Personal Health Information Exchange: the only real answer to interoperability

A few weeks ago, I posted (be sure to check out the comments, I’ll explain why later) about how using HealthVault as a personal health information exchange can address the problems of identity matching and consent for movement of data. It’s a powerful model and every day I get more convinced that it’s the right way to approach all-up health exchange in this country and beyond.  

All this week, I’m here in DC having various conversations about flavors of this model. Mostly this round is about the supply side, and in particular Blue Button + … the most recent (and demonstrably awesome) ONC-convened project to help make information available to citizens.

But yesterday, I was part of a different conversation that just screamed to me again why the pHIE just has to happen, and fast. The context was about how to make EHR data *within an institution* available to other tools --- for analytics, quality measurement, outreach programs, and so on. Universally, startups with great technology were complaining that it was inordinately difficult --- like, business-killing difficult --- to get access to the EHR data they need to create value.

They were begging poor Todd Park to “fix this” --- and because he’s Todd he said he would, and I believe he will, do what he can to try to find a solution. My opinion though: unless that solution is a pHIE, he’s doomed to fail. There is simply no way to meaningfully force EHR vendors that do not want to open up to do so.

But that sucks! Why do I say that? Well, the problem comes down to three inter-related issues:

First, zero EHR vendors really want to open up their data to other tools. Why would they? When only they can get to the data --- only they can provide additional data-related services to their customers. And that’s money, my friend. Now, a few vendors --- in particular those that feel vulnerable in the market right now --- are opening up as a defensive move, and that’s a good thing. A few even are doing it because it’s the right thing to do, and that’s cool too. But by and large, those that are strong in the market have no incentive to open up, and don’t.

Second, you might hope that Meaningful Use could change this by forcing vendors to implement openness and interoperability. And it can, a little. But it’s impressive how effective passive minimal-compliance can be at making these things irrelevant. Look at all the folks that say they’ve “implemented Direct messaging” … but did so by reinterpreting what the spec intended and enabling messages only within their own walls. No matter how well this regulation is written, vendors will implement only the bare minimum necessary to check the box --- and they have proven to be remarkably creative in their ability to avoid things that force openness.

Third, you might assume that customers could/would step in to demand openness so that they have more choice. But they don’t … because they are captives. Duke is spending $700 MILLION on their Epic installation. My little alma mater up at Dartmouth spent $80 MILLION. Are you kidding me? When you make that kind of investment --- you don’t change it for a long, long time.

Now, nobody is forcing these hospitals to buy these systems … but they are, at an increasing rate. So there must be something to love there --- something perceived to be more valuable than choice and flexibility. Either that, or everybody is insane, which seems unlikely if not statistically impossible. The bottom line is, providers are choosing to put themselves in a position where they have no power over their vendors.


So what to do? Well --- the one and only place where there is a clear legal, moral and ethical obligation that can be enforced is patient access. No provider or vendor can honestly look you in the eye and say citizens shouldn’t have access to their own information --- and oh yes, IT IS THE LAW.

And yes, vendors will implement the minimum to satisfy the law too, but this is somewhere that the government can be far more aggressive than they can be elsewhere because they PAY for services on behalf of the citizens they represent (i.e., Medicare). 5% activation is not enough; we need CMS to insist that BB+ is made available and advertised to every patient, with automatic “set and forget” triggers so that the pHIE can work efficiently. It’s not that hard, and there is ample evidence that nothing more than an absolute requirement can change the game. Frankly, even if it was hard --- so what?

Now look what happens --- and this is why it’s important to read the comments in the other post I referenced. Having a personal health information exchange doesn’t mean that every patient has to spend hours caring for and feeding a complex personal health record. It doesn’t mean they all need to use web or mobile apps to manage their health, and it sure doesn’t mean they all have to wear a Fuel Band. THEY JUST NEED TO MAKE THE REQUEST FOR THEIR DATA AND REGISTER CONSENT, which can be done on a form at registration. From there, the data can move completely on its own --- out from one provider and into the next, through the pHIE. It’s like magic.

But let’s get back to the original point of this post --- which was to make EHR data available *within the walls* of the institution for other purposes. Well, if you have a working pHIE --- you have a pipe of rich, coded C/CDA data available for every patient. Wiring up a receiver to capture that stream is a no-brainer, and suddenly we’ve got double-duty interoperability. Hmm! And the better the data targeted to patients is (think Open Notes too!) … the better the integration we can create for other tools at the institution.

This is *exactly* what Mitre did with their open source popHealth tool. Feed it CCDs and get quality measures out --- pretty awesome. Except at the time, the CCDs were crappy (not coded enough, too much variability) and really inconvenient to get out of the EHRs (no standard interface like BB+). CMS can (and has started to in some gentle ways) mandate those issues away … so let’s go all in.


Government doesn’t (and shouldn’t) have a ton of levers at their disposal to impact the way enterprises run internally. But when they pay for services for American citizens, it is pretty fully justified in making requirements about what kind of service those citizens receive. Enabling personal health information exchange for those citizens is just a no-brainer, and it will have an avalanche of awesome side-effects.

It’s time for some really bold action to make it happen.