Meaningful Use Stage 2 includes the requirement that health care providers with EHRs seeking Meaningful Use incentive dollars demonstrate that 5% of patients actually view, download or transmit their data.
The HIPAA/HITECH Omnibus Rule, which is now fully in effect (though the enforcers of the rules are “nonessential” and not on the job during the current government shutdown), empowers patients to request their health care providers to deliver their records electronically in a format of the patient’s choosing (so long as that is reasonably doable by the provider).
Taken together, these two regulatory levers hold promise for better patient access to records, and to the usability of those records for individual patient care and for broader research purposes, too.
As we lumber down this road, I would like to bring to your attention a presentation I gave a couple weeks ago at the StrataRx Big Data in Healthcare conference, promoting the idea of the “rainbow button.” Here are a couple of links: my rainbow button presentation and livetweets; some follow-up press coverage on CIO.com that captures some of what I said.
The central idea I presented is that instead of analyzing de-identified PHI in order to answer research questions and/or improve health care (which is what happens now when research is done with data from EHRs), we could be analyzing patient-donated data, provided without de-identification if that’s what patients want (and many do, e.g., folks with rare diseases who want to help). That’s what we mean by “green button” – hat tip to Mark Scrimshire and Susannah Fox – a riff on the “blue button” of health record downloads first enabled on the VA EHR system) or with some patient-selected restrictions (hence the term “rainbow button”).
Bypassing the whole HIPAA regulatory superstructure makes data sharing easier in the long run. While this approach requires individual patients to opt in (making it harder in the short run — unless health information exchanges or their health care provider or payor users make it painless for patients to opt in to sharing), it could be made easier by a data aggregator that logs and respects patient wishes regarding sharing.
Here’s what could be gained (for example; please chime in with other thoughts on what may be gained):
- No worrying about whether PHI is included; whatever the patient releases is what may be used
- No ban on patient remuneration for data. While I personally do not believe that an individual record has significant monetary value (the value is in the aggregation and analysis), others feel otherwise, and HIPAA/HITECH limits payment for PHI to actual reasonable costs of collection and sharing
To the first point: De-identification of PHI by definition makes it less complete and therefore potentially less useful for research purposes — including, e.g., developing evidence-based treatment protocols that are personalized based on key differentiating factors among patients. For patients with rare diseases, limiting analysis to cell sizes greater than ten records as required under de-identification standards may make the exercise a fruitless endeavor. Allowing patients to donate data gets around this issue. The risk of re-identification may be very, very small for records de-identified under the “safe harbor” method of stripping out the eighteen categories of key identifiers, but that risk stands in the way of the development of more useful information. (Check out this nifty visual tool showing the risk of re-identification after stripping out certain identifiers.)
To the second point: A marketplace for patient-sourced data may not exist yet, and the question is whether there is value in an individual patient record. My feeling is that there is not, though reasonable minds may differ, and in fact even if it does not exist now, that market may develop over time. Health care providers may balk at the effort required to produce patient records if, suddenly, all patients actually started to request copies electronically (and some folks have called for a mass records request as a way to send a message to health care providers that patients are a force to be reckoned with, that lip service to patient-centeredness is insufficient …).
What do you think? More specifically:
- What are other benefits of this sort of patient-centered sharing?
- What are the platforms that could be used by patients to download, store and share their data? One startup in this space is Personiform (aka Project Medyear). What other options are out there?
- What are the keys to developing a persistent platform?
David Harlow is a health care lawyer and consultant at The Harlow Group LLC, and chairs the Society for Participatory Medicine’s public policy committee. Check out his home blog, HealthBlawg. You should follow him on Twitter: @healthblawg.
One important factor of having a system for patient data entry/opt-in is the possibility of only gathering pieces of required information. For example, if a patient listed having headaches for several months leading up to a medical event–but doesn’t recall that as being part of the experienced symptoms during the time of the medical emergency–then they opt-in to this new program and disclose the information of medical emergency. Wouldn’t the data be incomplete, thus not useful to doctors trying to look for extra symptoms of a particular diagnosis?
Maybe I am missing something, but no matter how helpful data is, incomplete data can be more of a setback than a problem solver.
Developing a platform for a complex system like this would be a daunting task, but it would need consistency, flexibility, translation, and limited-downtime.
Consistency: to keep things as close to uniform as possible and make translation easier.
Flexibility: could apply to many things, but possibly a flexible way to input data (not just from a kiosk at a doctor’s office).
Translation: statements would need to either be personally moderated or automatically put into medical terminology by a smart program. Moderation is still more likely to lead to successful implementation and persistence.
Limited downtime: obviously in place to provide reliable access to the data entry system and ease of data entry could be included here (unlike the problematic AFA online forms).
I’m no expert in this field, but this is my brief and general outline.
Thanks for the mention, Dave, and thank you for prompting a great discussion. We at Personiform believe there are two schools of thought here:
The more conventional, population-centric view is that there is limited value in the individual patient record (n of 1) because you need a large enough sample size to get statistical relevance. So the premise here is to aggregate enough people to get statistical power. If the opt-in system is open and flexible enough you can get the adoption required for this.
The other, perhaps contrarian but emerging view, is that the only thing that matters is the n of 1, that is, every personal is wholly unique. Much of what matters in my health has to do with the decisions I made in my life, the unique content of my genome, etc. In this view, the data aggregation is WITHIN a person, rather than across a population. I would thus aggregate all of the available health data on me – my genome, microbiome, virome, etc. The thought here is to provide highly-personalized medicine and care.
Time will tell, but generally I think the more data is being contributed whether broadly or deeply, the more insight we can derive for the benefit of better healthcare.