Privacy

Proposed Interoperability Rules Receive Unreserved Endorsement from Past Policymakers

Health Affairs published a blog post yesterday, penned by each of the former National Coordinators for Health IT.  They offer unanimous and unreserved bipartisan support for the ONC and CMS' proposed health IT interoperability rules.  Their unified show of support delivers a significant counterweight to comments made by influential industry groups, which recommend a longer window to implement the rules or completely different approaches. Here is a highlight of the comments made the former health IT policy leaders: Rapid advancement of APIs enabled by data standards is critical. Open APIs have been safely and effectively deployed in other industries, including financial services, energy and retail consumer services. HL7 FHIR is an appropriate foundational standard for open APIs in healthcare. Efforts to further advance this standard is critical. Regulators did well to include clinical notes and their provenance as data elements in the U.S. Core Data for Interoperability, so that they can be included in the first set of required open API standards. Real world testing of open APIs will be a critical implementation step for the safe and effective adoption of open APIs in healthcare. Expansion of the interoperability and API framework to health plans is game-changing. Including health plans…

Read More

I submitted a comment to the Office of the National Coordinator for Health IT today.   Below is the text. Dear Dr. Rucker, I appreciate the opportunity to comment on the proposed rules for data interoperability, information blocking and the ONC’s health IT certification program. I counsel HIPAA covered entities and vendors of healthcare technologies on privacy, data security and contracts.  This vantage point gives me a point of view about consumer privacy and data portability.  I would like to offer my comments on the information blocking rule, particularly in regard to the "promoting privacy" exception and, more broadly, the policies that give effect to the individual right of access under HIPAA. The HIPAA Privacy Rule and Data Portability Between Covered Entities The HIPAA Privacy Rule includes detailed specifications that govern the permissible disclosure of PHI between covered entities, but it does not affirmatively require these disclosures to be made.  This is a critical juncture where data portability gets stuck.  The information blocking rule fills a critical gap in the HIPAA Privacy Rule, by inducing health care providers and their respective supply chains to facilitate data portability with other HIPAA covered entities, or else face negative consequences under the enforcement authorities…

Read More

Summaries of the ONC’s Proposed Data Interoperability Rule

A GitHub repository to display high-level and selectively detailed summaries of the ONC's proposed rules is live.  If you've never used GitHub, it's a great way to start collaborating in the software developer community.  If you already use GitHub, the summaries are an invitation to collaborate and engage with you about the ONC's proposals for data interoperability. To access GitHub, you first need to register an account.  After that, click on either of the links in the first paragraph  to begin reading the summaries.  Not all sections of the proposed rule have been summarized, but more of them will be over time.  Meantime, feel free to contribute! Follow links in the Table of Contents to sections that have been summarized. Also, the ONC has provided informal resources on HealthIT.gov to help the public better understand the proposed rule.  The ONC's presentation to HIMSS about the Proposed Rule is a good starting point. The comment period is open until 5pm on May 3, 2019. If you want to submit comments, go to the Federal eRulemaking Portal and upload your comments in MS Word (preferred), MS Excel or Adobe PDF.  If you want help with analyzing any portion of the rules, or…

Read More

With Recent Rulemaking, the ONC and CMS Give Digital Health Innovators A Map for the Emerging Data Interoperability Highway

On February 11, 2019, the Office of the National Coordinator for Health Information Technology (ONC) released its Notice of Proposed Rulemaking for implementing data interoperability provisions of the 21st Century Cures Act.  Under the proposed rule, all health information technology (HIT) vendors that sell “certified electronic health record technology” (CEHRT) to health care providers will be required to meet new security, data governance and API standards, once final rules take effect.  The proposed rule also describes steps to end business practices that emerged during the years when electronic health records were being adopted, which Congress viewed as anti-competitive. In a related announcement, the Centers for Medicare and Medicaid Services (CMS) released a Proposed Rule to promote data interoperability by health plans that participate in the Medicare, Medicaid or the CHIP program, or that issue qualified health plans in the individual health insurance marketplace. Both proposed rules mark a long-awaited step towards standardizing the rules of the road for data interoperability in healthcare.   Of course, the industry hasn’t been sitting on their heels.  Epic’s App Orchard, Xealth’s API marketplace and Apple Health Record are examples of the kind of tracks that are already being laid to connect consumers with their health…

Read More
Back To Top