Hospitals & Health Systems

Exchange Services

Exchange Connector

Audit Manager

Institutional Audit Monitor

Professional Audit Monitor

Ambulatory and Physicians

Exchange Services

Audit Manager

Polaris MIPS Reporting

Exchange Forms Service

Accountable Care Organizations (ACO) Capabilities


Health Plan Capabilities

Interoperability Regulations and the Effects on Health Information Management

March 30, 2023
MRO Privacy

In January 2023, the Health Data Management COVER story focused on the future of interoperability. As a follow up to this cover story, I wrote a guest article for them entitled 3 specific areas of data sharing to clarify and consider in 2023. Key takeaways from my article include:

Definitions and data sharing parameters for substance abuse must be revamped.

Two issues are beleaguering progress around substance abuse data sharing.

  1. HIPAA (where current rules lie) versus a proposed new rule allowing enhanced data sharing through a one-time permission granting by the patient. These two rules are at odds with each other, so that must be ironed out.
  2. Definitions of key terms within the two rules don’t match. Again, this must be rectified before moving forward with proposed changes in order eliminate all causes for possible confusion.

Reproductive health data protections need particular attention.

New rules and laws are making this a difficult topic to address for a few reasons.

  1. There is no definition of “reproductive health data” included in most of the rules and laws we’re seeing pass.
  2. Health information which many would consider “reproductive health data” is woven throughout a patient’s health record; there’s no one spot for it in an EHR. This makes it nearly impossible to pull out and/or segment.
  3. Decisions on how to redact this sensitive information must be decided on a state-by-state or even facility-by-facility basis.

Concerns about prior authorization changes should be raised.

Streamlining prior authorizations sounds like a fantastic idea on the surface, but…

  1. Real issues arise when one considers the APIs involved in the process. Without a full understanding of how information garnered through an API will be used, a patient may grant access to their health information being sold or used in marketing efforts.
  2. APIs add another layer of access to data that could be compromised, especially if that API is not governed by HIPAA.
  3. To add to the issue, the FTC, who is supposed to have governance in this arena, has never been granted full authority to enforce penalties.

In summary, while we’ve made real strides toward interoperability and responsible patient data sharing, there’s still work to be done. I, for one, am excited to see what’s next and how this can become second nature in the healthcare industry.

Newsletter Sign-Up

Recent Posts

Elevate Your Quality Scores: A Guide to Maximize MIPS/MVP in 2024

Elevate Your Quality Scores: A Guide to Maximize MIPS/MVP in 2024

As the healthcare landscape continues to evolve, so do the challenges and opportunities presented by CMS’ Quality Payment Program (QPP). Since its inception in 2017, QPP has become increasingly complex, making it harder for providers to avoid penalties and maximize...

Choosing the Right QPP Reporting Method for MSSP ACOs in 2025

Choosing the Right QPP Reporting Method for MSSP ACOs in 2025

Navigating the Shift: Transitioning from CMS Web Interface to APP As the 2024 performance year ends, MSSP ACOs (Medicare Shared Savings Program Accountable Care Organizations) are bracing for new reporting obligations under the Quality Payment Program (QPP). The...