Reactions varied widely between technology vendors, privacy advocates and government and clinical IT leaders questioned about a federally sponsored study that calls for re-engineering electronic health record systems so they can be used by payers as fraud-fighting tools.
The report includes a call for a controversial requirement that EHR developers build into their systems' portals that allow payers to access physicians’ EHRs and patients' longitudinal medical records.
Government contractors and the top federal healthcare IT official were either enthusiastic or at least accepting of the proposals; healthcare information technology vendors were both critical and supportive; a physician IT leader had a mixed reaction; and privacy advocates were caustic and combative.
And in an ironic twist, one EHR company executive said the call for auditing access doesn’t go far enough, that the electronic peepholes insurance companies want installed in physician EHR systems should be placed in the payers' IT systems as well.
"Today, payers tend to minimize their payout, and if that is the case, can we have access to their systems and see how they do it?" said Chittaranjan Mallipeddi, chief executive officer of MedPlexus, in Sunnyvale, Calif., a developer of a suite of EHR and practice-management software systems. "For fair play, I think physicians should ask to have access (to payers' systems). The payers should be open to that."
At issue were recommendations in Recommended Requirements for Enhancing Data Quality in Electronic Health Record Systems, a 115-page report with a somewhat off-the-mark title since the bulk of the study contained discussions and recommendations on adapting EHRs to detect fraud and gain legal evidence to prosecute perpetrators. The final report is dated May 2007, but was not released to the public until Aug. 9.
While the scope of the study was limited to EHRs used in ambulatory care, the report authors recommended fraud management requirements also be developed for health information exchanges and the proposed national health information network. The report was prepared by RTI International, a not-for-profit research institute based in Research Triangle Park, N.C., under a $487,000 contract with the Office of the National Coordinator for Health Information Technology at HHS. Members of the research panel named by RTI to produce the report were approved by ONCHIT, which also vetted and modified the final recommendations, according to the report. The recommendations are to be implemented by working them into EHR testing criteria used by the Certification Commission for Health Information Technology and standards reviewed and anointed by the Health Information Technology Standards Panel, both HHS-funded contractors. Robert Kolodner, the physician head of ONCHIT, said in an e-mail response that the RTI report, "will contribute to (ONCHIT's) ongoing efforts with CCHIT and HITSP of the past two years to find ways to optimize the quality of healthcare by facilitating broad use of secure, interoperable electronic health records.
"The recommendations from the RTI report are part of the many improvements that need to be considered for the emerging generation of interoperable EHRs," Kolodner said. "We are looking forward to discussing the report and its recommendations at the next meeting of the AHIC in September."
John Halamka, the physician chairman of the HITSP, said in an e-mail that members of the standards group "have been involved in the anti-fraud recommendations from the beginning of the project. The standards they need are very complementary to the ongoing HITSP work. Existing AHIC use cases have included most of the needed standards, and HITSP is already working on the bulk of their requirements."
According to the report, the 14 RTI recommendations translate into 55 potential CCHIT testing criteria, only 12 of which directly match any of the more than 200 criteria on which ambulatory EHRs are tested by CCHIT today. The remaining RTI-recommended criteria would require either modification of existing "congruent" criteria (25) where there are partial matches, or writing, vetting and adopting altogether new criteria (18) by CCHIT where no matches exist. The report said RTI helped CCHIT get started by developing specific guides to its recommendations.
CCHIT Chairman Mark Leavitt said his group has been involved in the RTI effort for some time. "We saw an earlier draft, brought it to our work groups and responded," Leavitt said.
"This report and these recommendations are inputs to the work groups just like everything else," Leavitt said. "Our work groups need to look at this item by item, and gather some evidence about the practicality of doing this among the stakeholders."
Leavitt said because RTI had a public comment process, "you certainly have to give it more credibility than something someone wrote."
Still, Leavitt reminds, the raison d'etre of CCHIT is to certify the functionality of EHR systems to boost adoption by physicians and other healthcare providers. "But they (RTI) were coming at it with a fairly singular focus, which was not the acceleration of the adoption of IT. You have to keep in mind the cost of the EHRs and implementation. So, we have to realize we’re not going to create the best fraud systems in the world at any expense and at any effort."
Leavitt said CCHIT work groups are already under way with performing what they call an "environmental scan" of new potential areas for developing certification criteria and the RTI recommendations will be incorporated in that process.
"What we're going to do at this point is let our work groups look at it and talk about it in their environmental scan and put in their own round of public comment," Leavitt said. "It will come to the commission at its Sept. 10 meeting." The proposed new CCHIT criteria, including any of those based on RTI recommendations, will be put out Sept. 13 for a 30-day public comment period, during which time, on Sept. 19, CCHIT will host several "town calls" to explain the criteria and get public input, Leavitt said.
"We're going to find some good things in there and we're going to find some things that probably aren't acceptable," Leavitt predicted. "The topic of privacy often just runs head on with fraud. That's why I think it's going to be an interesting year."
What do you think? Write us with your comments at firstname.lastname@example.org. Please include your name, title and hometown.