The Health Information Technology Advisory Committee on Wednesday unanimously approved its second annual report to Congress on the state of health IT landscape, recommending fixes to improve the electronic access, exchange and use of medical information.
Though last year saw some "considerable" advancements in health IT toward this goal, a thicket of challenges remain — key among them lack of oversight from the federal government clarifying the protection and use of sensitive medical data, according to the report.
HITAC member comments on the initial draft ran 28 pages, though no additional critiques or suggestions were aired at Wednesday's meeting before its approval.
Also at the meeting, the head of the Office of the National Coordinator for Health IT, Don Rucker, teased that ONC's part of twin HHS rules to promote interoperability will be "coming out relatively soon." The final rules have been held up in Office of Management and Budget review amid a roiling public discussion on privacy and security of medical information versus patient access to their own data.
Wisconsin-based EHR giant Epic, which has a business model that could be threatened by the rules, has lobbied fiercely against them, along with some privacy advocates and providers concerned about administrative burden. They've stacked up against pro-regulation consumer advocates and tech groups, including Apple and Google, that could potentially capitalize on the torrent of medical data the rules will unleash.
ONC's rule would enact stipulations in the 21st Century Cures Act punishing information blocking and promoting standardized application programming interfaces. Along with releasing the proposed rule in 2019, the agency also published the second draft of the Trusted Exchange Framework and Common Agreement, a quasi on-ramp to nationwide connectivity, and selected health IT exchange nonprofit The Sequoia Project to oversee TEFCA's implementation in September.
But myriad barriers to interoperability still exist, according to the two-year-old HITAC, like a lack of price transparency and siloed data between software systems and external devices. The threat to patient privacy is real — especially as the volume of data not stored under HIPAA protections grows as consumers begin to manage their own medical information. Technology that can re-identify de-identified data, conflicting federal and state privacy laws and weak security heighten the vulnerability of patient data.
The federal government can address some of these challenges in the next year or two by expanding oversight in a few crucial areas, according to the report. For example, to bolster interoperability, ONC can utilize technology to work on improving matching patients to their correct medical record, develop standards to collect social determinants of health data and put a framework in place for using medical data for research.
To fortify privacy protections in the short-term, the government can educate consumers about how their information could be used by businesses not under HIPAA and make sure they give clear and informed consent to those uses. HITAC also thinks the federal government should work to improve the user-friendliness of patient portals and track API deployment to expand patient agency over their own data.
Emerging issues HITAC expects to become front-and-center in the next few years include integrating data from the Internet of Things, prescription of digital apps, linking genetic data to social behavior, machine learning and artificial intelligence applications in healthcare and sharing diagnostic imaging.
The 69-page report will head to Rucker's desk for his stamp of approval before being forwarded on to Congress and HHS Secretary Alex Azar.