Irked by the notion that federal enforcement officials should use HIPAA to crack down on information blocking, a group of EHR vendors argued that the push for greater interoperability in healthcare should be rooted in solving real-world problems rather than doling out penalties.
Their perspective contrasts with that of former federal health IT officials and underscores a deepening divide over not just how to define information blocking, but how prevalent it is throughout the industry.
In a post authored by the EHR Association’s executive committee, representatives from several of the largest vendors, including Epic and Cerner, sharply criticized a Health Affairs blog post by Lucia Savage, former chief privacy officer at the Office of the National Coordinator for Health IT. Savage argued that officials with Office of Inspector General should look no further than HIPAA to “recover incorrectly paid incentive payments and root out information blocking.”
But EHRA said her post makes “inflammatory and inaccurate assertions about EHR vendors,” adding that "it is inconceivable to us that a vendor would not ‘allow’ sharing of data with a registry just because it is not a customer."
Time for some registries to put up or pipe down?— Farzad Mostashari (@Farzad_MD) September 14, 2017
Maybe @AmerMedicalAssn can coordinate their response
“Layering on additional theories aimed at providers and developers wrapped in HIPAA adds little and unproductively makes the focus of interoperability one of compliance rather than meeting the real data-sharing needs of providers and their patients, a task to which our members are committed,” the EHRA executive committee wrote.
This disagreement is hardly new— EHRA voiced its position on information blocking in a 2015 letter (PDF) to ONC—but it’s a discussion that has become more relevant as federal regulators attempt to define and enforce information blocking. Under the 21st Century Cures Act, the OIG can investigate and fine companies or providers that block data exchange.
Savage, who currently serves as the chief privacy and regulatory officer at Omada Health, told FierceHealthcare she welcomes the ongoing debate but says there’s ample anecdotal evidence indicating patients and providers have difficulty accessing their health information.
“I think a difference of opinion is a good thing and it should be well-grounded in what people say and what people’s experiences are,” she said. “What I wrote was pretty well-grounded in what other people have said.”
She’s not the first former ONC administrator to take issue with data sharing discrepancies among EHR vendors. After eClinicalWorks agreed to a $155 million for allegedly circumventing EHR certification standards, former ONC officials Farzad Mostashari, M.D. and Jacob Reider, M.D., told FierceHealthcare that failure to meet data portability requirements has been particularly problematic.
Savage added that when she was at ONC, the agency often received calls from providers complaining that they terminated a contract with their EHR vendor, but the company wouldn’t release their data until they paid a fee.
But she also acknowledged that vendors have taken significant steps to advance interoperability through APIs required under the 2015 EHR certification standards and pointed hopefully to Epic’s Share Everywhere platform that launched this week, which allows patients to share their health data with any provider with internet access, even if they don’t have an EHR.
That’s where Savage believes vendors, providers and regulators can find common ground.
“I think we can we all agree that when a patient asks to transmit their data, they should be able to transmit their data,” she said.