ONC's DeSalvo on Patient IDs and HIEs

Calls Patient Matching Critical to Secure, Safe National HIE
ONC's DeSalvo on Patient IDs and HIEs
Karen DeSalvo

Health information exchange on a national level is attainable within the next three years, but matching patients to all the right records is a critical data security, privacy and patient safety concern that must first be addressed, says Karen DeSalvo, M.D., the new national coordinator for health IT.

See Also: OnDemand | Driving Security, Privacy, & Compliance Goals by Accelerating HITRUST Certification

"A technology challenge [for health information exchange] is patient matching ... making sure data flows in a smart way," DeSalvo said during a keynote presentation on Feb. 27 at the 2014 HIMSS Conference.

"There's a need to sort out where data is coming from, and where it's moving," DeSalvo added during a press briefing following her keynote. "As doctors integrate data, patient matching is very important." The issue of ensuring that all the correct data from multiple sources about the correct patient reaches the right clinician at the right time "is about safety as much as it is security," she added.

The Office of the National Coordinator for Health IT has been focusing heavily on patient ID matching in recent months, including launching a collaborative initiative last fall (see Patient Data Matching: Best Practices).

DeSalvo acknowledged that besides patient ID matching, HIEs face other challenges, including developing a sustainable business model as federal subsidies end. But she remains optimistic about achieving secure national health data exchange, in part, because there have been "lots of regional success, and we need to connect those nodes." Another key to successful nationwide exchange is interoperability among EHR systems, another big focus for ONC, she said.

Patient engagement is also a major theme for ONC, she noted, including capturing health information that patients contribute to their electronic medical records.

ONC sets standards and policies for the HITECH Act's financial incentive program for electronic health records.

To date, the program has paid out close to $21 billion in incentive payments to eligible hospitals and physicians, Marilyn Tavenner, administrator of the Centers for Medicare and Medicaid Services, said in her HIMSS keynote presentation.

Stage 2 Exemptions

Acknowledging the concerns of many healthcare organizations that they won't be ready to meet deadlines for achieving Stage 2 criteria for the HITECH Act incentive program, Tavenner announced that CMS will be "flexible" in granting providers "hardship exemptions on a case-by-case basis." Stage 2 of the HITECH Act program started on Oct. 1, 2013, for hospitals, and on Jan. 1, 2014, for eligible professionals.

Last December, federal regulators announced they were extending Stage 2 of the HITECH Act EHR incentive program one year, giving healthcare providers and EHR software vendors more time to comply with requirements that include a variety of privacy and security provisions.

Under the revised timeline, Stage 2 will be extended through 2016 and Stage 3 will begin in 2017 for those providers that have completed at least two years in Stage 2.

Among possible reasons that healthcare providers might not be able to meet Stage 2 requirements is "vendors not being ready with their Stage 2 technology," she says. The exemptions to deadlines will be granted in situations where "despite their best efforts, for reasons beyond their control, [providers] can't meet meaningful use Stage 2."

CMS will soon be issuing guidance for healthcare providers on how to seek a hardship exemption, a CMS spokeswoman said.

In a statement, the College of Healthcare Information Management Executives, which represents CIOs, says it "welcomes CMS' announcement acknowledging the need to provide relief for our nation's providers. Such relief is vitally important for the future success of Meaningful Use, as ICD-10 deadlines and continued shifts in payment policies demand an ever-increasing amount of IT and workforce resources."


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.