Over 90% of practicing physicians in the U.S. now use electronic medical records (EMRs). Largely gone are the days of handwritten physician notes and illegible prescriptions.
But the promise of digital data to bring about better care hasn’t fully materialized yet. Patients and providers are stuck with a fragmented and frustrating data environment, unable to easily access and share records across clinics and hospitals.
Often, the only means to obtain records are through computer printers, fax machines and copiers.
Alex Azar, secretary of the Department of Health and Human Services, publicly complained that he recently spent over a month trying to get access to his records from a hospital without success. He describes this as “equal opportunity frustration.”
If Azar has problems getting his medical data, just think about the average person.
Why is it so challenging for patients to access their own health information? Current EMR vendors and health systems effectively block information sharing by making technology and process choices that keep complete medical records locked away in obscure databases.
At best, patients can download a subset of their healthcare data from health systems that offer internet portals, most of which are designed by their EMR vendors. Certain data, such as radiology images or pathology results, are routinely unavailable in these portals and therefore difficult for patients to retrieve.
In a healthcare economy largely driven by payment for services rendered instead of value provided, there’s little incentive for hospitals and physicians to freely exchange data. And EMR software companies would rather maintain a closed environment to make it harder for their clients to switch systems.
By leveraging artificial intelligence and other data analysis approaches, physician groups can measure how sick their patients are and what quality care they’re receiving by mining physician notes. Healthcare technology companies operate under prevailing federal data portability, security and privacy laws. Our clients are frustrated by the difficulty we (and they) encounter when trying to liberate clinician notes from EMR systems they paid hundreds of millions or billions of dollars to implement.
EMR companies do offer third-party organizations access to their databases, but only if these companies relinquish a healthy portion of their revenue. By charging high fees for data access and exchange, EMR companies are keeping healthcare technology companies from using digital health data to innovate and improve.
The 21st Century Cures Act, a landmark piece of legislation passed with significant bipartisan support in late 2016, sought to address these real data challenges.
The main objectives of the Cures Act are streamlining the drug and device approval process and speeding up the introduction of new treatments to the market. The Cures Act addresses the challenges of securely acquiring and sharing electronic data in two ways: (1) it specifies that health IT systems use specified common data standards, protocols and application programming interfaces to enable patients to securely access, use and share their digital data at no cost; and (2) it prohibits information blocking by EMRs and physicians, except under special circumstances.
Almost four years after the law passed, the federal agency that coordinates health information technology policy is preparing to release rules that will put the Cures Act into motion. Guess who’s trying to stop these rules from being released? Judy Faulkner, CEO of Epic. This company is one of the top EMR providers in the country and a large, indirect recipient of government subsidies.
In her letter to hospital client CEOs, Faulkner writes “We are concerned that health care costs will rise, that care will suffer and that patients and their family members will lose control of their confidential health information.”
In a statement published on the company website, Epic “strongly agrees” with patients’ ability to access their data but wants the federal government to put in place “necessary solutions” to prevent “serious risks to patient privacy.”
The company cites hypothetical examples of third-party apps that use or expose sensitive information unbeknownst to the individual who initially authorized the data exchange. This statement also mentions the well-publicized Facebook sale of user data to Cambridge Analytica without explicit user consent. But Epic ignores the fact that patients have endured many frustrating years of navigating the current system created by Epic and others.
People are demanding free and secure access to their complete health record, now.
Is it possible that some sensitive data may inadvertently get exposed by third-party applications? Sure.
We also have medical record breaches on a regular basis, but that doesn’t stop us from allowing hospitals from storing our health information. We shouldn’t let some hypothetical data privacy concerns keep patients from having free and unfettered access to their complete healthcare records.
Each of us regularly makes knowledgeable decisions about how, when and under what circumstances to share our financial and personal data with various organizations and applications. We can do the same with our healthcare data.
Additionally, there will likely be exceptions in the forthcoming information-blocking rules to ensure healthcare organizations provide access, exchange or use of electronic health information in a manner permitted under existing privacy laws. And it’s likely that current law will undergo revisions to address privacy concerns that arise with these new data-sharing rules.
Insights from liberated healthcare data can help reduce diagnostic and treatment errors, accelerate advances in treatment discovery and personalized medicine, and help patients and caregivers make the best care choices. These data could improve our treatment quality and reduce costs.
But we need the promise of free and open access to healthcare data to come to fruition—and companies that stand in the way to be penalized accordingly.
Darren Schulte, M.D., has more than 15 years of industry experience in healthcare analytics and technology. Darren served as the chief medical officer and president of Apixio prior to being appointed CEO in 2014. Darren co-developed 25 clinical measures endorsed by the National Quality Forum to measure ambulatory care quality using electronic data.