At the recent Healthcare Information and Management Systems Society (HIMSS) 2022 conference in Orlando, Florida, 4Medica CEO Gregg Church provided his insight into the 21st Century Cures Act, health information networks (HINs) and qualified health information networks (QHINs), Commercial EHR impact, health information exchange (HIE) viability, and data privacy. Below is a synopsis excerpt from a conversation with Church.
4Medica was founded in 1998 to better allow physicians to connect to laboratories and hospitals. After the Affordable Care Act was implemented, electronic medical records (EMRs) grew in importance and large data sets began to grow. Data quality started to become a real challenge for larger healthcare institutions. Church began to question how you can help a hospital connected to 100 different EHRs manage demographic and clinical data. 4Medica then built their own engine, as Church said, “We looked at IBM and others at the time and said, great engines but they don’t really operate in a real time data stream. So we ended up working off of some of the big data technologies similar to Google, using search engine logic and realized, hey, we’re solving this business problem for us, who else needs it?”
4Medica’s scanning engines are based on inverse index technology, allowing it to handle high volumes of data and transactions as well as cater to robust scoring logic algorithms. As the 4Medica scanning engines are declaring a match with high certainty, the system is also paying attention to what the humans are doing. Therefore, after a while, if there is a potential match and the data steward looks at it saying, “I don’t think that’s quite right,” the machine will learn to review it as the humans do. Over time, the electronic system will be able to replicate that so the next time a similar use case comes up, involving similar variables, the system will recognize the match using the newly learned method. As time goes on and more repetition is acknowledged, the 4Medica capabilities become more precise and predictive.
The machine also incorporates referential matching, which compares to an external database like TransUnion or Thomson. If the system gets a match, we say, we know who person is without a doubt, and ask, what’s missing on that person’s record that we can curate back into that record and make it richer or more complete? They can not only clean the data but improve its richness by filling in the missing pieces. The system works, we always achieve close to 100% reliability. Then, the next time that same person comes in from a different source, even if the data is out of sync, the system will still match you correctly. Because we know about that record, we can normalize, enrich, and match the data. This means that the more data we get, the more data we pull in, the higher probability we’re going to make the match. They can create a longitudinal view from different sources, so the ultimate result is clean and complete patient data, mapped over time, that the patient can access and control.
21st Century Cures Act
Everyone knows they have to participate and provide real time interoperability and data sharing, no more data blocking, but the standards are not there yet. Everyone who handles or creates medical data will be required to do more. While you’ve got Mickey Tripathi and ONC setting new requirements and standards, it’s not enough and we really need to mandate a better way of registering patients. There needs to be policies in place that say, with certainty, you must do it “this way.” Everyone needs to be required to follow and conform to more encompassing data standards. As the EHR revolution unfolds, the amount of data parties like EHRs, health systems, payers, and labs will be required to share is growing which means that data challenges will only grow. They’ve got to be behind more standardization, clinical as well as demographic. While they have started doing basic things like address normalization, if you’re looking at how claims are administered, there’s so many different values that have to be addressed. The Cures ACT needs to go farther as regards data standardization, we’d all like to see more definition coming out of the ONC.
HIEs, HINs, and QHINs
A HIN is a network of health data participants where there’s at least some governance around how they standardize and bring in and share the data. So, they become much more of the authority within their own domain. But they’re building policies based on, and limited to, their own network or their own HIN. Within a HIN there’s some governance around how they standardize bringing in the data. A HIN can move up a level and conform to the government’s Trusted Exchange Framework (TEFCA), thereby becoming a QHIN.
The future utility of the HIE concept is less than certain. They’re fighting for survival. The traditional role of the HIE is essentially being redistributed to other data entities via the 21st Century Cures Act. If you talk to a group that’s forming a QHIN, they’ll say the HIE will have no future value because the QHIN basically replaces the function of the HIE. You talk to an HIE, they think they can still add value to their state and provide actionable value as the aggregators from a gateway perspective. The Cures Act essentially re-assigns the former HIE role to the QHINs and HINs. The ONC North Star Architecture envisions the ONC itself becoming a large federalized HIE, far more powerful that the imperfect and spotty state-by-state HIE construct we see today.
In terms of private sector HINs, Epic and Cerner are both (separately) in the process of cobbling together their own HINs, walled gardens of health data, essentially. By establishing their own governance and standards between their many Epic or Cerner customers, and improved sharing between Epic or Cerner customers, the private sector HINs emerge. The problem there is, how well does the data share and interoperate between the Epic HIN and the Cerner HIN and between other HINs and between the private sector HINs and the federally regulated QHINs and the many HIEs and the ONC North Star Architecture? The long-term future value of private sector HINs is also an open question. Much of the answer to that latter question rests on the eventual implementation of the Cures Act.
Privacy
Privacy is always a major concern. While the ONC is moving decisively toward greater sharing and fewer limitations on sharing, this will ultimately result in erosion of personal privacy. Patients and caregivers have to realistically concede that we already live in a world in which everyone knows everything about you. Google already knows everything about you. Apple knows everything about you. All the search engines are tracking everything that you do, credit bureaus know how credit worthy you are, they know your financials, they know what you’re buying.
Healthcare data is the last piece to get tracked. We’ve always been concerned about who gets to see your data, and who can sell your data. It’s not only selling your demographics, you know, your first name, last name, home address, mailing address, but now you’ve got social determinants, health issues, you got mental health issues, you got your medical issues. Does that all become available for commercial interests to acquire, to profile you further?
That’s the concern, with these new requirements to share personal health data between participants within the healthcare system, who now really will have access to that data? When a patient gives permission or consent to share data, how far does that permission extend? Once the patient shares data with a physician, but that physician is affiliated with a health system, and the health system is part of HIN and the HIN is sharing data widely with other HINs, QHINs, HIEs and the Federal government.
So, when a patient gives consent to share, how far does that consent go? How does a patient ever realistically recall data after it’s instantaneously distributed between potentially a vast number of participants, including the ONC itself? The ONC wants that data, in its richest permissible form, for public health purposes. How does this potentially empower questionable or nefarious actors who stand to gain from improved sharing and access to all that data? That one patient’s consent to share personal health data could travel a long, long, long way. More is needed from the ONC on this topic.