The Department of Health and Human Services (HHS), through the Office of the National Coordinator for Health Information Technology (ONC), has developed “Meaningful Use” criteria and related incentives aimed at promoting the adoption of electronic health record systems. One of the critical advantages of the wide adoption of electronci health records (EHRs) is, at least theoretically, the relative ease with which critical individual health information could be exchanged between care providers.
Such exchange, made through the use of “interoperable” electronic health records, is considered essential to greater integration in the delivery of healthcare. Interoperable health records can reduce wasteful and duplicative examinations and tests because they provide vital patient information in an easily saved and retrieved form.
They also make it easy to transfer up-to-date patient information to new or emergency providers and, because they're software based, can easily and automatically check for details that improve patient safety and reduce the likelihood of medication or other human errors.
Increasing levels of interoperability are to be demonstrated by provider organizations in each of the three stages of Meaningful Use, beginning with provider-to-provider records exchange in Stage 1. Stage 2 will require direct interchange among multiple providers or interchange from a provider through new regional Health Information Exchanges, or HIEs (see Figure 1).
Figure 1. “Meaningful Use” steppingstones to interoperability
While several technical requirements and structures have been defined to support the use of interoperable electronic health records, there is an important legal and technical barrier to the success of interoperability between providers and through HIEs. And, unless this barrier is addressed soon, chaos, not interoperability, will be the result.
In a nutshell, here's the problem: A wide range of federal and state laws (some 32 at last count), mandate a level of confidentiality and protection greater than that required by HIPAA for certain sensitive types of personal health information. Such information-which includes things like addiction treatment, HIV/AIDS status, and genetic markers for cancer or other diseases-merits special protection because it is associated with diagnoses or treatment that could result in discrimination, stigmatization, loss of employment or benefits, failure to seek or complete care, or other negative consequences for the individual involved.
Perhaps the best known law of this type is 42 CFR part 2, (now codified at 42 USC 290-dd2), a law, passed in 1972, that extends a heightened level of confidentiality to patient health records associated with diagnosis and treatment for a substance use disorder. There are good reasons for strong confidentiality protections for information of this type.
One is that addiction to alcohol or drugs follows a chronic, progressive, and predictable path that, if untreated, often ends in death. Another is that persons suffering from addiction commonly suffer further from stigma and various forms of discrimination that are great enough to prevent them from seeking treatment.
Benefits of a national consent-to-disclose standard
Among the benefits of a national standard such as that proposed by the Software and Technology Vendors Association (SATVA), or a functional equivalent, include:
The EHR of the original service provider could automatically (without human intervention) respond to electronic requests for disclosure involving an individual patient with protected information. This will be incredibly important if interoperability becomes prevalent and there are dozens or hundreds of disclosures each day to PHRs, ACOs, Medical Homes, etc.
A single method could be used to manage privacy for all interoperability, meaning;
HIE-to-HIE, including interstate transactions
Between providers and Accountable Care Organizations (ACOs)
Provider-to-provider in a medical home network
Point-to-point between any two EHRs
The EHR of the provider who receives a disclosure could automatically apply a higher level of privacy controls to sensitive information of all types.
Any authorized employee at the provider who receives an electronic disclosure would have the ability to know that the information received has a higher level of privacy requirements and a prohibition on disclosure without additional, individual consent.
While 42 CFR Part 2 nominally protects the confidentiality of those addicted persons who seek treatment, the real power of this law is that it allows addicted persons to seek treatment in the first place.
It does so by allowing individuals with protected conditions to specify who, for what purposes, and for what length of time their addiction treatment information may be shared with others. (See sidebar for list of CFR 42 provisions.)