To the cloud generation of healthcare technologists, state-based health information exchanges look like a throwback.
The federal government has encouraged the creation of these state and regional data exchanges as part of the evolution toward an infrastructure that allows secure sharing of patient data among healthcare providers. These HIEs are supposed to connect to providers and to other exchanges -- though there's a good argument to be made that HIEs are failing to provide that connectivity.
The Direct Project is one alternative promoted by the Office of the National Coordinator for Health IT. The idea is to enable secure email between known, trusted participants, each of which has a special email address only available to healthcare providers. Email sent this way can include free-form messages but also patient data in XML --- structured data that an electronic health records system on the receiving end can parse and import.
As our cover story notes, the drawback to Direct is that it's push rather than pull. There's no centralized repository or index to query -- something HIEs are at least working toward. Direct is more of a replacement for faxing records, though at least they're machine readable.
When I spoke recently with the CEOs of four cloud-based healthcare IT firms, they greeted state HIEs with unanimous skepticism, seeing them as a bureaucracy rather than a workable architecture. Here are their quick takes:
Practice Fusion CEO Ryan Howard: Howard points out that EHRs seeking Meaningful Use Stage 2 certification have to be able to demonstrate support for sending and receiving messages over the Direct Protocol, which means they have to demonstrate basic interoperability. "That eliminates a lot of the need for an exchange," he says.
Athenahealth CEO Jonathan Bush: "Health information exchange should be a verb and not a noun. Exchange activity will iterate dramatically over time," Bush says, and he is skeptical that the right structure can be dictated by "some federally sponsored entity." Athenahealth does participate in HIEs anyway because the company wants to be easy to do business with no matter what model wins out.
CareCloud CEO Albert Santalo: "What I am a proponent of is that it should be a national infrastructure," Santalo says. "I don't think it makes any sense for every state to be building something." The Direct approach is "a little better" than navigating the maze of HIEs, but it's "just email," he says.
Girish Navani, CEO of eClinicalWorks: The HIE centralized approach makes it too easy to spend time and money trying to build a perfectly secure system. Meanwhile, nothing happens. "The Direct Project is one practical way of sharing data because it's peer-to-peer," simplifying the security challenge, Navani says. But he thinks the better alternative will be for patients to provide access to their own data -- using a phone or a QR code to unlock a health record in the cloud, much as they access their money with an ATM card.
One way or the other, health information exchange cries out for simplification.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.