The efforts of the 21st Century Cures Act are gradually making the vision of health care data exchange possible. As part of our LexisNexis® Clinical Linking to Improve Care Quality (CLICQ) platform development, we have been actively connecting to Patient Access APIs to facilitate data exchange. Based on our experience, we have released a report that dives into how ready payers are to exchange data. As we worked through the processes for each API, we found varying interpretations about how to facilitate consumer-drive data exchange.
Everyone agrees that interoperability is a journey and will take more time. However, during our efforts, we saw health plans stop short of congress’ mandate that APIs be usable “without special effort” and wondered why.
In a recent study, we found that health plans expressed serious concerns about meeting certain requirements of interoperability. The top concern was protecting member privacy and security standards. The second most prevalent concern was ingesting data from disparate sources and third was adhering to information blocking and public reporting mandates. Other experts agree with our findings.
Of all the stated concerns, privacy and security stands out with current conversations and action, seeming to be the primary drive of this unanticipated friction. The AHIP Board of Directors has been active in the conversation of data availability and security by outlining priorities and a roadmap for consumer health information.
One concern shown by many “covered entities” is that this data is being received by third-party apps, which are not under the same HIPAA requirements as healthcare organizations. Having this new and novel flow of data through from systems with incredibly sensitive information raises concerns about breaches. This issue also leaves health plans trying to protect members with messaging about third-party app risks on their websites, which is less than ideal for plans and members.
Third-party apps have also gained the attention of the Confidentiality Coalition and the Workgroup for Electronic Data Interchange (WEDI). The organization sent a letter to HHS (Health and Human Services) and Department of Commerce secretaries including recommendations.
Another potential explanation for the difficultly associated with accessing these APIs, is that health plans are waiting to see how their peers interpret the Cures Act, complying with the letter of the law or the spirit of the law.
There have been many challenges to embracing interoperability in addition to privacy and security, but I think this is probably the issues that are most concerning to health plans. In the end, the availability of health plan data is a huge opportunity to improve member care and outcomes. For example, health plans can pull a member’s claims history at the point of new member enrollment to ensure appropriate engagement and allocation of care management resources. Additionally, digital health app developers can follow a patient’s journey through the health care ecosystem post-script to track efficacy and utilization. And that is just the start of potential use cases of this data being delivered to where it is needed.
As we get excited about the possibilities of a truly interoperable healthcare system, we must recognize that some details are still to be worked out. Because we believe LexisNexis® Risk Solutions can play a huge role is supporting that mission, we are tracking the progress. Read our report to learn details about current Patient Access API accessibility, what you can expect for developer support and how widely results vary.
