• Skip to main content

DistilGovHealth

DistilNFO GovHealth Advisory

  • Publications
    • Home
    • DistilINFO HealthPlan
    • DistilINFO HospitalIT
    • DistilINFO IT
    • DistilINFO Retail
    • DistilINFO POPHealth
    • DistilINFO Ageing
    • DistilINFO Life Sciences
    • DistilINFO GovHealth
    • DistilINFO EHS
    • DistilINFO HealthIndia
    • Subscribe
    • Submit Article
    • Advertise
    • Newsletters

AMA Asks Congress to Oversee Info Blocking, Interoperability Regulations

Share:

October 1, 2019

United States Capital building in Washington DC.

CHIME, MGMA, AMA, and other industry stakeholders are asking Congress to oversee implementation of HHS info blocking and interoperability regulations to address concerns, including privacy and security.

The American Medical Association, CHIME and five other industry groups are calling on Congress to oversee the implementation of the information blocking provision found in the 21st Century Cures Act to ensure patient privacy, safety, and data security as officials continue to drive interoperability initiatives.

Earlier this year, the Office of the National Coordinator, Department of Health and Human Services, and Centers for Medicare and Medicaid Services released several proposed rules to both drive interoperability and address information blocking.

As with any proposed rule, the industry has expressed support for the effort, as well as concerns around the speed of implementation, privacy risks, and the need for frameworks or standards to support the new model.

Want to publish your own articles on DistilINFO Publications?

Send us an email, we will get in touch with you.

Leaders from American Health Information Management Association, American Medical Informatics Association, Federation of American Hospitals, Medical Group Management Association, and Premier, joined AMA and CHIME in calling Congressional oversight to address some of these issues.

While the groups applauded Congressional effort to improve and support effective health IT, they expressed concern around several competing proposed HHS interoperability efforts that could “jeopardize important goals to foster a healthcare system that is interoperable, patient-engaged, and reduces burdens for those delivering care.”

“The administration owes it to patients, physicians, Congress and our nation to listen and act on these concerns,” Jesse Ehrenfeld, MD, chair of the AMA’s Board of Trustees, said in a statement. “We still have a chance to get these policies right.”

“It is possible to improve access to medical information while promoting privacy and transparency,” he added.

Specifically, the groups asked Congress to incorporate additional rulemaking prior to finalization, appropriate implementation timelines, and revise enforcement, which should prioritize education and corrective action plans over monetary penalties.

Privacy and security should also be enhanced prior to implementation. To the groups, as it stands, the current proposed information blocking rule does not sufficiently address the Cures Act directives to protect patient data privacy and ensure health IT security.

“It is imperative that the committee continue its oversight of privacy and security issues that fall outside of the HIPAA regulatory framework,” the groups explained.

Much like AMIA and others have shared before, the use open APIs to fuel interoperability poses risks to patient privacy and data. While APIs have the potential to improve patient and provider access to data, it also brings the sector into “uncharted territory” where patients leave HIPAA protections behind.

The groups support the use of these apps to access their own data, but concerns are increasing that the data shared with these apps will be commoditized by app developers or other third parties in ways patients don’t expect.

To combat this, the groups recommended that certified APIs include functions that strengthen the control patients have over their data, including privacy notices, transparency statements on whether the data will be sold or disclosed, and adherence to industry-recognized best practices.

“This basic level of transparency is critical to strengthening patients’ trust in an increasingly digital healthcare system,” the groups wrote.

What’s more, CEHRT data segmentation capabilities should be prioritize as more sensitive data is exchanged. This should include standards and functionalities that enable data segmentation, tagging and privacy labeling, which are crucial to ensuring patient data privacy as the industry shifts into a health information exchange trust framework.

Third-party apps vendors also pose a serious risk, as currently there are no security guidelines for vendors or providers when they onboard these apps into their systems. The groups argued that ONC will need to address the security concerns of APIs and apps, by coordinating with impacted stakeholders.

“For example, API technology suppliers should be required to conduct surveillance and mitigate threats and vulnerabilities that could be introduced to an information system to which the API could connect, the groups explained.”

“Additional requirements are needed to mitigate security concerns that arise with the on-boarding of third-party apps onto clinician and other providers’ systems,” they continued. “Failure to do so could introduce significant cybersecurity threats to our healthcare system. Multiple stakeholders, including HHS’ own cybersecurity advisory group, have raised these concerns.”

Lastly, as multiple agencies are tasked with the privacy and security of patient and consumer data, Congress will need to develop a holistic approach to address the access, exchange, and use of health information of third-party apps not governed by HIPAA, “including the sale and commoditization of data not intended by patients.”

“While we are pleased the Administration is working to operationalize several requirements in Cures that seek to improve information sharing and patient care through use of APIs, at the same time it is imperative that policies be put in place to prevent inappropriate disclosures to third-parties and resultant harm to patients,” the groups explained.

Date: October 03, 2019

Source: Healthit Security

Coffee with DistilINFO's Morning Updates...

Sign up for DistilINFO e-Newsletters.

Just a little bit more about you...
PROCEED
Choose Lists
BACK

Related Stories

  • Trump Administration Finalizes Rule Forcing Payers to Post Negotiated Rates, Cost-Sharing DataTrump Administration Finalizes Rule Forcing Payers to Post Negotiated Rates, Cost-Sharing Data
  • Insurers Running Medicare Advantage Plans Overbill Taxpayers By Billions As Feds Struggle To Stop ItInsurers Running Medicare Advantage Plans Overbill Taxpayers By Billions As Feds Struggle To Stop It
  • ONC: Summary of Public Comment for Draft StrategyONC: Summary of Public Comment for Draft Strategy
  • ICE provides ‘deplorable’ healthcare to detained immigrants, advocates allege in massive lawsuitICE provides ‘deplorable’ healthcare to detained immigrants, advocates allege in massive lawsuit
  • Azar Appoints Senior Advisor for Value-Based Care in the United StatesAzar Appoints Senior Advisor for Value-Based Care in the United States
  • CMS Advances MyHealthEData with New Pilot to Support CliniciansCMS Advances MyHealthEData with New Pilot to Support Clinicians

Trending This Week

Sorry. No data so far.

About Us

DistilINFO is media company that publishes Industry news, views and Interviews. We distil the information for you – saving time and keeping you up to date on your interest areas.

More About Us

Follow Us


Useful Links

  • Subscribe
  • Contact
  • Advertise
  • Privacy Policy
  • Terms of Service
  • Feedback

All Publications

  • DistilINFO HealthPlan Advisory
  • DistilINFO HospitalIT Advisory
  • DistilINFO IT Advisory
  • DistilINFO Retail Advisory
  • DistilINFO POPHealth Advisory
  • DistilINFO Ageing Advisory
  • DistilINFO Life Sciences Advisory
  • DistilINFO GovHealth Advisory
  • DistilINFO EHS Advisory
  • DistilINFO HealthIndia Advisory

© DistilINFO Publications