A new "interoperability pledge" that has been taken by dozens of large vendors of electronic health records systems and healthcare organizations will help advance secure health data exchange, as well as help patients securely share their own health information, says Lucia Savage, chief privacy officer of the Office of the National Coordinator for Health IT.
The interoperability pledge was announced by Department of Health and Human Services Secretary Sylvia Mathews Burwell during the opening keynote Feb. 29 at the HIMSS 2016 Conference in Las Vegas.
Those taking the pledge to help facilitate secure health data sharing, in part through implementing standards-based application programming interfaces, as well as supporting security and privacy best practices, include Epic, AthenaHealth, Cerner and several other software companies; healthcare organizations, including Kaiser Permanente, Partners Healthcare and Intermountain Healthcare; and associations, including the College of Healthcare Information Management Executives and the Healthcare Information and Management Systems Society.
Let Patients Manage Data Flow
"The APIs and apps meet the patients on their handheld devices, where they are authenticating themselves, and let [the patients] manage the data where they want it to go," Savage explains in an interview with Information Security Media Group at HIMSS 2016. "We want the apps to bring that right [of patients managing their health information] to life."
Software supporting standardized APIs would help allow a patient, for instance, to securely send health information to a healthcare provider for a second opinion, or "anywhere else where [the patient] wants the data to go," she explains.
In addition, the APIs and apps supporting the standards would better enable doctors and healthcare providers to securely exchange electronic patient information with each other, "so that they're not mailing CDs back and forth, getting these incredible data dumps where they can't process the data," she says.
The effort is also "a very important tool in the information unblocking toolkit," she says, referring to HHS' ongoing campaign to discourage health IT vendors and healthcare providers from inappropriately blocking the secure exchange of health data.
In the interview (see link to audio below photo), Savage also discusses:
- HHS' recent notice of proposed rulemaking for enhancing oversight and accountability of ONC's Health IT Certification Program;
- Work by ONC to support the Obama administration's Precision Medicine Initiative, "Moonshot to End Cancer," and other efforts involving big data;
- An update on other privacy and security initiatives underway at ONC.
Savage was appointed ONC's chief privacy officer in October 2014. Before joining ONC, Savage was senior associate general counsel at United Healthcare, where she supervised a team that represents the insurer in its work in large data transactions related to health information exchanges, healthcare transparency projects and other data-driven healthcare innovation projects. Previously, Savage was general counsel at the Pacific Business Group on Health and compliance manager at Stanford University.