Monday, March 9, 2009

Forward, Forever Forward

The American Recovery and Reinvestment Act doubles the size of the healthcare IT industry. The details of the work ahead, how we'll organize to accomplish the work and who will do the work are still being developed. In the meantime, I'm getting involved in every discussion, debate, and brainstorming opportunity that I can to move the work forward.

This will be a busy week. On Wednesday I'm joining the Markle Connecting for Health kick-off meeting to discuss key issues for implementation of ARRA. On the same day, I'm giving a HIMSS Webinar with Mark Leavitt and Dave Roberts to discuss our best thinking about ARRA.

Here are a few thoughts as I prepare for these venues.

Carol C. Diamond MD, MPH Managing Director, Markle Foundation and Chair, Markle Connecting for Health recently testified to the National Committee on Vital and Health Statistics:

"The initial focus should be on only the critical standards for sharing data — the way it moves from point A to point B over the internet. This would involve initially specifying interface, transport and security standards rather than standards for data expression or the behavior of local applications, because the critical predictor of good outcomes and cost- effectiveness is whether or not data is able to move between a person’s various authorized providers."

I agree with her point that interface, transport and security standards are a high priority.

In my own experience in Massachusetts, we created the NEHEN gateway appliance in 1997 to provide a standardized, secure transport system for many types of healthcare data between payers and providers. An appliance is just a self contained hardware and software system. In the case of NEHEN, the Massachusetts community created open source software on commodity servers that is managed by NEHEN so there is minimal impact on the hosting IT organizations.

It started as secure FTP, then evolved to HTTP over frame relay/VPN, then evolved to web services called Healthcare Transaction Services which are now recognized by CAQH as their preferred transport architecture. The beauty of having a secure transport appliance is that it enables interoperability to evolve rapidly in the community. Massachusetts started with benefits/eligibility then added referral/auth, claims, and claims status inquiry, all using X12 content standards. Then, we decided to implement e-prescribing for the State using NCPCP Script standards and leveraged our secure transport gateway to rapidly connect our provider organizations to RxHub/Surescripts. Our Eastern Massachusetts Health Initiative prioritized clinical summary exchange and we began using the Continuity of Care Document to send discharge summary payloads through our appliances. Finally, quality measurement is becoming increasingly important to CMS and our local payers. We're implementing HITEP/HITSP standards for quality data set transmission through our appliances.

Today the country has several different implementations for secure transport of healthcare data

NEHEN's Healthcare Transaction Services
The Social Security Administration Megahit pilot
Nationwide Health Information Network pilots
Google's GDATA API for Google Health
Microsoft API for HealthVault
and many others

All use variations of the same standards that HITSP has harmonized in its TN900 Security and Privacy Technical Note such as SOAP, WS*, REST, TLS, and HTTPS.

However, each of these implementations is a bit different, making them incompatible with each other.

Just as NEHEN built a single appliance for all transport between stakeholders in Massachusetts, I think it is reasonable to follow Carol's recommendation and ensure that every healthcare IT stakeholder implements transport the same way. If we all agree on one way to get data in and out of Google, Microsoft, payers, providers, and government, then the remaining issues are just related to content. HITSP has already done a good job on content standards.

To me, the ARRA provides a great opportunity for all of us - HITSP, NHIN Pilots, Connecting for Health, vendors, and government to converge on a single appliance for transport. Note that this appliance can be implemented by multiple different vendors on multiple different platforms. It could exist as open source and proprietary, just as Apache and IIS are both web servers that implement the same interface, transport and security standards.

To this end, the HITSP Foundations Committee has been working on a revision of all the HITSP content standards to express them in a Service Oriented Architecture. As this is done, we'll have to agree upon the following architectural elements

* Push: Subscribe, Publish
* Pull: Query/Locate, Retrieve Record(s)
* Record Envelope
* Record Addressing
* Authorization
* Source Signature
* Author Signature
* Source/Author Authentication
* Record Content Integrity
* Sender/Receiver Authentication
* Payload Encryption

In the past, HITSP has been required to stay architecturally neutral in all its work, but as we implement ARRA as a country, we're going to have to get very specific about architecture. I look forward to working with all the stakeholders on the specifics and ensuring there are common interface, transport and security standards implemented in every EHR, PHR, payer system, and quality measurement system.

At noon on Wednesday, I'll join the HIMSS Webinar The Act’s Impact on ONC, the National eHealth Collaborative, CCHIT, and HITSP

Although the ARRA's HIT Policy Committee and HIT Standards Committee are still being formed, I do have a few thoughts about how all our organizations will evolve.

These Federal Advisory Committees (FACAs) will advise the government. They will not advise industry, payers, providers, or patients. I believe the FACAs will need multi-stakeholder groups to do the work they prioritize and to coordinate with all the stakeholders in the healthcare IT ecosystem. I believe there will be an ongoing need to harmonize standards, especially around quality measurement mentioned in ARRA several times.

The HIT Policy Committee has already been announced:

"The American Recovery and Reinvestment Act of 2009 directs the Government Accountability Office (GAO) to appoint 13 of 20 members to a Health Information Technology (HIT) Policy Committee.

This Committee is to make recommendations on the implementation of a nationwide health information technology infrastructure to the National Coordinator for Health Information Technology.

The Act requires GAO to make appointments in the following categories:
(1) 3 members who are advocates for patients or consumers
(2) 2 members representing health care providers, one of whom is a physician
(3) 1 member from a labor organization representing health care workers
(4) 1 member with expertise in health information privacy and security
(5) 1 member with expertise in improving the health of vulnerable populations
(6) 1 member from the research community
(7) 1 member representing health plans or other third-party payers
(8) 1 member representing information technology vendors
(9) 1 member representing purchasers or employers
(10)1 member with expertise in health care quality measurement and reporting"

It will be a new committee comprised of great people. NeHC, CCHIT and HITSP are not specifically submitting slates of candidates, but we will happily support any of our members who self-nominate.

The HIT Standards Committee call for nominations has not yet been circulated. My belief is that we'll see it next week. It is my hope that NeHC will evolve to become the HIT Standards Committee. As the new Secretary of HHS is confirmed, hopefully we will get clarity in this area.

It is my hope that HITSP will continue its work and will report to the HIT Standards Committee. I have the same hope for CCHIT and its certification mission.

Thus, the existing excellent people will continue to advance the work, but we'll have new governance and new resources. I've very optimistic that ARRA will align all of us to do great things for the country and the cause of interoperability. All folks that have led these activities in the past are aligned and ready to support the vision of the new secretary.

I hope you join the webinar (2500 folks have already signed up).

Here's to the future!


Chad Small said...

Would love to attend and engage in the process, but looks to be a commercial venture and not all that 'open'. It's great though that they could get 2500 people to shell out $79 a pop ($200,000) - nice work. Mr. Halamka, I don't direct this at you but HIMSS.

HIMSS Non-Members
$79 per webinar
Register now >>

Or, Join HIMSS for $140 and get the 5 Webinars for FREE...PLUS enjoy exclusive member benefits!

Ahier said...

This looks to be a very interesting series. I think the vast majority of those signed up are members and not shelling out $79 each. HIMSS is a worthwhile investment, and this webinar is just one of the many benefits of membership.
I don't want to sound like a fanboy, but I see a lot of value here...

Ahier said...

The Office of the National Coordinator for Health Information Technology (ONC) will release recommendations next month from the Health Information Security and Privacy Collaboration (HISPC), which has been working for three years to resolve policy differences among the states on sharing electronic health information.