Interoperability Regulations and the Effects on Health Information Management

While we’ve made real strides toward interoperability and responsible patient data sharing, there’s still work to be done.
March 30, 2023
Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB

In January 2023, the Health Data Management COVER story focused on the future of interoperability. As a follow up to this cover story, I wrote a guest article for them entitled 3 specific areas of data sharing to clarify and consider in 2023. Key takeaways from my article include:

Definitions and data sharing parameters for substance abuse must be revamped.

Two issues are beleaguering progress around substance abuse data sharing.

  1. HIPAA (where current rules lie) versus a proposed new rule allowing enhanced data sharing through a one-time permission granting by the patient. These two rules are at odds with each other, so that must be ironed out.
  2. Definitions of key terms within the two rules don’t match. Again, this must be rectified before moving forward with proposed changes in order eliminate all causes for possible confusion.

Reproductive health data protections need particular attention.

New rules and laws are making this a difficult topic to address for a few reasons.

  1. There is no definition of “reproductive health data” included in most of the rules and laws we’re seeing pass.
  2. Health information which many would consider “reproductive health data” is woven throughout a patient’s health record; there’s no one spot for it in an EHR. This makes it nearly impossible to pull out and/or segment.
  3. Decisions on how to redact this sensitive information must be decided on a state-by-state or even facility-by-facility basis.

Concerns about prior authorization changes should be raised.

Streamlining prior authorizations sounds like a fantastic idea on the surface, but…

  1. Real issues arise when one considers the APIs involved in the process. Without a full understanding of how information garnered through an API will be used, a patient may grant access to their health information being sold or used in marketing efforts.
  2. APIs add another layer of access to data that could be compromised, especially if that API is not governed by HIPAA.
  3. To add to the issue, the FTC, who is supposed to have governance in this arena, has never been granted full authority to enforce penalties.

In summary, while we’ve made real strides toward interoperability and responsible patient data sharing, there’s still work to be done. I, for one, am excited to see what’s next and how this can become second nature in the healthcare industry.

Newsletter Sign-Up

Recent Posts

Using Automation to Improve Payer Collaboration: On Air Insights

Using Automation to Improve Payer Collaboration: On Air Insights

Managing laborious payer processes is one of the most cumbersome operational challenges for hospitals and health systems. From initial claim submission to filling additional documentation requests, and responding to payer audits or denials, healthcare provider...

ACOs prepare for eCQM quality reporting

ACOs prepare for eCQM quality reporting

A New Frontier: ACOs and the Shift to Electronic Clinical Quality Measures Healthcare quality reporting is evolving, and accountable care organizations (ACOs) are at the forefront of this change. In 2025, ACOs will be required to shift from traditional quality...

Hospitals & Health Systems

Release Exchange

Payer Exchange
Audit Manager
Institutional Audit Manager

Professional Audit Manager

Ambulatory and Physicians

Release Exchange

Audit Manager

MIPS Reporting

Clinical Forms Exchange

Accountable Care Organizations (ACO) Capabilities

Medical Specialty Societies & Registry Capabilities

Health Plan Capabilities