A major deadline for health IT interoperability is weeks away, and is met with a shrug

demystifying banner

This is a post about healthcare IT interoperability and a certification deadline. You will be instantly tempted to click somewhere else, but trust me, if you are a healthcare leader, you may want to read on.

By Dec. 31, health IT stakeholders need to certify that they are able to securely share health information records with patients. Varying penalties, including fines, will apply after the first of the year, and as of now, the vast majority of electronic health records systems and providers have yet to comply. Unlike previous deadlines, nobody seems too concerned. 

In one way, the industry may be forgiven for this collective shoulder shrug. Since the HITECH Act of 2009 became law, compliance deadlines with Meaningful Use 1 and 2 were subject to long and frequent delays while the regulations were watered down. Providers took billions in Meaningful Use subsidies, but later balked at the rigor of meeting so many standards. 

Under pressure, the Office of the National Coordinator for health IT and the Centers for Medicare and Medicaid Services changed course, going from a mandate of “complete” certification for all modules to a “modular” approach in which health IT vendors could certify for their choice of criteria, only having to pick enough from each menu of options to achieve compliance in certain areas that their systems were capable of. It was up to their customers to source other health IT products that fulfilled the needs of the providers’ other requirements.

Much of the talk around Cures Act updated compliance with interoperability standards seemed to focus on payers, but they were the first to achieve technical compliance. Providers trusted their EHR vendors had matters in hand without fully comprehending the distinction between “complete” and “modular” certifications. 

The upshot of all of this activity and spending is gleaming new IT systems that could not (or were prevented from) effectively exchange data with other providers or patients.

However little attention it seems to be getting, the Cures Act has important goals. All entities that must meet population health objectives such as coordinating care through patient engagement need to have robust and secure means of communicating among disparate information systems from multiple vendors. Centralized scheduling, quality measurement/reporting tools, telemedicine, remote patient monitoring and clinical decision support software all require interoperability of health data exchange.

For the American public, the Cures Act fosters innovation in healthcare to deliver better information more conveniently to patients and providers. It also promotes the use of technology to give the American public visibility into the services, quality and costs of healthcare. Patients would be increasingly able to take control of their healthcare and their medical record through smartphones and modern software apps that can assemble and read their records, allowing them to shop for care by comparing costs and understanding possible treatments and expected health outcomes.

The 21st Century Cures Act was Congress’ response to this failure to fulfill this vision, but who owns the changes it sought is an open question. 

Vendors believed that they could meet the letter of the law by developing home grown open application programming interfaces that allow software companies to access EHR data. They also bet that the ONC and CMS would not mandate use of advanced new standards called FHIR®, also known as Fast Healthcare Interoperability Resources, which define how healthcare information can be exchanged between different systems regardless of how the data is stored. 

Unfortunately, the bet did not pay off. FHIR is now baked into the Cures Act, causing a major predicament. Unless you have a deep bench in your IT department, implementing FHIR with an approved OpenAPI is more than a few weeks’ work. And the onus is on providers to prove they are compliant under CMS reimbursement rules. Most are clueless about what their EHRs are certifying for or not. 

While many EHRs have certified for a variety of requirements under the Cures Act, a vast majority have not addressed the capability of patients to access and download records of their care, more formally called the “Standardized API for Patient and Population Services.” By Dec. 31, patients must have complete transparency into the cost and outcomes of their care, and entities need to provide it using a capability based on FHIR to be able to give patients their data in an accessible format. 

Fortunately, late arrivers to the party can still do something, which is to find an interoperability technology provider like Carefluence that has a plug and play solution that uses all of the elements set forth in the Cures Act for the standardized API for patient and population services. 

All you need to do is act, which at this point on the calendar means picking up the phone and saying the word “Help.”