Interoperability is one of healthcare's biggest dilemmas, with providers trapped between growing needs for expanded use of health data and a host of compliance, legal and regulatory constraints.
During Becker's Hospital Review 7th Annual Health IT + Digital Health + RCM Annual Meeting, in a session sponsored by Ensemble Health Partners, Jim Gaffney, chief strategy officer for Ensemble Health Partners, led a roundtable discussion exploring how healthcare organizations can make their data secure, interoperable and beneficial from multiple perspectives, such as health equity and revenue growth. Panelists were:
- Deepesh Chandra, chief analytics officer, Bon Secours Mercy Health
- Lenel James, HL7 International board member; business lead, health information exchange & innovation, Blue Cross Blue Shield Association
- Billy Parrish, chief product officer, Ensemble Health Partners
- Nancy Phillips, chief information security officer and senior vice president, IT, Ensemble Health Partners
Three insights from the session were:
1.) Health data interoperability is more of an aspiration than a reality. Interoperability refers to the capability for healthcare data to be shared electronically and without special effort among providers and with patients. Until recently, interoperability stakeholders typically included healthcare organizations, pharmacies, labs and health plans, but now community-based and social services agencies are joining as key partners to help address health disparities.
Despite broad awareness of the benefits of interoperability, barriers to operationalizing it remain. Interoperability standards are poorly leveraged, the unprocessed data is not regularly cleaned and labeled (Mr. Parrish described some data repositories as "data dumpsters") and organizations often struggle with data velocity and veracity — two of the four key components that define Big Data (the other two being volume and variety).
There is also the question of data ownership: "Is it the patients' data? The providers' data? Or the payers' data? From my perspective, it comes down to the business problems you're trying to solve," Mr. Parrish said. Mr. James added that HIPAA needs to be updated, as it is causing health plans' legal departments to block providers from referring vulnerable patients to community-based food banks, which are not considered HIPAA entities.
2.) The desire for unfettered data exchange must be balanced with cybersecurity concerns. With cyberattacks making frequent headlines, cybersecurity concerns are an obstacle to interoperability. However, organizations should not use cybersecurity as a deterrent to adopting interoperability. To strike the right balance, organizations can:
- Bring cybersecurity managers to the table early on, so they understand the issues and enable the utilization of interoperable data.
- Define the purpose of using different types of data, so that data handoffs are known from a security perspective and the data journey is traceable from beginning to end.
- Ensure the data is correctly labeled and classified, so that cybersecurity issues can get addressed efficiently, based on data tags alone.
"If I know where the data is, what that data is, what that data is supposed to do and who's supposed to see it when, then I can put the [cybersecurity] controls in place quickly and effectively and am able to pivot," Ms. Phillips said.
3.) To tap into data's full benefits, providers must redefine standard operating procedures. Beyond interoperability, healthcare data can be leveraged for multiple purposes such as advancing digital transformation, value-based care, business development and M&A objectives. To do that, organizations need to revisit and increase the flexibility of their standard operating procedures (SOPs), which often limit the use of data to very narrow scenarios.
Mr. Chandra said Bon Secours Mercy Health has an initiative to forge closer collaboration among its cybersecurity, compliance and legal teams to reframe the health system's SOPs that govern the use of data. "First is to make the data available to different parts of the organization," he said. "Second is how do we [use data] to service things that we have not been servicing in the past. And third is how do we go into the broader healthcare economy to exchange data with other providers, payers, data monetization or aggregation companies and even life sciences companies."