Wednesday, April 13, 2016

Assessing Interoperability for MACRA

Dr. Larry Garber, Medical Director for Informatics at Reliant Medical Group penned this response to the HHS request for an assessment of interoperability needed to support MACRA.

It’s so good that I wanted to share it with you as a guest post

"To:  Department of Health and Human Services
Office of the National Coordinator for Health Information Technology
330 C Street SW., Room 7025A
Washington, DC 20201

Re: ONC RFI Regarding Assessing Interoperability for MACRA

I am writing as a practicing physician, an implementer of electronic health records (EHRs), a designer/developer/director of EHRs and health information exchanges (HIEs), and a participant in standards development processes. It is my firm belief that our goal is “Hassle-Free HIE.”  In order to achieve that goal, it is not only important to measure progress towards that goal, but also to ensure that all of the tools necessary to achieve that goal are readily available.

Interoperability is a continuum measured on 3 major axes with 9 sub-axes scored regarding their level of automation:

1. What the holder/releaser of data had to do (including the patient in the case of Personal Health Records (PHRs) and personal devices):
a. Authorization
i.    Can’t be done
ii.  Manual determination of patient authorization
iii.  Automated (either authorization was covered by federal and state laws/regulations and that patient had provided any other required authorization/acknowledgement prior to transaction; or EHR was able to automatically convey consent requirements and interpret the nature of the release (e.g. requestor, purpose and data types) and assertions of collected authorization in order to automatically release the data)

b. Addressing/authentication
i.   Can’t be done
ii.  Manual identification of where/how to send the data and authenticating the requestor
iii. Automated identification/authentication of where/how to send the data

c. Gathering data
i.   Can’t be done
ii.  Collection of the data for sending required some manual intervention or entry
iii. Automated collection of the data to send (including device data)

d. Sending data
i.   Can’t be done
ii.  Manually triggering the data to be sent
iii. Automated sending of the data

2. What the receiver of data had to do:
a. Identifying data source(s)
i.   Can’t be done
ii.  Manual identification of holder(s) of data
iii. Automated identification of data source(s)

b. Requesting data
i.   Can’t be done
ii.  Manual request for data
iii. Automated request for data (including subscription or data pushed to receiver)

c. Authorization
i.   Can’t be done
ii.  Manual determination of requirements and assertion of patient authorization
iii. Automated (either authorization was covered by federal and state laws/regulations and that patient had provided any other required authorization/acknowledgement prior to transaction; or EHR was able to automatically determine consent requirements and assert the nature of the release (e.g. requestor, purpose and data types) and assert the collection of the authorization)

d. Importing data
i.   Can’t be done
ii.  Display/view of data only
iii.  Manual reconciliation
iv.  Automated reconciliation/incorporation

3. What the patient also had to do:
a. Authorization
i.   Can’t be done
ii.  Manually provide authorization for the transaction
iii. Nothing (i.e. authorization was covered by federal and state laws/regulations and that patient had provided any other required authorization/acknowledgement prior to transaction so transaction can be automated)


These measures can be applied to specific types of data (e.g. Medications, Problems, Allergies, Immunizations, Test Results, etc…) or document-level data (e.g. Patient Summaries, Care Plans, etc…)

I’m not sure how to automatically measure these, so they probably require attestations based on certain types of data as noted above (e.g. Test Results and Discharge Summaries).

HOWEVER, it is important to note that the scores on these measures do not reflect on the capabilities of an individual provider, their EHR vendor, their EHR’s implementation/training, the community/state/national infrastructure, the available standards, or the local/state/federal laws/regulations.  Instead, it is a collective measure of all these combined.  So while I think it’s important to measure these as a nation (because you can’t improve what you can’t measure), I do not believe that you can force Hassle-Free HIE by measuring and penalizing providers for things that are out of the control of the providers.  You first need to create the national infrastructure to give the providers the opportunity to be successful (see below).  Only then can you use positive incentives to encourage interoperability; but it’s still not fair to impose punitive payment withholds.  While I recognize those are essentially the same, the difference is the message that you send when you market this…

In order to accomplish Hassle-Free HIE, we need these catalysts that are missing today:
1. National federated Master Patient Index (MPI) network
a.Standards for patient demographic recording
b. Standards for patient matching algorithms
c. Shows how to communicate with patients, including Personal Health Records
d. Shows proxy relationships and how to communicate with them
e. Show authenticated devices and how to communicate with them

2. Relationship Listing Services (RLS) affiliated with the MPIs
a. Show providers affiliated with patients and their roles (e.g. PCP)
b. Show patient authorizations for communication with specific providers
c. Show provider subscriptions for specific types of information, including events

3. National federated Provider Directory network
a. Show provider services offered
b. Show provider capabilities to communicate electronically, including necessary certificates/addresses
c. Provider Directory is automatically updated/maintained by EHR that each provider uses

4. Standard consents/authorizations
a. Types of data, uses of data, restrictions on redisclosure, timeframes, etc…
b. How to convey requirements and assert that they have been received from patient
Hc. ow to convey authorization for proxy access (e.g. to parents of minors, or children of elderly parents) on behalf of patient

5. Standard vocabulary for orderable tests and procedures

6. Standard APIs
a. Querying data from EHRs
b. Submitting device data to EHRs

7. Support and encourage free text summaries of problems and encounters
a. C-CDA updated to allow free-text descriptions/explanations of Problems in the coded data part of the Problem Concern Act and Problem Observation templates
b. EHRs capable of generating C-CDA R2.1 documents that include free-text descriptions/explanations of Problems and Medical Decision Making in the Assessment or Assessment and Plan Sections
c. Other document and API support for free-text problems and encounter summaries

Thank you for this opportunity to provide input into the future of our healthcare system."

2 comments:

meltoots said...

That was an awesome post. I certainly hope that CMS and ONC starts to hear that penalizing the battered front line physician is only further damaging us. Not a day goes by that I think about leaving Medicare/Ins Panels, or just giving up/retiring out of medicine. I have become so disheartened, disillusioned and disgusted by the current leaders of CMS/ONC, the 10 way firing squad that I face every day. I have done my best to keep anyone that asks from thinking about being a front line physician. Obviously I have lost all hope. But this article was great.

Anonymous said...

A few additions to Larry's catalyst list.

3. National federated Provider Directory network
b. Show provider capabilities to communicate electronically, including necessary certificates/addresses/networks (addresses or endpoints might need to be network specific - e.g. HIE, eHealth Exchange, CareQuality, CommonWell Health Alliance.)
d. Provider Attributes (e.g. name, aliases, historical names , treatment locations, HIM locations, payment locations, relationships to other providers/organizations/entities)
e. ability for provider or other entities to perform search/lookup
f. ability for patients to search/lookup to identify who in consent/authorization (tied to 4. Standard consents/authorizations) they are willing to share their information with
g. sustainability - how does this capability financially sustain itself?

4. Standard consents/authorizations
d. How do patients identify who will have access to their information? (see provider directory comments)