Health IT

4 things we learned from the annual ONC report on health IT

Thanksgiving is Thursday, which, for those of us in the publishing business, means it is a slow news week. So we amuse ourselves reading things like health IT reports from the federal government.


Thanksgiving is Thursday here in the U.S., which, for those of us in the publishing business, means it is a slow news week. So we amuse ourselves reading things like health IT reports from the federal government.

The Office of the National Coordinator for Health Information Technology this week released its annual report on health IT to Congress, as required by the 2009 HITECH Act. That’s the law that ushered in Meaningful Use in 2011.

Sponsored Post

Physician Targeting Using Real-time Data: How PurpleLab’s Alerts Can Help

By leveraging real-time data that offers unprecedented insights into physician behavior and patient outcomes, companies can gain a competitive advantage with prescribers. PurpleLab®, a healthcare analytics platform with one of the largest medical and pharmaceutical claims databases in the United States, recently announced the launch of Alerts which translates complex information into actionable insights, empowering companies to identify the right physicians to target, determine the most effective marketing strategies and ultimately improve patient care.

There’s a lot of usual language in the report, talking about all the health IT programs and initiatives and standards ONC has launched or endorsed in the last 12 months, plus, of course, some interesting data. Here are four interesting things we learned from reading the document:

1. Electronic health records are not only ubiquitous in hospitals now, they’re the norm in physician practices. In 2015, 96 percent of U.S. hospitals and 78 percent of doctor’s offices had EHRs certified to Meaningful Use standards. That compares to the anemic pre-MU numbers of 9 percent for hospitals and 17 percent for practices in 2008.

2. Numbers sometimes can be deceptive. Even as pretty much every practitioner in the country has a gripe with EHRs and even as many health IT vendors alternatively admit they’ve been lagging in interoperability, attempt to defend their records or make weak, symbolic gestures, ONC paints a rosy picture.

According to the report, the number of nonfederal acute care hospitals exchanging electronic data with other healthcare providers doubled between 2008 and 2015, to 82 percent. These transfers include laboratory results, radiology reports, clinical summaries or medication lists.

“Moreover, of the hospitals that electronically send, receive, find and integrate information, approximately nine out of 10 report that they routinely had clinical information needed from outside sources or healthcare providers available at the point of care, which is about double the national average,” ONC said.

3. Patients have better electronic access to their health records than ever before. In 2015, 95 percent of nonfederal hospitals allowed patients to view their health data online, up from 25 percent just three years earlier. The gains were even sharper for the ability for patients to download copies of their records — 14 percent to 87 percent — and for electronic transmission of records to patients — 12 percent to 71 percent — over the same time frame.

In all three categories, the biggest gains came in 2014, the year Meaningful Use Stage 2 began. That stage requires hospitals to offer view/download/transmit capabilities, though the Centers for Medicare and Medicaid Services reduced this “engagement” threshold to one single patient last year, setting off a firestorm among certain activist patients.

Even now providers aren’t always forthcoming with the fact that they offer such features. ONC did acknowledge that later in the health IT report, noting that the office worked with the HHS Office for Civil Rights to reinforce patient rights under HIPAA.

4. With HIPAA now 20 years old, many of the privacy standards — written around the turn of the millennium, put into effect in 2002 and updated in 2013 — are outdated. Of course, ONC is touting its efforts to modernize privacy and security practices. Some highlights:

In July 2016, ONC transmitted a required report to Congress, Examining Oversight of the Privacy & Security of Health Data Collected by Entities Not Regulated by Health Insurance Portability and Accountability Act of 1996 (HIPAA), to raise awareness and spur stakeholder engagement on these issues. The report, reflecting on the rapidly changing mobile health environment, describes how the different entities that maintain and store identifiable health information are regulated with respect to maintaining privacy and security; identifies potential gaps in privacy and security protections for health information where HIPAA does not apply; and notes the need to fill those gaps to protect individuals and create a level and predictable privacy and security environment to foster innovation….

In February 2016, ONC published a Federal Register Notice to solicit feedback on updating the voluntary Model Privacy Notice (MPN). The MPN, developed in 2011 by ONC in consultation with the Federal Trade Commission (FTC) and the HHS Office for Civil Rights (OCR), is a voluntary, openly available resource that allows developers to clearly convey information about privacy and security practices to their users. The MPN provides a standardized, easy-to-use framework for developers to follow….

Recognizing the importance for developers of mobile health apps to consider the legal implications early on in the design stage, ONC, the FTC, the Food and Drug Administration (FDA), and OCR collaborated to create a new web-based resource, the Mobile Health Apps Interactive Tool. This tool helps guide developers through a series of questions about the nature of their app, including its function, the information it collects, and the services it provides to its users. The tool then helps developers find information about applicable regulations.

Image: Office of the National Coordinator for Health IT