored health information readily available at the point of care. Unfortunately, the reality in nearly all clinical settings falls far short of this ideal. Professionals are typically confronted with proprietary medical record systems that offer only a limited set of data. This stifles the seamless and critically necessary exchange of comprehensive clinical data, compromising the integrity of clinical decision-making. The brisk pace at which AI is gaining traction necessitates an urgent integration of systems and immediate availability of complete clinical and social determinant sources of information. The All of Us Research Program will soon cover the health experiences of over 1 million people in the United States. Improving outcomes and facilitating informed decisions for individuals can occur only in an ecosystem where privacy-assured data can flow unimpeded.
But the hurdles to true interoperability, defined as access to the full electronic health record, are indeed surmountable. In 2000 the Patient Safety Institute, a nonprofit entity, was established with the mission of rectifying “the fragmented healthcare system’s inability to deliver critical and timely clinical information at the point of care.” This initiative was a beacon of hope, weaving a collaborative fabric with which patients, physicians, and hospital leaders leveraged emerging technologies to enhance patient-provider relationships, improve care quality, and curtail health care costs. The foundation laid by the Public Safety Institute in fostering true interoperability of a person’s full medical record was instrumental in fostering the national vision of a cohesive approach to health care improvement.
Regrettably, this aspiration has remained an elusive goal for the government and the broader U.S. health sector. Detractors often focus on privacy concerns, as well as fears of abusive marketing and social media practices. Cybersecurity remains a critically important part of health data exchange, but it is vital to recognize that technological advancements in health IT and cybersecurity in the past decade have given us the tools to address these apprehensions. While cybersecurity issues are important, the absence of 100% secure systems should no longer be used as an excuse to prevent secure data exchange for legitimate and needed purposes. The best way to overcome cybersecurity concerns would be for companies to invest heavily and work together in creating better systems and training people to protect them.
But, of course, it’s cheaper for them to just say that this is impossible. That gets to the bigger picture: The real reason why companies are shying away from true interoperability is a financial model built on competition rather than collaboration for the greater good. As a result, a vicious cycle has emerged where both nonprofit and for-profit entities are embroiled in short-sided proprietary battles, eschewing robust data exchange to allegedly safeguard their competitive edge. This reluctance emanates from an outdated belief that the free exchange of proprietary personal health information and health data might erode market position or instigate patient migration to other providers, insurers, or vendors. In fact, the collaborative model results in reducing overall costs for the health enterprise and improving health.
Fostering collaboration is not just desirable, but is indispensable to the health care we all need and deserve. Collaborative efforts to build true interoperability, access at the point of clinical care to the full patient health record, should supersede market competition or penalties of limited impact. The absence of such collaborative efforts involving physicians, health care providers, hospitals, insurers, researchers, consumer groups, and policymakers not only deprives the potential of AI to access and analyze vital data sources, but also threatens to delay and undermine improvement of health outcomes globally.
National health expenditures are soaring from $4.464 trillion in 2022 to a projected $6.808 trillion by 2030, according to the Centers for Medicare and Medicaid Services. Sophisticated, robust, and privacy-assured data exchange of a person’s full electronic health record between insurers, providers, policymakers, researchers, patients, and public health leaders will make the future of health care more accessible, affordable, and cost effective, and improve health outcomes and population health.
John C. Lewin, M.D., is the administrator of the State Health Planning and Development Agency (SHPDA) in Honolulu, Hawaii. Jane L. Delgado, Ph.D., M.S., is president and CEO of the National Alliance for Hispanic Health.