Wednesday, March 18, 2015

Surely This Is Using A Sledgehammer To Crack A Nut. Shows Lack Of Any Real Understanding Of the Real Issues Involved.

This appeared a few days ago.

Congressman Takes Aim at EHR Interoperability with Draft Bill

MAR 13, 2015 7:43am ET
Rep. Michael Burgess (R-Tex.), a physician and member of the House Energy and Commerce Subcommittee on Health, has drafted legislation that would establish a congressionally-appointed advisory committee to develop an EHR interoperability standard required for certification that would go into effect by 2018.
The draft bill calls for the termination of both the Health IT Policy and HIT Standards Committees, which are to be replaced with a 12-member advisory committee composed of providers, qualified EHR developers, insurers, group health plans, and other stakeholders. Six of the committee members would be appointed by the House Speaker and minority leader, while the other six would be appointed by the Senate majority leader and minority leader.
The new advisory committee would have until July 1, 2016, to recommend standards for measuring interoperability and then establish criteria for certifying that EHR technology is interoperable by Jan. 1, 2018. Penalties for non-compliance with the certification criteria would go into effect beginning Jan. 1, 2019.
 “At this point the bill is still very much a discussion draft and has not been introduced,” a spokesman for Congressman Burgess told Health Data Management.
The 25-page document is entitled “Ensuring Interoperability of Qualified Electronic Health Records.” For a qualified EHR to be considered interoperable, according to the draft bill, such record must satisfy the following criteria:
*Open Access—The record allows authorized users access to the entirety of a patient’s data from any and all qualified EHRs without restriction;
*Complete Access to Health Data—The record allows authorized users access to the entirety of a patient’s data in one location, without the need for multiple interfaces (such as sign on systems);
*Does Not Block Access to Other Qualified EHRs—The record does not prevent end users from interfacing with other qualified EHRs.
Beginning Jan. 1, 2019, the proposed legislation states that any qualified EHR that does not satisfy the certification criteria “shall no longer be considered as certified under such program” through a process of decertification. Further, starting in 2019 and each subsequent year, the draft bill instructs the Department of Health and Human Services to publicly post on the web a list of non-compliant vendors whose “certification has been withdrawn.”
More here:
This all struck me at all together the wrong place to be trying to solve what are essentially complex technical questions.
Fortunately it seems others much more technically literate than I see this as a little dumb to say the least.

Establishing Interoperability by Legislative Fiat

Posted on March 10, 2015 by Grahame Grieve
h/t to Roger Maduro for the notification about the Rep Burgess Bill:
The office of Rep. Michael C. Burgess, MD (R-Texas) released a draft of the interoperability bill that they have been working for the past several months on Friday. Rep. Burgess, one of the few physicians in Congress, has been working very hard with his staff to come up with legislation that can fix the current Health IT “lock-in” crisis.
Well, I’m not sure that it’s a crisis. Perhaps it’s one politically, but maybe legislation can help. With that in mind, the centerpiece of the legislation, as far as I can see, is these 3 clauses:
‘‘(a) INTEROPERABILITY.—In order for a qualified electronic health record to be considered interoperable, such record must satisfy the following criteria:
‘‘(1) OPEN ACCESS.—The record allows authorized users access to the entirety of a patient’s data from any and all qualified electronic health records without restriction.
‘‘(2) COMPLETE ACCESS TO HEALTH DATA.— The record allows authorized users access to the en- tirety of a patient’s data in one location, without the need for multiple interfaces (such as sign on systems).
‘‘(3) DOES NOT BLOCK ACCESS TO OTHER QUALIFIED ELECTRONIC HEALTH RECORDS.—The record does not prevent end users from interfacing with other qualified electronic health records.
Well, there’s some serious issues around wording here.
Firstly, with regard to #1:
  • What’s the scope of this? a natural reading of this is that “the record’ allows access to all patient data from any institution or anywhere else. I’m pretty sure that’s what not they mean to say, but what are they saying? What ‘any and all’?
  • Presumably they do want to allow the authorizing user – the patient – to be able restrict access to their record from other authorised users. But that’s not what it says
  • The proposed bill doesn’t clarify what’s the ‘patient record’ as opposed to the institution’s record about the patient. Perhaps other legislation qualifies that, but it’s a tricky issue. Where does, for instance, a hospital record a note that clinicians should be alert for parental abuse? In the child’s record where the parent sees it?
  • Further to this, just what are health records? e.g. Are the internal process records from a diagnostic lab part of ‘any and all qualified health records’? Just how far does this go?
With regard to #2:
  • What’s an ‘interface’? As a technologist, this has so many possible meanings… so many ways that this could be interpreted.
  • I think it’s probably not a very good idea for legislation to decide on system architecture choices. In particular, this sentence is not going to mesh well with OAuth based schemes for matching patient control to institutional liability, and that’s going to be a big problem.
  • I’m also not particularly clear what ‘one location’ means. Hopefully this would not be interpreted to mean that the various servers must be co-located, but if it doesn’t, what does it mean exactly?
With regard to #3:
  • I can’t imagine how one system could block access to other qualified health records. Except by some policy exclusivity, I suppose, but I don’t know what that would be. Probably, if this was written more clearly, I’d be in agreement. But I don’t really know what it’s saying
There’s some serious omissions from this as well:
  •  There’s nothing to say that the information must be understandable – a system could put up an end-point that returned an encrypted zip file of random assorted stuff and still meet the legislation
  • There’s no mention of standards or consistency at all
  • There’s no mention of any clinical criteria as goals or assessment criteria
More here:
Really this idea for legislation needs to be simply ignored - while being clear properly managed interoperability is clearly vital. If the political imperative is so intense, which I doubt, then any legislation should only be defining goals and setting sensible timeframes and then standing back and letting the technologists address the perceived problem.
Thanks Grahame for pointing out at least some of the issues associated with this planned approach.

No comments: