Mr. Speaker, let's finish strong for interoperability
Finally, we have a Speaker of the House. Whether you followed the political drama last week with amusement and fascination or despair and trepidation, it's a relief to know that it's over (for now). Congress is at full strength, and work can begin.
The new majority leadership in the House has outlined a few priorities, much of which has been recycled from the prior election cycle and lacks specificity. Sadly, there's no mention of a focus on healthcare interoperability. You can't blame them—no one tunes into the evening shows on cable news to hear politicians sermonize about sharing medical records. And this is a long-time, bipartisan problem, with Newt Gingrich and Nancy Pelosi ignoring the topic as well. (In fairness, both became Speaker well before Meaningful Use and the widespread use of EHRs.)
But if Republicans truly want to finish strong for America, a great way to do it would be to take the lead on advancing interoperability. It won't be sexy or attention-grabbing work, and it's going to take bipartisan compromise given that both chambers are closely divided, but it could be tremendously impactful. Here are some ideas for how Congress can use its legislative powers to be a force for good in interoperability.
National patient ID
We need to eliminate the outdated ban on a national patient identifier. A well-designed national patient ID will provide something that we don't have today, a verifiable and consistent identifier that is valid and recognizable throughout our healthcare system but which is also changeable and better protected against fraud. The House has been warmer to a national ID than the Senate but bipartisan support is there. If Congress isn't ready to completely allow it, it should at the very least clarify the law in the next appropriations bill to allow for research and analysis into the issue while maintaining a prohibition on actual implementation.
Extend protections
A lot of Americans assume HIPAA is more powerful than it really is. While HIPAA applies to healthcare providers, clearinghouses, payers, and their business associates, a host of entities involved in digital health are not governed by its rules. Direct-to-consumer apps can collect our health data with far less scrutiny. The federal government has provided guidelines for app developers and clarified that the FTC can take enforcement action on wrongdoers, but Americans deserve HIPAA-like protections whenever their health data is stored and used. Introducing such assurances will spur greater trust in and adoption of digital health tools and accelerate the demand for seamless interoperability.
Any changes here should include codifying the FTC's Health Breach Notification Rule. We have a right to know when our personal information is leaked, yet the protections that exist today could be removed in the future with simple rulemaking. Let's make these safeguards part of the law.
Nonprofits under FTC purview
Speaking of the FTC, it's time to bring nonprofits under their jurisdiction. As the FTC Act is currently written, it applies only to entities that "carry on business for its own profit or that of its members." This means that the FTC's consumer and competition protections don't apply to the vast majority of health systems in the US. There's been interest in changing this (fast forward to 53:20) yet no concrete modifications to the law have been proposed, and Congress will need to consider whether to limit the impact on other nonprofits such as religious institutions and community service organizations.
Will this change directly impact interoperability? Probably not, but it will bring a level field of oversight between nonprofit and for-profit entities in healthcare, and fostering a more competitive landscape could spur innovative providers to change how healthcare is delivered, with interoperability as a core principle rather than a secondary factor.
Push for HHS action
Congress doesn't have only lawmaking powers; it also has the power of oversight, and it should wield it to prod HHS towards action. For one, we need penalties and disincentives for information blocking ASAP. It's been three months since the info blocking provisions reached their full effect—and nearly three years since the rules were finalized—yet HHS has not defined any disincentives for providers and the HHS OIG has not finalized its proposed penalties. Congress should ensure they act quickly.
Secondly, electronic prior authorization is in the news thanks to CMS' recent proposed rule. However, HHS' current rules hamstring interoperability by requiring payers to exchange referral and authorization information using the X12 278 standard, which relies on point-to-point interfaces and for which the adoption rate has been disappointing. The proposed rule will not fix this problem. While I recognize that APIs for electronic prior authorization are still maturing, HHS should update its rules to allow for an API-based exchange standard, and Congress should lean on it to do so quickly.
PI for post-acute
Federal funding spurred an enormous wave of digitization in healthcare beginning in 2009, and the government continues to issue incentive payments and penalties for interoperability-related objectives. The current system, though, only applies to acute care and ambulatory providers. We need to close this gap.
Congress should allocate funds to HHS to establish a version of Promoting Interoperability for post-acute care providers such as home health, hospice, and skilled nursing facilities. I fully acknowledge that this won't be easy or cheap, but it's nonetheless necessary. We don't have to duplicate the initial Meaningful Use program; I would advocate for introducing penalties sooner and holding providers accountable to interoperability measurements from the get-go. Additionally, I strongly believe any such program should be paid for in full, rather than adding to our already massive national debt. But we can't allow for HHS to focus on only part of the healthcare continuum. As patients, we deserve stronger interoperability among all care providers.
