HL7, NATE offer advice for working with patients who want EHR data downloaded to their health app of choice
Telehealth sweet spot? Remote monitoring of patients with cardiovascular or respiratory disease, AHRQ says
- Complex and changing standards. Albert Einstein once said, “If you can’t explain it simply, you don’t understand it well enough.” With that in mind, how easy is it to explain the difference between CDA, CCR, CCD, Green CDA, CCDA and C32 to the average health professional? It’s extremely difficult to understand how each one fits into the overall picture; worse, implementation of any standard demands specialized knowledge. Further, these standards are brittle, as each vendor may have their own interpretation of the specifications. The result is a time-consuming and difficult integration process, even though sending and receiving systems have been developed from the same specifications.
- Security and privacy considerations. If no harm comes from unauthorized use of the data, the penalties for breach are still severe. Even after a vendor manages to work through a sea of standards and the related maze of specifications, exchanging information in compliance with state and federal regulation remains an issue. Security and privacy demands are very high and require even more specialized knowledge. Things such as VPNs, HISPs, DirectMessaging, SSL certificates, AES-256, encryption at rest and minimum necessary privilege present yet another barrier to the process. The penalties, damage to reputation and specialized skill sets needed for secure transactions discourage organizations from doing anything except meeting the bare interoperability requirements. It’s easy to see why some might find it simply not worth the effort or risk to break new ground.