Interoperability Regulations and the Effects on Health Information Management

March 30, 2023

MRO Privacy

In January 2023, the Health Data Management COVER story focused on the future of interoperability. As a follow up to this cover story, I wrote a guest article for them entitled 3 specific areas of data sharing to clarify and consider in 2023. Key takeaways from my article include:

Definitions and data sharing parameters for substance abuse must be revamped.

Two issues are beleaguering progress around substance abuse data sharing.

HIPAA (where current rules lie) versus a proposed new rule allowing enhanced data sharing through a one-time permission granting by the patient. These two rules are at odds with each other, so that must be ironed out.
Definitions of key terms within the two rules don’t match. Again, this must be rectified before moving forward with proposed changes in order eliminate all causes for possible confusion.

Reproductive health data protections need particular attention.

New rules and laws are making this a difficult topic to address for a few reasons.

There is no definition of “reproductive health data” included in most of the rules and laws we’re seeing pass.
Health information which many would consider “reproductive health data” is woven throughout a patient’s health record; there’s no one spot for it in an EHR. This makes it nearly impossible to pull out and/or segment.
Decisions on how to redact this sensitive information must be decided on a state-by-state or even facility-by-facility basis.

Concerns about prior authorization changes should be raised.

Streamlining prior authorizations sounds like a fantastic idea on the surface, but…

Real issues arise when one considers the APIs involved in the process. Without a full understanding of how information garnered through an API will be used, a patient may grant access to their health information being sold or used in marketing efforts.
APIs add another layer of access to data that could be compromised, especially if that API is not governed by HIPAA.
To add to the issue, the FTC, who is supposed to have governance in this arena, has never been granted full authority to enforce penalties.

In summary, while we’ve made real strides toward interoperability and responsible patient data sharing, there’s still work to be done. I, for one, am excited to see what’s next and how this can become second nature in the healthcare industry.

Newsletter Sign-Up

Recent Posts

Navigating MSSP Quality Reporting

EHR Connection vs. QRDA-1: How to Pick the Best Reporting Path In the realm of healthcare quality reporting, the method of data exchange plays a critical role in the accuracy, efficiency, and cost-effectiveness of the process. That’s why providers need to understand...

4 Critical Steps to Achieving Data Interoperability for Health Plans

In today’s healthcare ecosystem, data plays a pivotal role in influencing patient outcomes. For many health plans, navigating the complexities of interoperability and seamless data exchange remains a challenge. However, the ability to successfully navigate and...

Driving Healthcare Interoperability Across the Ecosystem: Insights from MRO’s HIStalk Interview

Data has always been at the forefront of healthcare, and the technology facilitating data exchange among healthcare stakeholders continues to evolve. With the surge in data demand, growing volumes of data, new exchange technologies, and the escalating risks of data...