The patient journey looks much different today than it did several years ago. From diagnosis to treatment, most patients have many more stops along the way than ever before. They might visit a physician, diagnostic imaging center, hospital, outpatient rehab therapist, and the list goes on, before their care plan is complete. At each point, a patient generates a health record that becomes an imperative piece of his/her healthcare puzzle. And that data has to be accessible and exchangeable across their journey to ensure the best possible outcomes. At least, that’s the goal.
At the same time, providers across the spectrum of care are under intense pressure to deliver better care at a lower cost. With reimbursements, increasingly being tied to value, the healthcare community has experienced a major, and rapid, shift to a patient-centered, quality-driven care model –– one that is reliant on interoperability and the accessibility of patient data.
Indeed, seamless interoperability has now become a mission-critical part of the healthcare equation, as it reduces cost, improves care efficiency across the continuum of care, and puts the patient back at the center. But, achieving it is another story.
Challenges Facing Interoperability
While the current state of interoperability remains somewhat of a patchwork system, there has been some progress made. For instance, today, 93 percent of hospitals and health systems make records available to patients online, which is up from 27 percent in 2012, according to the 2019 “Sharing Data, Saving Lives: The Hospital Agenda for Interoperability” report, which was compiled by seven national hospital associations. And 88 percent of hospitals now actively share records with ambulatory care, where in the past a vast majority were left out of the equation.
Still, there remain several critical challenges facing the digital transformation of healthcare, and thus achieving true interoperability. For starters, although more than 90 percent of hospitals are utilizing certified healthcare IT, a number of the out-of-the-box solutions are making data exchange incredibly tricky due to siloed data.
Other current challenges include security and privacy concerns, limitations within current health information exchanges (HIEs), and the absence of compatible technical and linguistic standards for ensuring shared data remains intact and is meaningful. With these known challenges, how can providers and health systems across the care continuum reach true interoperability?
Building A Better Infrastructure
One of the biggest barriers to comprehensive interoperability is the lack of capable technology infrastructure. While a majority of providers are using an electronic health record (EHR) platform, most in use today weren’t built with data exchange in mind. Adding to that, though health information exchanges (HIEs) were put in place to mobilize healthcare information electronically and in a secure fashion, many can’t reliably complete full data exchange across health systems or different source technologies. Some HIEs also don’t enable patients to access their own data, which is counter to what they were put in place to do in the first place.
The good news is 97 percent of hospitals are using a certified EHR, according to the American Hospital Association, and in 2017 alone, hospitals and health systems invested more than $62 billion in certified IT systems that record and transfer critical patient data securely among medical professionals. Furthermore, a majority of these hospitals are also leveraging other mechanisms like application programming interfaces (APIs) –– upwards of four or more –– to share health information, according to the Office of the National Coordinator for Health Information Technology (ONC).
APIs, particularly those that are open, accessible and based on Fast Healthcare Interoperability Resources (FHIR) standards, are viewed as one of the most promising ways to rapidly scale interoperability. In fact, the ONC’s “Shared Nationwide Interoperability Roadmap” highlights several key milestones that will be crucial to achieving true interoperability. One is for more than 50 percent of technology developers to provide access to electronic health information through standard, public APIs by 2020. The next calls for that number to reach 75 percent by 2024. But one call to action before those milestones can be met is for standards to be put in place with APIs in terms of development and security requirements –– and that’s the other big challenge.
Creating A More Secure Environment
A brave new digital world where complex systems seamlessly “talk” to one another and automatically grant the appropriate permissions is the healthcare utopia that many are striving to achieve. But the reality is, security, privacy and compliance issues are still a major concern for many healthcare stakeholders.
Healthcare stakeholders have to be able to trust the shared data is accurate, secure and compliant. And as the aforementioned “Sharing Data, Saving Lives” report states, healthcare IT developers and vendors “must embed security and privacy requirements into every layer of infrastructure.” This includes third-party applications and APIs.
To gain the trust of healthcare providers, this infrastructure also must include mechanisms for verifying that requests made for information are authorized, and that each entity with access to patient data is responsible for securing and using that data. As more health IT systems connect to one another, cyber threats concurrently increase –– and an intrusion in one system can expose all connected systems to that threat.
While overcoming this challenge will be an ongoing battle, and one that will start with creating standards for security, privacy and compliance, one thing health systems can do to add another layer of protection is bring in a third-party expert to assess the security of applications, systems and infrastructures. This should be done through penetration testing to identify vulnerabilities, as well as evaluating the developers or brands behind the technology to ensure they’re credible and have the proper security certifications in place.
Standardizing Platforms And The Sharing Of Data
Beyond the security of data, it also has to be communicated in a way that is useful to the receiving care provider with its integrity intact. However, there currently lacks a universally agreed upon way of sharing and using health record information.
Some progress has been made in this area though. Namely with a number of hospitals and health systems working collaboratively to contribute to the development of modern standardizations like FHIR, which defines exchange protocols and content models for the electronic exchange of healthcare information.
Many believe systems and APIs based on FHIR standards, that are secure and non-proprietary, will allow for more agile approaches to accessing necessary data. This, in addition to creating a consistent standard for all to follow will be critical to overcoming the current gaps that are making communication between systems a challenge.
By leveraging APIs, many health systems and organizations could finally see a way of addressing the complex questions around how to securely manage and share confidential patient data in a digital world. The most promising thing is most health systems and providers have recognized the issues and are proactively seeking the technologies to solve them –– and this collective effort toward interoperability will be key to achieving a learning health system.