HIMSS asks Congress for national data-matching for HIEs and harmonized privacy regs

A leading professional group for health IT executives is urging Congress to remove some of the hurdles complicating the exchange of health information that, in some cases, endanger patient safety.

In documents released this month, the Healthcare Information and Management Systems Society (HIMSS) recommends that Congress:

  • Order a study of issues related to matching patient data to the correct records, including suggestions for developing a national patient data-matching strategy.
  • Harmonize the hodgepodge of federal and state privacy laws and regulations, which make it a challenge to share information across state lines.

The first, labeled Ask No. 1, raises concerns about the growing risk of mistakenly matching data with the wrong patient in a health information exchange (HIE). Already, between 8 percent and 14 percent of medical records contain mismatched data, HIMSS says, costing hundreds of millions of dollars annually to correct and posing risks to patient safety. The risks will only increase when organizations communicate through HIEs using different systems, algorithms and data dictionaries, the group warns.

"A technologically advanced nationwide patient data matching strategy does not mean that every system has to use the same patient identity method but, rather, means creating national standards and solutions that can be used for exchanging information across systems," HIMSS says.

The second, Ask No. 3, contends that "conflicting privacy and security laws are among the most serious potential barriers to HIE adoption, resulting in "pronounced and pervasive" legal barriers to HIE implementation.

HIMSS asks that Congress be aware of those roadblocks when considering future legislation, convene hearings to discuss the problems and possible solutions, and direct the Department of Health and Human Services to promote the Office of the National Coordinator for Health IT Privacy and Security Framework.

HHS has said in the past that applying a single privacy standard would be impracticable and costly, according to the Report on Patient Privacy, as recounted by AISHealth.com.

To learn more:
-here's Ask No. 1
-see Ask No. 3
Related articles:
ONC to revise model privacy notice for personal health records
GAO: Data privacy protection must keep up with technology
eHealth Initiative calls for flexible health information exchange regulations