Healthcare interoperability is going to continue to be a hot topic for 2015. More facilities are implementing EHRs and connecting to one another through health information exchanges (HIEs). It is critical for organizations to implement new technologies while also keeping patients’ information protected.
As the new Chief Privacy Officer for the Office of the National Coordinator for Health IT, Lucia Savage is excited for the road ahead. Savage discussed the ONC’s short- and long-term goals with HealthITSecurity.com, and explained how healthcare interoperability and big data will tie into the industry’s privacy and security issues.
What are the privacy and security challenges ahead for the ONC and its Chief Privacy Officer?
I’m really happy to join the office at this particular juncture. I think that since we maximized what was intended with HITECH and adoption in terms of the number of physicians using electronic health record systems now we have to go to the next step and I think I have some particular insights and skills to bring to that. So this is a very exciting time for me personally to join.
In terms of what I think some of those challenges are, it’s no big secret; we’re working on interoperability. And from a privacy and security perspective, of course there are the topics that have been well-discussed in the press, like data lock and all that stuff that have to with people’s proprietary systems. But what’s really more essential in the privacy and security realm is making sure people understand how are current legal and regulatory environment actually help support interoperability. Right now, at this very moment in time.
For example, insurance companies contract with large systems to the ACOs. For that to succeed, just like the Medicare ACOs, data has to flow between the two parties. That’s a form of interoperability. That data is flowing right now in some ways, and in some ways it could flow better and could make better use of the delivery system was built with the meaningful use incentive.
I’m really happy to come into that environment and help facilitate the expansion of interoperability from a data perspective. So it’s moving where it needs to go with the right privacy controls and the right security controls.
In coming from the private sector, are some of the challenges that you now face at the ONC similar?
I was a HIPAA specialist for United HealthCare and I think I spent a lot of time there doing what I hope to do here, which is really explain to people how the rules work in an implemented environment: how to take advantage of them so that the users have confidence in the system.
In terms of picking up about healthcare interoperability, that also means health information exchange. Obviously, the ONC wants patients to feel engaged and have access, which means the providers do. As the ONC moves forward, does the department have to be at the forefront or highly visible? Consumers are naturally going to have privacy concerns over their information.
I think there’s really interesting survey data coming out that tell us two things: they echo something we’ve known for a while. At the caregiving level patients thought their doctors were doing this already. We really want to build on that. The HIPAA environment we have is perfectly designed for that. It’s media-neutral, meaning 20 years ago when faxes were new, that’s how the information started to move. Now the information is moving through other media but the rule hasn’t changed. We’re going to capitalize on that.
I say that to physicians all the time: “Haven’t you always exchanged information with other physicians for treatment? And, what’s different about this environment?”
The second thing the surveys tell us is that as patients use the systems their confidence in them grows. Just like online banking. Just like ATMs. When we introduce a pretty significant technological innovation it takes time optimally to breed trust. If through interoperability it facilitates physicians engaging their patients through electronic health record systems and the portal, and giving patients access, giving dialogue with patients about their data that they collect and share about themselves, then patients confidence in the system will grow because they’re using it too.
What form is that going to take? Is it chiefly in the form of certification because that’s where the ONC has a major input? Or is this also going to be in the form of some other kinds of standards/regulations?
I take my boss’ title very seriously, so I report to the coordinator. I think we have a significant role in coordination. Obviously our certification standards which are issued anew approximately every year are very important. But they’re about the EHR systems themselves and what you have to do to be a certified EHR user to get your meaningful use incentive.
What I see my role and my office’s role is, in that coordinating piece. So the systems themselves are great, but it also has to be about how people understand their behavior within the overall healthcare system, not the functionality of the EHR itself.
What’s ahead for you in the more immediate future, as well as long-term goals?
It’s no secret that we just had two listening sessions, four hours each on big health data. They’re going to be transcribed and the audios will be put up online. We’ve done that because we’ve been asked to use our work structure to help amass evidence about the potential benefits and the possible risks as we move to a system where we need to get our information from data that comes from sources other than those that are specifically regulated by HIPAA. Most of the people in the know understand well how HIPAA works for these big data analytics, but there’s new sources of data, whether its wearables or patient generated data or the way people want to take a healthcare transactional data and add data from public records systems to it for analytics purposes.
We’re trying to think about the information needs, and how do we keep privacy and information in balance moving forward, towards what Dr. De Salvo articulated at the learning health system. We’re not going to get to the learning health system for a few years so we have some time to work out what we need to have it look like. But we’ll be spending a lot of time on that, digesting the listening session, helping people to understand where healthcare has unique challenges, where healthcare has other challenges that are related to big data that might be similar to other economic sectors, etc. That’s something we’re going to be working on a lot in 2015.
The post ONC’s Lucia Savage Talks Healthcare Interoperability appeared first on HealthITSecurity.com.