WHO WE ARE: OUR COMMENTS:

Similar documents
Health Information Exchange and the Future

VIA ELCTRONIC March 15, 2010

Health Record Banking Alliance

Consolidated Clinical Document Architecture and its Meaningful Use Nick Mahurin, chief executive officer, InfraWare, Terre Haute, Ind.

The HITECH Act: Implications to HIPAA Covered Entities and Business Associates. Linn F. Freedman, Esq.

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

Increasing Productivity with Mobile Integration.

The Proposed Rule of Electronic Health Certification (EHSRT)

RE: Comments on Interoperability Roadmap Draft Version 1.0

Health Record Banking Alliance White Paper

Orbograph HIPAA/HITECH Compliance, Resiliency and Security

Installation and Maintenance of Health IT Systems: System Selection Software and Certification

The American Recovery and Reinvestment Act of 2009 Summary of Key Health Information Technology Provisions July 1, 2009

Disclaimer This webinar may be recorded. This webinar presents a sampling of best practices and overviews, generalities, and some laws.

Incentives to Accelerate EHR Adoption

Evolution of HB 300. HIPAA passed in 1996 Originally, HIPAA only directly impacted certain covered entities :

Business Associates under HITECH: A Chain of Trust

April 3, Dear Dr. DeSalvo:

Re: 21st Century Cures Discussion Draft Legislation Interoperability Section

Patient-Generated Health Data and its Impact on Health Information Management

SUMMARY OF HEALTH IT AND HEALTH DATA PROVISIONS OF H.R. 2, THE MEDICARE ACCESS AND CHIP REAUTHORIZATION ACT (MACRA)

Empowering Nurses & Building Trust Through Health IT

Request for Information on Assessing Interoperability for MACRA (HHS-ONC )

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

Comments Regarding Meaningful Use (Stage 2)

CNPE DRAFT POSITION STATEMENT ( ) Nurses Involvement With the EHR: Advocating Patient Safety

Meaningful Use and Security Risk Analysis

Am I a Business Associate?

Managing Privacy and Security Challenges of Patient EHR Portals

Dear Honorable Members of the Health information Technology (HIT) Policy Committee:

Executive Report. Why Healthcare Providers Seek Out New Ways to Manage and Use Big Data

Will the Feds Really Buy Me an EHR?

The Personal Health Record and Its Impact on HIPAA Patient Rights. Marilyn Freeman, RHIA HIPAA Compliance Officer Meaningful Use Coordinator

ELECTRONIC HEALTH RECORDS. Nonfederal Efforts to Help Achieve Health Information Interoperability

Statement for the Record National Committee on Vital and Health Statistics Subcommittee on Standards

RE: Medicare and Medicaid Programs; Electronic Health Record Incentive Program Stage 2 Notice of Proposed Rulemaking (CMS-0044-P)

December 15, Dear Acting Administrator Slavitt and Acting Assistant Secretary Dr. DeSalvo:

RE: Essential Health Benefits: Follow Up from the October 2014 Patient Coalition Meeting

The Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security

Business Associate Liability Under HIPAA/HITECH

March 15, Dear Ms. Frizzera,

CMS Proposed Electronic Health Record Incentive Program For Physicians

January 29, Senator Lamar Alexander Chairman, Senate HELP Committee 455 Dirksen Senate Office Building Washington, DC 20510

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, :15pm 3:30pm

May 7, Re: RIN 0991-AB82. Dear Secretary Sebelius:

Mark Anderson, FHIMSS, CPHIMSS Healthcare IT Futurist

Vendor Perspective, Question #1

HIPAA for HIT and EHRs. Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals

Physician Perspective : The New HIT Landscape

How to have your say. Submissions process. Use of information

Farzad Mostashari, M.D., ScM.

Voluntary Home Health Electronic Clinical Template and Paper Clinical Template Melanie Combs-Dyer Director, Provider Compliance Group CMS 2/11/2015

GENERAL OVERVIEW OF STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Part 160 and Subparts A and E of Part 164]

February 18, Dear Ms. Hyde:

Re: Medicare and Medicaid Programs: Electronic Health Record Incentive Program- Stage 3

HIPAA and HITECH Compliance for Cloud Applications

Use Cases for Argonaut Project. Version 1.1

COMMENTARY Scope & Purpose Definitions I. Education. II. Transparency III. Consumer Control

Each system vendor has tended to solve security in its own way

DEPARTMENT OF HEALTH AND HUMAN SERVICES. Health Information Technology: Initial Set of Standards, Implementation

PROGRAM OVERVIEW. Your Local Contact: Enter your org Information here

How To Help Your Health Care Provider With A Health Care Information Technology Bill

EHR Donation: Compliance with Stark Law and the Anti-Kickback Statute

Managing the Privacy and Security of Patient Portals

October 22, CFR PARTS 160 and 164

Implementation of the Electronic Prescription Standard for Dentistry

Alere: diagnosing and monitoring health conditions globally.

ehealth Pod Pilot Program Challenges I. Identifying Challenges for Providers Not Participating in the Pilot

Testimony of Charles Jarvis, Vice Chair of the HIMSS EHR Association. House Ways and Means Committee, Health Subcommittee

Addressing Privacy and Security Concerns in Health Data Analytics. Deven McGraw, JD, MPH, LLM Partner Manatt, Phelps & Phillips, LLP

CommonWell Health Alliance Concepts. Last Modified: October 21, CommonWell Health Alliance Inc. All rights reserved.

New Rules on Privacy, Security, Breach Reporting and Enforcement: Not Just for HIPAA-chondriacs

VHCA Legal Quarterly

INSERT COMPANY LOGO HERE. Product Leadership Award

Case Study Success with a. into a Corporate Integrity Agreement (CIA)

Moving Forward with E-prescribe. Requirements, State Law & Meaningful Use

Consumer Engagement with Health Information Technology Summary of NeHC Survey Results

Office of the National Coordinator for Health IT Proposed Rule Public Comment Template

MEANINGFUL USE. Community Center Readiness Guide Additional Resource #13 Meaningful Use Implementation Tracking Tool (Template) CONTENTS:

PERSONAL HEALTH RECORDS AND

RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS

The Road to Robust Use of HIT: Navigating Meaningful Use and Beyond. by Jennifer McAnally, tnrec Director

ADDRESSING HEALTHCARE DATA INTEGRATION TO AUTOMATE PATIENT ENGAGEMENT WORKFLOWS

American Association of Tissue Banks: Impact on FDA s UDI Final Rule

Privacy Space. Public Place. How to Protect PHI and be HIPAA Compliant

HealthFusion MediTouch EHR Stage 2 Proposed Rule Comments

May 26, Attention: RIN 0991-AB93 Submitted electronically to: Dear Dr. DeSalvo:

Request for Comment Regarding the Stage 3 Definition of Meaningful Use of Electronic Health Records (EHRs)

WHITE PAPER February Realizing the Promise: Overcoming the Barriers to ACO Success

1. Would additional health care organizations be interested in applying to the Pioneer ACO Model? Why or why not?

Performance Optimization Guide

Analysing the US HIPAA legacy and future changes on the horizon

HIPAA Audits Are Here!

Ready for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP

THE PRESIDENT S BUDGET AND THE MEDICARE TRIGGER by James Horney and Richard Kogan

Courtesy of Columbia University and the ONC Health IT Workforce Curriculum program

PerfectServe Survey Results. Presented by: Nielsen Consumer Insights Public Relations Research April 2015

HIPAA regulation: The challenge of integrating compliance and patient care

Health Information Technology (IT) Simplified

The Medicare and Medicaid EHR incentive

Transcription:

WHO WE ARE: GetMyHealthData is a national campaign designed to help patients gain access to their health information in electronic, computable formats. 1 We provide patients with online resources that help them understand how to get their health data from providers and other data holders, and help them troubleshoot obstacles along the way. We also offer providers resources to help them successfully meet patient data requests. We learn about the realities of getting and using digital health information from patients and providers, and we advocate for advancements in policy and practice. We have recruited a cadre of volunteer patients to serve as test cases, or Tracers, to track and record their experience requesting their health data under HIPAA, Meaningful Use and other means such as BlueButton. Thus far, Tracer experiences reveal several challenges with today s policies and practices, particularly in the area of provider awareness, costly fees and technology usability issues. These experiences inform our comments below. OUR COMMENTS: Overall: We commend the overall acknowledgement reflected in the draft legislation that patient access is an essential part of improving health IT for providers and for patients. We are particularly supportive of the call for patient access to longitudinal data that is easy to understand, secure and updated automatically. It is essential to move away from the era of records requests toward the day when all patients have automatic, easy access to their up-todate health data whenever and wherever they need it. We recommend the legislation clearly defines health information technology, so it is clear whether or not the legislation would encompass products such as consumer-facing apps, as well as physician-facing electronic health records (EHRs). We assume in our comments the legislation is intended to impact the EHR marketplace, but would not, for example, certify and rate consumer health apps. o HITECH defines health IT as hardware, software, integrated technologies and related licenses, intellectual property, upgrades, and packaged solutions sold as services that are specifically designed for use by healthcare entities for the electronic creation, maintenance, or exchange of health information. Section 13103, Assisting Doctors and Hospitals in Improving the Quality of Care for Patients. We are concerned about the concept of burden overall in this section. When it comes to considering whether certification programs, standards, and the other criteria listed are burdens, these burdens 1 Coordinated by the National Partnership for Women & Families, a non-profit consumer organization, collaborators include AHIMA, the Alliance for Nursing Informatics, Amida, Code for America, Flip the Clinic, the Genetic Alliance, Health Data Consortium, NATE, and other individual thought leaders/experts.

are neither objectively measureable (which would determine whether they are a burden or not), nor are they considered in relationship to the benefits they may deliver (to providers or to patients). While overall we are greatly supportive of introducing efficiencies into provider and patient workflows, identifying some key aspects of health IT as burdens is problematic, including and especially patient access, privacy and security. For example, the burden a provider may encounter complying with HIPAA privacy and security requirements could be worth it, if the benefit is preventing the public disclosure of even one patient s sensitive personal health information. Further, it is important to be mindful of the burden that lack of health IT or dramatic reductions in necessary documentation could pose for patients and/or the integrity of the health system as a whole. One alternative would be to reframe the concept of burden to one of introducing efficiencies in the areas listed (A-K in Section 13103.) While we take issue with the idea of burden (without corresponding thought given to benefit), we recognize that overly onerous documentation requirements can significantly detract from the ideal care experience for clinician and patient. We strongly encourage that, if the legislation preserves the construct of burden, then the legislation should expand the concept to include the burden on patients when it comes to inefficient, confusing and complex user experiences (such as within patient portals). We offer the following recommendations in this Section: Explicitly include patients in the list of entities that HHS should consult with (page 2, lines 6-14). Consider refocusing this section only on documentation burden for physicians that are more administrative in nature. In Section (2) on page 3, beginning on line 12, if the section is not pared down to focus on administrative documentation and reporting: consider adding recommendations developed to improve patient and family engagement. On Page 4, lines 15-24, add a recommendation regarding how patient-generated health information can improve documentation and reduce burden/improve efficiency for providers. We believe that when patients have access to longitudinal, computable health information across providers and systems, the ability for patients to share that information (and providers to upload it into their EHRs) could considerably reduce documentation burdens for both patients and providers. Section 3009A. Health Information Technology Rating Program. On page 12, lines 19-24 and continuing on the next page, we recommend adding a reporting category on patient user interfaces, and specifically those that promote electronic access and download or transmit of health information. Zibdy Health, an app company in San Diego, is documenting a wild array of confusing interfaces that patients are experiencing today when they try and download their health data from EHRs, which is likely affecting the rate of patient electronic access. (click here for examples) 2

Section. 3022 Information Blocking. In the definition of Information blocking on page 22, line 17, we suggest that blocking patient access be included in the definition as follows (in italics): with respect to health care providers, the person or entity knowingly and unreasonably restricts electronic health information exchange to patients, families or for patient care In the section on Rulemaking, page 23, lines 4-6, we recommend that the Secretary be directed to identify actions that meet the definition of information blocking with respect to health care providers, including what constitutes information blocking in patient access to electronic health information in a computable format. Section 3003. Setting Priorities for Standards adoption On page 49, lines 12-12, and on page 53, lines 20-22, we recommend this be more consistent with the patient access section, specifying the facilitation of individuals access to electronic, longitudinal health information including in a computable format. Section 7. Empower Patients and Improving Patient Access to their Electronic Health Information We are pleased to see this section s inclusion in the legislation; based on the experience of our Tracers across the country, improvements in patient access are sorely needed. In Section 7(c) on page 77: Health Information Exchanges (HIEs) are one important mechanism that could facilitate patient access. Unfortunately, HIEs do not currently cover every American, and those that are operational don t always offer patients access to their own health information. However, there is a tremendous need to educate providers about the myriad of options they have for giving patients electronic access: HIEs, patient portals, personal health record (PHR)-type applications, and other apps that utilize APIs. Importantly, we also need to incentivize EHR vendors to enable all of these options. Most vendors developing certified products for have deployed patient portals, but could also establish connections with HIEs and apps to provide patients with electronic access. Educating providers and incentivizing vendors to offer these options is essential to preventing the proliferation of a single technology solution such as a portal. We suggest that this section be expanded to require ONC, OCR, and CMS to educate providers and vendors about the range of technical options available for giving patients access to electronic health information. We agree that federal leadership is needed to support advancements in technology, policy and patient access (page 59-60). However, on page 60, line 3, it is unclear what without burdening the health care provider involved means. Our interviews with providers who successfully provide patients with electronic access universally indicate that it may seem like a burden at first, but that the burden becomes more than worth it because the provider is able to identify benefits to their own institution that generate significant returns on their investment. We recommend line 3 on page 60 be reframed to state in a form convenient and efficient for both the patient and provider involved. 3

On page 60, lines 17-15: We strongly support more education for providers about consumers rights to and the benefits of electronic access. The experience of our Tracer patients shows this is a significant and pressing need. We offer the following recommendations: We recommend on page 60, lines 21-23 be amended as follows: The Director of the Office for Civil Rights, in consultation with the National Coordinator, shall, as appropriate, update the Internet website of the Office and any other education initiatives with information to assist individuals and health care providers in understanding a patient s rights to access and protect The current websites of OCR and ONC offer current information already, and it is clearly not sufficient. The majority of providers still do not understand or have a workflow that permits them to easily comply with patients requests for their electronic health information. Striking the language noted would create a broader education campaign. o We suggest strongly that the legislation authorize appropriations for this education initiative. It should be a major priority for the new Administration. We also support educating providers and patients specifically about best practices for requesting personal health information in a computable format Certifying usability for patients is essential. As noted previously, patients are facing a dizzying array of interfaces when it comes to accessing and downloading their health information, as documented: o On page 61, we support the creation of certification criteria [that] support patient access to their electronic health information, including in a single longitudinal format that is easy to understand, secure, and may be updated automatically. (emphasis added). Progress must be made in the area of both longitudinal data and data that is updated automatically if more consumers are to use and benefit from digital health data. o And, as noted above, it will be important to find efficient means for giving patients electronic access including and beyond a patient portal. Certification criteria that improve the usability and functionality of portals, and that create the capacity for EHRs to connect to other sources- such as apps or HIEs will improve patient access and introduce efficiencies for providers. We are also pleased to see that the HIT Advisory Committee would prioritize standards, implementation specifications and certification criteria for EHRs surrounding patient access and usability. Likewise, we support enabling patients to request their data directly from business associates. This legislation has potential to make important strides for patient access to electronic health information in a computable format. There are 3 additional areas we believe must be addressed in this bill to achieve its stated goals: 1. Eliminate fees for patient access. Charging fees for patient access to electronic health information should be banned. It is a major barrier to patients successfully using longitudinal health information in a computable format today. While HIPAA allows for per page fees for paper medical records, patients should never be charged fees for access to their electronic data, and certainly not per page fees since there are no pages in electronic data. We are also seeing some providers charge fees (click here for example) of more than $200 per year for patients to 4

access basic health information on a portal. This is a major burden for patients. We propose the legislation: o Provide for the first annual copy of a patient s health information at no charge. That should include both paper and electronic health information. The Committee could consider limiting the free first copy to any health care delivered in the past five years (which would increase the odds that the records are electronic and/or on site), and it could also say that there should be no fees for any data produced and delivered electronically. We simply must stop treating patients data as a revenue line item or competitive asset not to be shared. If providers are no longer allowed to charge fees, the market will find and introduce efficiencies to make it more convenient for patients, providers and their staff. 2. EHRs should easily upload patient electronic data: EHRs today largely don t have the capacity to seamlessly upload patients electronic health information, and make that information easily actionable for clinicians. The legislation should incorporate the development of standards, certification criteria and implementation specifications for such a capacity, and make this capacity part of the EHR rating program. 3. Creating a privacy framework for consumer apps: As we (rightly) increase the amount of data patients are able to access and download, we must think about what consumers will do with this information. Many consumers will use consumer-facing apps, which are not currently covered by a privacy framework that would, for example, prohibit the sale of identifiable consumer health data without patient consent. To address this the legislation should: o Require a 6-month study and report by ONC in consultation with OCR and FTC and other relevant agencies on the most appropriate methods for protecting consumer privacy in consumer-facing apps such as PHRs. This should include evaluation of a range of options - including legislative changes, regulatory changes, and voluntary methods (such as a code of conduct or best practices). The study should include the pros and cons of these mechanisms as well as key policy categories needed to protect privacy while advancing innovation. It should also include recommending ways to promote the use of ONC s Model Privacy Notice among consumer-facing apps. The Model Notice standardizes the format in which privacy policies are displayed, similar to a nutrition label (it does not dictate the policy itself, but rather provides a supplemental format for displaying existing policies). Thank you for the opportunity to comment on the committee s discussion draft of health IT legislation. We look forward to working with the committee on opportunities to remediate barriers to individual access and use of electronic health information. If you have any questions about our recommendations, please contact Christine Bechtel, campaign coordinator, at Christine@getmyhealthdata.org or (202) 412-4397. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information