The HIT Policy Committee is recommending electronic health records systems under Stage 3 of the meaningful use program have comprehensive capabilities to query disparate EHR systems for patient records, and to electronically respond to such queries from other EHRs.

And that may not be the toughest task ahead. The committee envisions patients having data portability to take their electronic health record with them when they switch providers, and providers having data migration that enables them to switch EHRs while having coded data in the old system consumed by the new system so clinical decision support will still work.

The policy committee is comprised of industry stakeholders who advise the Office of the National Coordinator for Health Information Technology and other federal agencies on health information technology matters--and ONC accepts the large majority of its recommendations.

In a four-page letter sent on Nov. 14 to Jacob Reider, M.D., acting national coordinator for health information technology, the committee offered nearly 30 recommendations of capabilities EHRs need in Stage 3 to support vastly expanded data exchange functions to serve providers as well as their patients in three core areas: Query for a Patient Record, Provider Directories, and Provider Data Migration and Patient Portability. Here is the letter:

Dear Dr. Reider:

The HIT Policy Committee asked the Information Exchange Workgroup to develop health information exchange recommendations for Stage 3 of Meaningful Use. This letter provides recommendations to the National Coordinator and Department of Health and Human Services, based on the feedback received from the Meaningful Use Stage 3 Request for Comments on the health information exchange items put forward by the Information Exchange Workgroup. This letter presents the Information Exchange Workgroup’s final recommendations, as approved by the HITPC, on all of the issues raised from comments received from the RFC for Stage 3 of the Meaningful Use program.

Query for a Patient Record

HITPC recommends:

* Search for patient information: EHR Systems have the ability to electronically query external EHR systems for patient medical records.

* Respond to searches for patient information: EHR systems have the ability to electronically respond to electronic queries for patient medical records from other external EHR systems.

HITPC recommends that the following principles be used for establishing requirements and standards for query-based exchange:

* Continuity: Build on Stage 1 and 2 approaches and infrastructure for directed exchange where possible, and allow use of organized HIE infrastructures where applicable and available.

* Simplification: Set a goal of having query and response happen in a single (or minimal) set of transactions.

* Generalization: Accommodate flexibility in use cases, workflows, installed base capabilities and legal policy considerations, e.g., allow clinical sources to have flexibility in how they respond to requests and remain flexible to legal and policy variation across legal entities and states.

* Transactions: Querying systems must have the ability to: (a) discover address and security credentials of clinical source, (b) present authenticating credentials of requesting entity, (c) present patient-identifying information, (d) assert authorization for specific patient-level request, (e) indicate type of information being requested (optional), (f) securely transmit query message, (g) log requesting transaction, (h) (Post-Query) receive responding information, and (i) (Post-Query) log transaction and disclosure.

* Responding systems must have the ability to: (a) validate authenticating credentials of requesting entity, (b) match patient, (c) assess robustness of authorization for specific patient-level request, (d) automate responses to requests based on robustness of authorization information presented by requester (i.e., enable parameters to allow automation in certain circumstances determined by data-holder, such as request clinical setting (e.g., ED) or geography (e.g., within state), (e) check for and respond with patient record information or with indication that no patient record information will be sent in response to query, and (f) log transaction and disclosure.

Transaction Details

* Addressing Access to Security Credentials and Authentication: (a) Standards should leverage (but not be restricted to) the considerable HISP policies and infrastructure being deployed to enable discoverability of addresses and security credentials for directed exchange.

* Authorization: (a) Variation in state-and organization-level policies suggests need to leave standard open to wide range of locally-determined authorization policies, (b) EHR systems should capture a structured consent indicator and include such indicator in query message when querying, and consumer such indicator when being queried, and (c) EHR systems should have ability to send and receive consent documents in query and responding messages.

* Patient-matching: (a) Patient-identifying information and corresponding matching functions should be based on standardized demographic fields, (b) Data-holding entity should determine threshold of assurance needed to establish a match (could be facilitated by record locator function of organized HIE if available and desired).

* Response to request: (a) Data holders decide content and format of response according to their processes, policies and technology capabilities, (b) Data holders assure that information in response is covered by authorization presented by requesting entity, and (c) Data holders will respond to all queries including an acknowledgement of non-fulfillment of request (e.g., “No information will be sent in response to this query.”). Such acknowledgement of non-fulfillment should not divulge any information about the patient (such as whether the data holding entity has any information about the patient).

Provider Directories

HITPC recommends:

Search for provider: EHR systems have the ability to query external provider directories to discover and consume addressing and security credential information to support directed and query exchange.

Respond to search: EHR systems have the ability to expose a provider directory containing eligible professional and eligible hospital addressing and security credential information to queries from external systems to support directed and query exchange.

HITPC recommends that the following guidelines be used for establishing standards for provider directories:

* Scope: Standards must address PD transactions (query and response) as well as minimum acceptable PD content to enable directed and query exchange.

* Continuity: Build on Stage 1 and 2 approaches and infrastructure for directed exchange where possible and allow use of organized HIE or cross-entity PD infrastructures where applicable and available (i.e., remain agnostic to architecture and implementation approaches).

* Simplification: Set goal of having PD query and response happen in a single (or minimal) set of transactions.

* External HER system: An HER system of another distinct legal entity, regardless of vendor.

Transactions:

* (1) Querying systems must have ability to (a) Present authenticating credentials of requesting entity, (b) Validate authenticating credentials of provider directory holding entity (c) Present provider-identifying information, and (d) Securely transmit query message.

* (2) Provider directory must have ability to: (a) Validate authenticating credentials of requesting entity, (b) Present authenticating credentials to requesting entity, (c) match provider, and (d) respond with unambiguous information necessary for message addressing and encryption or acknowledgement of non-fulfillment of request.

* (3) Provider directories must have administrative capabilities to: (a) Submit updated provider directory information (additions, changes, deletions) to external provider directories, and (b) Receive and process provider directory updates from external provider directories.

Transaction Details:

* (1) Provider directories should contain minimum amount of information necessary on EPs and EHs to address and encrypt directed exchange and/or query for a patient record message.

* (2) Provider directories should contain minimum amount of information necessary on EPs and EHs to disambiguate multiple matches (i.e. same provider at different entities, providers with the same name, etc.).

Provider Data Migration and Patient Portability

Goal: to Enable patients who switch providers to have their care continue seamlessly (no repeat tests, missing key clinical information, etc.). To enable providers switching EHR systems to continue providing seamless care to patients (coded data in old system is consumable by the new system so clinical decision support still works).

1. The HITPC recommends that the HIT Standards Committee develop standards and technical specifications that provide a first step  on a long-term path to addressing both the provider data migration (provider switching from one or more EHR systems to another or multiple systems) and patient portability use cases (patient requesting the movement of their complete record, e.g., to a new primary care physician), to include such cases as patient care, clinical quality metrics and clinical decision support. The HIT Standards Committee should establish an appropriate timeline for implementing this initial step.

(a) The HIT Standards Committee should determine the necessary elements of core clinical record that will establish a first step on the path towards improved data portability for patients and providers, and

(b) The HITPC suggests the HIT Standards Committee explore the adoption of a core clinical record that is easily extractable and consumable by EHRs to support the provider data migration and patient portability use cases.

2. ONC should establish a long-term path to move the industry towards a practical patient portability and provider data migration solution that addresses the key policy concerns identified by the HITPC. ONC should:

(a) Investigate the current state of the field and create a needs assessment to lay the path for future standards work to reach this vision.

(b) Explore policy levers in addition to certification that could help facilitate patient portability and provider data migration portability (i.e., ACO continuity of record requirements, legal medical record requirements, etc.).

We appreciate the opportunity to provide these recommendations on Stage 3 of the Meaningful Use program and look forward to discussing the next steps.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access