Health Data Sharing Techniques for 21st Century Cures Act – Part 2
In part 1 of this blog series, we made the following premise: if succeeding at healthcare reform is highly dependent upon health data sharing, a strategy is needed that satisfies these requirements:
- Supports and maximizes pay-for-value initiatives
- Aligns with security and privacy directives
- Complies with the 21st Century Cures Act
And not just a strategy – but specific techniques that can be employed to share data in ways
that meet the above requirements.
Let’s take a look at three:
Health Data Sharing Techniques
The data sharing techniques that HHS has put center stage are based on secure Internet technologies and protocols that are universally available and easy to access at an affordable cost. Under CMS incentive programs fax, VPNs, and point-to-point connections are ‘out’, and methods based on standard email and web services are ‘in’. The technologies chosen for health data sharing offer low overhead in terms of both money and staff time, and provide standards-based interoperability.
Email encryption has been available for decades in various open source and proprietary products. It allows both sides to use familiar email services and addresses while making sure that only the sender and recipient can read or alter the message, thus meeting HIPAA security and privacy rules. The best of these services allow large file and image attachments (GB+).
Email encryption primary workflows/use cases:
- Patient communications, medical record attachments
- Referrals, consultations with diagnostic attachments
- Clinical quality reporting
- Fax, paper replacement
Direct Messaging is an encrypted email-like standard specifically for health data sharing interoperability, security, and identity validation. Email-like addresses are issued to participants, and service is provided by accredited Health Information Service Providers (aka HISPs) to ensure interoperability and integrity. The HITECH Act Meaningful Use Stage 2 certification requirements and incentives drove widespread adoption and EHR system integration.
Direct Messaging primary workflows/use cases:
- Care transitions
- CCD exchange
- CMS Health Information Exchange (HIE) measures for payment reimbursement
- Fax, paper replacement
The use of APIs is a relatively new form of secure health data sharing in clinical healthcare. API stands for Application Programming Interface, and allows the health care provider to expose data on the web so correspondents can download it through automated applications. The industry is consolidating around an API technique called Fast Healthcare Interoperable Resources (FHIR), an HL7 standard. Although FHIR is not considered fully functional, it has a stable draft and has been integrated into several EHRs.
FHIR and Open APIs primary workflows/use cases:
- Retrieving selected C-CDA fields from an EHR
- Polling EHR field data for mobile applications
- Offering new services to compliment email style “push” messaging
The three options above allow modern organizations to support the health data sharing required for accountable care covering thousands of patients and correspondents. They are quickly replacing legacy data sharing techniques such as paper, fax, VPNs, and point-to-point data connections.
Business Objectives, Use Case and Workflows
An assessment of your business objective, use case and workflow identification is critical to finding the ideal data sharing technique for your application.
Typical healthcare transformation business objectives:
- Maximize Medicare and Medicaid reimbursements
- Launch programs – patient engagement, care coordination, population health, etc.
- Minimize privacy / security exposure risk and data blocking penalties
Specific health data sharing use cases:
- Medical record sharing (care teams and patients)
- Quality measure reporting
- Health registry data submission
- Mobile app communications
Workflow design considerations:
- Embed data exchange in familiar workflows, or require the use of task-specific applications?
- Extend existing channels such as email, or build a new approach that may use Direct Messaging integration or a mobile app with secure messaging features?
Learn from real world implementations
Seek out real world health data sharing use cases where other providers have successfully implemented email encryption, Direct Messaging or Open APIs to address a similar business objective. A sampling of use cases are published in our whitepaper: 21st Century Data Sharing Techniques for Healthcare Delivery Transformation Success