Interoperability Regulations and the Effects on Health Information Management

March 30, 2023

MRO Privacy

In January 2023, the Health Data Management COVER story focused on the future of interoperability. As a follow up to this cover story, I wrote a guest article for them entitled 3 specific areas of data sharing to clarify and consider in 2023. Key takeaways from my article include:

Definitions and data sharing parameters for substance abuse must be revamped.

Two issues are beleaguering progress around substance abuse data sharing.

HIPAA (where current rules lie) versus a proposed new rule allowing enhanced data sharing through a one-time permission granting by the patient. These two rules are at odds with each other, so that must be ironed out.
Definitions of key terms within the two rules don’t match. Again, this must be rectified before moving forward with proposed changes in order eliminate all causes for possible confusion.

Reproductive health data protections need particular attention.

New rules and laws are making this a difficult topic to address for a few reasons.

There is no definition of “reproductive health data” included in most of the rules and laws we’re seeing pass.
Health information which many would consider “reproductive health data” is woven throughout a patient’s health record; there’s no one spot for it in an EHR. This makes it nearly impossible to pull out and/or segment.
Decisions on how to redact this sensitive information must be decided on a state-by-state or even facility-by-facility basis.

Concerns about prior authorization changes should be raised.

Streamlining prior authorizations sounds like a fantastic idea on the surface, but…

Real issues arise when one considers the APIs involved in the process. Without a full understanding of how information garnered through an API will be used, a patient may grant access to their health information being sold or used in marketing efforts.
APIs add another layer of access to data that could be compromised, especially if that API is not governed by HIPAA.
To add to the issue, the FTC, who is supposed to have governance in this arena, has never been granted full authority to enforce penalties.

In summary, while we’ve made real strides toward interoperability and responsible patient data sharing, there’s still work to be done. I, for one, am excited to see what’s next and how this can become second nature in the healthcare industry.

Newsletter Sign-Up

Recent Posts

Celebrating HIP Week: How MRO Supports Health Information Professionals with Automated Clinical Data Exchange

Healthcare Information Professionals (HIP) Week is a time to recognize the essential role health information professionals play in ensuring the accuracy, security, and accessibility of clinical data. As we celebrate HIP Week, MRO is proud to support healthcare...

Effortless Implementation: How MRO Streamlines Your Transition

Effortless Implementation: How MRO Streamlines Your Transition Switching to a new records management solution can seem daunting, but MRO’s proven implementation process makes it simple, fast, and worry-free. Whether transitioning from a legacy system, an in-house...

Leveraging AI at MRO

Technology Adoption Lessons from the Past If you were part of the Cloud boom in the early 2000s, you saw massive changes in digital technology. Services like Amazon Web Services, Microsoft Azure, and Google Cloud revolutionized the tech world. Today, many of us cannot...