Free The Data: APIs Boost Health Information Exchange

New models promise to make sharing health information almost as simple as shopping on Amazon.

My last two articles had a common theme: freeing the data. We first looked at new approaches for patients and for providers. Of course, no matter how innovative the personal health records (PHRs) or electronic health records (EHRs) become, given the highly fragmented and specialized US healthcare system they still need to exchange data in a secure way that preserves privacy and trust. That is the goal of health information exchange (HIE).

HIE has been around for decades. Back in the mid-1970s, I tried (unsuccessfully) to create one in a rural county in South Carolina. From then until now, there have been nagging problems around the inherent lack of interoperability in commercial health IT systems; the lack of business incentives to share data; and the mismatch between the cost of HIT and its perceived (or real) financial benefits and to whom they accrue. We'll focus here on how interoperability might be achieved at an affordable cost.

The key HIE technical challenges are easily understood. Parts of a patient's clinical data will often be stored in many EHRs. For a patient with four, five, or more chronic diseases (these drive half of all Medicare costs) research shows that this will typically exceed 10 EHR implementations from multiple vendors! A conscientious provider seeing such a patient would want a comprehensive view of all of this care in order to save time collecting information that already exists, avoid duplicating tests and procedures that have already been done, and prevent mistakes from lack of information.

[Are patient record hacks inevitable? Read Healthcare Data Breaches To Surge In 2014.] 

These are worthy and important goals that, in practice, are very hard to achieve in the real world of healthcare, outside of an integrated delivery system such as Kaiser or the Veterans Administration. Outside of a closed healthcare network, how can a provider's EHR know where the various parts of a patient's record are located? Even if it does, how can it sufficiently identify the patient such that the partial records are combined into one complete and correct record? Since there is little consistency in the way EHR products represent clinical data, how can a "Tower of Babel" be avoided?

Historically, there have been two attempted solutions: 1) store everything centrally and, in essence, create a community record, or 2) keep the data at the source but build central indexes to patients and their medical documents and provide some kind of translation service to bridge differences in the way clinical data is represented across EHRs. This is the so-called hybrid exchange.

Both of these are commercially available technologies. There are good examples of both in operation, but they are expensive to build and operate. Combined with the problem of fragmented and difficult-to-realize benefits across the HIE stakeholders, per-member costs have often exceeded per-member benefits. Thus achieving financial sustainability, in the absence of government or philanthropic subsidy, has proven too challenging. Many community and regional HIE initiatives have been scaled back or abandoned.

As a result, starting a few years ago a third approach began to gain traction. It's called the Internet! Actually, the proper term is federated exchange. Leave each patient's data where it is and use lighter-weight technologies to support exchange. The Novo Grid was an early commercial effort that involved servers at each location running an "intelligent agent" that understood the data flows and formats of its associated data source. More recently, ONC has introduced and supported Direct (as opposed to centralized) HIE. Direct is based on exchanging reasonably standardized patient documents (usually in the HL7 CCDA format) as encrypted attachments to secure emails. The benefits are obvious: simplicity and very low cost. For now, I'll skip discussing the complexities, such as the role of the Health Information Service Provider (HISP) that controls a Direct network, and managing trust among multiple HISPs.

More recently there is Fast Healthcare Interoperability Resources (FHIR), which is essentially based on the idea that healthcare information can be exchanged the same way that other information is shared on the Internet. If you've used Amazon to look for goods to purchase, you might have noticed that, up there in the URL, text appears when you click the search button that specifies what you want. Although it might be a bit cryptic, even a non-technical person can usually figure out most of what it says.

What's really going on here? You're at your computer (which, of course, these days might be a mobile device such as a smartphone), and the information you want is securely stored in, for example, Amazon's cloud. You specify what you want, and your browser creates a query and sends it to the cloud, where it might be routed to any one of thousands of Amazon servers that will interpret it, query a database, and return the information you requested. This ability to route requests to any server in the cloud that is available is another key technical property that lowers costs and is exploited in FHIR.

As with Direct, there is more to the story than I've described (technically inclined readers should read the FHIR Summary, which is also available as a two-page PDF). But this should suffice to give you the basic idea of what is increasingly termed "API-based HIE."

Direct leverages email, and FHIR proposes to use web standards to make sharing health information almost as simple as using Amazon. Both are simple and virtually free. Could this be the future of HIE? It's too early to be sure, but I wouldn't bet against it!

Mark Braunstein is a professor in the College of Computing at Georgia Institute of Technology, where he teaches a graduate seminar and the first MOOC devoted to health informatics. Mark has been involved in health IT since the early 1970's when he developed one of the first ambulatory electronic medical record systems at a pioneering patient-centered clinic at the Medical University of SC. After many years in the commercial sector, he joined Georgia Tech in 2007. He is the author of Health Informatics in the Cloud, a brief non-technical guide to the field. His new text, An Introduction to Contemporary Health Informatics, will be published in early 2014.

Though the online exchange of medical records is central to the government's Meaningful Use program, the effort to make such transactions routine has just begun. Also in the Barriers to Health Information Exchange issue of InformationWeek Healthcare: why cloud startups favor Direct Protocol as a simpler alternative to centralized HIEs. (Free registration required.)