Who’s responsible for patient data?
In the wake of ongoing debate around the proposed rule from the Centers for Medicare and Medicaid Services to give patients better access to their data, here’s a discussion with Ashwini Zenooz, MD, senior vice president and general manager for healthcare and life sciences at Salesforce, and John Halamka, MD, executive director of the health technology exploration center of Beth Israel Lahey Health, on patient data and responsibility in the age of consumerism.
Back in February, CMS released The Interoperability and Patient Access Proposed Rule which, in part, called on the industry to take steps to give patients "safe, secure access to, and control over, their healthcare data.” It sparked outcries and hand-wringing despite sounding pretty reasonable on the surface. In a nutshell, what’s so controversial about this?
John Halamka: The main question for me is, “what’s the workflow?” Who is certifying apps that fit a hospital’s standards? It’s a massive customer relationship management challenge that no institution is even close to ready for. When my 80-year-old mom shows up asking for her data what’s the customer management involved? And is someone at the hospital going to be responsible for saying, “here’s how to choose an app, here’s what we recommend?” Hopefully the final rule out of CMS says something like
“you need to make the data flow to at least one app.” Something that at least makes it actionable and incrementally viable.
Ashwini Zenooz: It’s great there’s a rally for consumerism, but John’s point on workflow is spot on. We don’t just want to pass off that burden to patients and use this new CMS rule as a crutch to let healthcare organizations off the hook for being stewards of this data. We still need providers coordinating, but patients should have the freedom to easily access and share their data if they want to. There’s an important conversation that needs to happen around who will be responsible for the privacy and the analysis of that data.
A new app or device seems to hit the market daily empowering patients to collect and track more data. What’s the responsibility of doctors and hospitals to review all this data? And are any of them even close to prepared for this data tsunami?
Halamka: No, they’re not. No one has a clue what data should be looked at and by whom. If I have a Fitbit with heart algorithm that’s known to be faulty and I send data to my doctor every 5 minutes she would go insane. At Beth Israel Deaconess Medical Center (BIDMC) we agreed to put in a satellite record separate from our EHR to capture this kind of data and experiment on it to find relevant signals. But we’re just beginning to experiment. And, let’s be honest, there’s no legal precedent right now in terms of malpractice exposure for ignoring or missing a piece of data streaming from one of these sources. So no, we’re not ready but we need to get ready.
Zenooz: Patient-generated data is great—if it’s clean and valid data. Unfortunately, when it comes to these apps and devices, there’s no standard that’s been set. So, we can’t expect health systems to take responsibility for this data if they don’t know whether it’s clean or useful. I think it’s great to have health systems like BIDMC test-using data coming in from these new sources. We need the entire ecosystem involved, especially regulators (FDA, ONC), to set standards for data coming in from these new health apps and devices, including the format of the data, and who will take responsibility for what amount of data. We don’t want to go from pilot testing to litigation.
Doctors are already overwhelmed and burned out from sifting through EHR data to find the relevant patient story. Will more data from more sources ultimately improve diagnosis and care or will it just create more noise and add to provider burden?
Zenooz: This is where AI and automation can and must play a crucial role in making data actionable and gleaning insights from it. Things like next-best action, or an algorithm that says ‘if you see these patterns in the data, suggest this action.’ If it’s automated, providers don’t have to weed through that data. And, of course, you then need to continuously audit and evaluate whether or not this data is yielding an ROI for patient outcomes.
Halamka: It’s also important to consider how workflow and care teams evolve to best manage all of these data streams. This is where there’s a need for what I think of as a “care traffic controller” who’s charged with dealing with these digital interactions and raising relevant signals to the doctor’s attention. The care traffic controller would ideally have a kind of CRM dashboard and, with the help of AI, can triage who needs to see what when.
So much of the industry debate around patient data seems to focus on the clinical side of the ecosystem. But what about the administrative side, or even the data science perspective?
Halamka: I have a proposal in process for a machine learning project to help with opioid crisis and you can bet my budget includes a data scientist. We absolutely need data scientists at the table to look at how all of this data is gathered, and evaluate its purpose and utility.
Zenooz: Aside from the clinical side of things, we need to be thinking about how we leverage data for crucial functions like billing, patient communications and care coordination. There’s a huge amount of administrative waste that isn’t directly clinical care, but impacts how a patient will actually recover. For example, transitions in care and adherence to care plans that are heavily affected by social determinants. We need to look at all the data that’s coming in and use it to improve outcomes and lower cost.