TRENDING:

Universal Exchange Language Debated

Presidential Council's Proposal Portrayed as Impractical Howard Anderson (ismg_editor) • February 15, 2011    
Universal Exchange Language Debated
Many of those testifying at a hearing about a presidential council's call for a universal exchange language Tuesday urged a go-slow, deliberative approach to the effort to improve the interoperability of electronic health records while maintaining privacy.

They portrayed as unrealistic the President's Council of Advisors on Science and Technology's recommendation that the universal exchange language be required for future stages of the HITECH Act EHR incentive program. And some said the council's report lacks enough detail to determine if its suggested approaches would adequately safeguard privacy.

The council has called for creation of a universal exchange language that would involve tagging individual data elements within EHRs with descriptive information, such as patient consent to exchange the data. One idea behind the language is to ease health information exchange, which could improve the quality of care by making potentially life-saving information more readily available to clinicians.

Risky Interoperability Approach?

J. Mark Overhage, M.D., chief strategy officer for the Indiana Health Information Exchange, said at the hearing: "Redirecting a nationwide effort is highly risky at this point. ... We've already achieved a degree of momentum." He noted that the Indiana HIE already is using Health Level Seven and other standards to successfully exchange information.

In his written testimony about the PCAST report, Overhage also pointed out that phases two and three of the EHR incentive program begin in 2013 and 2015, respectively. As a result, he said, "The probability that any technological pathway that differs significantly from the current approaches can be even partially implemented (for these phases) is very slight."

He added: "Progress is dependent upon building on the existing foundation and leveraging existing investments in technology and workforce."

David Blumenthal Comments

David Blumenthal, M.D., national coordinator for health IT in the Department of Health and Human Services, formed a PCAST Report Workgroup that will produce an analysis of the presidential council's report this spring.

"We promise we will look at this very expeditiously and come forward with recommendations for our next set of standards and certification criteria," Blumenthal said at the hearing, which was hosted by the new workgroup.

Completing that task, however, likely will fall to Blumenthal's successor. That's because Blumenthal recently announced plans to step down this spring. A proposal for criteria for stage 2 of the EHR incentive program is due by the end of this year.

The PCAST Report Workgroup, in addition to considering the feasibility of implementing the council's recommendations, may suggest alternate approaches that accomplish the same goals in an easier way, said Paul Egerman, co-chair of the workgroup.

In PCAST report's recommendations also have implications for a pending federal rule governing users of the Nationwide Health Information Network standards, said Farzad Mostashari, deputy national coordinator in Blumenthal's office. Regional and statewide HIEs anticipate using NHIN standards to facilitate national data exchange.

Testing EHR Interoperabilty

Because of the complexity of the presidential council's proposals, the Markle Foundation has called on ONC to conduct pilot projects before implementing any of the recommendations, said Carol Diamond, M.D., the group's managing director. "Trust can never be achieved by technology alone," she stressed, pointing to the need for comprehensive policies and procedures.

Joyce Dubow, an associate director at the consumer advocacy group AARP, said the presidential council's report lacks sufficient details on privacy and security issues. "The PCAST report stops sort of a clear articulation of a comprehensive framework (for protecting privacy and security), and policy recommendations to support the framework are lacking," she said in her written testimony.

She also questioned whether it would be realistic to expect consumers to sign off on consent for access and exchange of specific data elements within their records, as the council recommended. "The level of consent required to achieve the granularity envisioned by PCAST might overwhelm most patients," she said.

Emphasize Privacy, Not Speed

Lee Tien, senior staff attorney with the Electronic Frontier Foundation, a consumer advocacy group, criticized the PCAST report for its emphasis on speedy implementation of its recommendations.

"We differ with the report in believing that the emphasis at this stage should not be on accelerating information exchange but rather on ensuring that information exchange is done safely with regard to privacy and security of patient information," he stated in written testimony.

"Extreme caution is warranted. Health information technology must be subjected to the most rigorous, adversarial security testing on a staged basis."

Deborah Peel, M.D., founder of Patient Privacy Rights, expressed similar concerns in her written statement. "Implementing universal formats for data exchange without simultaneously designing privacy protections will lead to disaster," she said. "Infrastructure for easy exchange of data that precedes protections will lead to widespread exchange and violation of patient privacy."

Last month, members of the PCAST Report Workgroup began raising their own concerns about the presidential council's suggestions. Many of these concerns have been raised by others as well. (See: EHR Interoperability: What Works?)

Previous
Senate Forms Privacy Subcommittee
Next
Selecting a Data Loss Prevention App

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.