By ADRIAN GROPPER, MD
The HHS Office of National Coordinator (ONC) hosted a well-attended Annual Meeting this week. It’s a critical time for HHS because regulations authorized under the almost unanimous bi-partisan 21stC Cures Act, three and a half years in the making, are now facing intense political pressure for further delay or outright nullification. HHS pulled out all of the stops to promote their as yet unseen work product.
Myself and other patient advocates benefited from the all-out push by ONC. We were given prominent spots on the plenary panels, for which we are grateful to ONC. This post summarizes my impressions on three topics discussed both on-stage and off:
- Patient Matching and Unique Patient Identifiers (UPI)
- Reaction to Judy Faulkner’s Threats
- Consumer App Access and Safety
Each of these represents a different aspect of the strategic interests at work to sideline patient-centered practices that might threaten the current $Trillion of waste.
The patient ID plenary panel opened the meeting. It was a well designed opportunity for experts to present their perspectives on a seemingly endless debate. Here’s a brief report. My comments were a privacy perspective on patient matching, UPI, and the potential role of self-sovereign identity (SSI) as a new UPI technology. The questions and Twitter about my comments after the panel showed specific interest in:
- The similarity of “enhanced” surveillance for patient matching to the Chinese social credit scoring system.
- The suggestion that we already have very useful UPIs in the form of email address and mobile phone numbers that could have been adopted in the marketplace, but are not, for what I euphemistically called “strategic interests”.
- The promise of SSI as better and more privacy preserving UPIs that might still be ignored by the same strategic interests.
- The observation that a consent-based health information exchange does not need either patient matching or UPIs.
It seems inconceivable to me that the TEFCA national health information network can be built on coercive surveillance instead of some combination of consent and UPIs. HHS controls TEFCA and they will have to deal with this in 2020.
Second, there was fierce reaction from patient advocates, activist patients, and academics to Judy Faulkner’s threat to sue HHS if the final regulations look like the most decent drafts. All three of these perspectives are very much worth reading. All three ask ONC to push for the strongest information blocking rules without delay and I agree.
However, the reaction from the academics, the proud architects of SMART on FHIR, doesn’t acknowledge the pact they made with Epic years ago. Neither the big academic hospitals that drove SMART nor the big hospital EHR vendors like Epic were interested in designing a patient-centered system. SMART on FHIR is conceived as apps that must run in the EHR and under the control of the hospital. SMART is a hospital-centered design, not a patient-centered design. This reflects the shared strategic interest of the EHR vendors and their big hospital customers. My pleas to the SMART and HL7 designers to enable patient-directed access were and still are quietly ignored.
The third topic of interest from a patient-centered perspective was evident in the plenary panel about consumer apps and the privacy risks from their lack of HIPAA protection. The strategic interests were in full display, all asking for convenient access to health records on behalf of patients. One panelist described their success in pulling up a patient record on their smartphone and handing it to a doctor that would otherwise have had no way to see them. The commercial interests were eager for the new regulations to create a market for their solutions.
The problem with these consumer apps is that very few doctors can or will access them in the normal course of events. The apps all present different and unfamiliar interfaces, are not accessible unless the patient is in the room, and cannot easily transfer information into whatever EHR the clinician is using. One of the leading proponents of this patient access ghetto strategy is the CARIN Alliance lobby. It goes as far as to declare that their best practices will not support patient-to-provider communications.
What was entirely missing from the consumer access panel and, as far as I can tell, from the entire ONC Annual Meeting agenda, is any discussion of a longitudinal health record, a patient-centered health record that hospitals, physicians, as well as family caregivers could all access and update to ensure that everyone was on the same page. A cynic might ask: where’s the money or strategic interest for that?
Adrian Gropper, MD, is the CTO of Patient Privacy Rights, a national organization representing 10.3 million patients and among the foremost open data advocates in the country. This post originally appeared on Bill of Health here.
Categories: Health Policy
Indeed. Smaller hospitals sell the data. The larger academic ones don’t even have to sell the patient records. They can take grants to do machine learning and AI right behind their firewall and then transfer just the intellectual property in return for the “grant”. These deals are obviously secret because both parties want the grant to look like charity. Patient data never leaves the academic hospital so no patient consent is needed and privacy scandals are avoided. The only problem is for society as a whole, as medicine is privatized and turned into for-profit AI deal-by-deal.
Thanks for all your investigations of this Adrian. As long as hospitals and other stakeholders like big Pharma can sell this patient information, you will never be able to allow the patient to direct its flow. We have to change this permissiveness re sale before we can make information flow patient -centered.
Not Direct. FHIR. OAuth2. UMA. The standards (and policies) for managing access need to be separate from the standards from the data model, encoding, and transport. The industry chose to bundle the authorization models with the data model. That is reasonable from some perspectives but it’s not a sound foundation in my opinion.
The current debates around consent for patient-directed access, both API and “push” in TEFCA, integration of PDPMPs into EHRs, lack of end-to-end encryption in TEFCA are all due to this unsound foundation.
SMART or HEART could be chartered to deal with the authorization aspects of FHIR separately form the data model. Maybe we should start a new group.
Push messaging? Using direct? That’s a different use case to the framework for SMART on FHIR. FHIR can support push messaging, and we worked with direct to define how that would work across direct. Using direct does have it’s own problems from the patient’s pov, but we’re not about to take on the distribution identification/certificate problem – that’s more TEFCA space. If you think there’s a deficiency in the technical standards here, we can talk about that
It’s not about ONC enforcement or even about the US. The SMART on FHIR use-cases that have been developed are strategically designed to put messaging under the control of the hospital instead of the doctor or patient.
What is the EHR / FHIR equivalent of being able to send a fax to a pharmacy or another EHR by having the doctor or patient enter a destination address?
> My pleas to the SMART and HL7 designers to enable patient-directed access were and still are quietly ignored
We declined to *enforce* patient directed access because that’s ONC business. What we do is enable it technically. We haven’t ignored requests for that to my knowledge…