“Information moves at the speed of trust,” said Dr. Doug Fridsma, chief medical informatics officer at AI platform company Health Universe. “As you start to solve the technical problems [of interoperability] and you start to get more data in electronic format, the rate-limiting step becomes how well do people feel that they can trust the people on the other end?”
On March 21, Epic stopped responding to data-sharing queries from some customers of Particle Health on the Carequality national interoperability framework, which is used by more than 50,000 organizations including clinics, hospitals and health tech companies. Organizations can request patients' medical information from each other through Carequality's framework.
Epic said it shut off access at the request of its customers because of concerns over potential misuse of protected health information by Particle's customers. “Some of Particle Health’s customers have been accessing people’s medical records through the Carequality network by falsely claiming to be treating them as patients,” an Epic spokesperson said in an email.
Particle issued a news release April 15 to deny any wrongdoing by it and its customers and said it remains in good standing with Carequality. The company said it will address its dispute with Epic through procedural channels. Carequality said in a blog post Friday it wouldn’t comment on any specific dispute between participants in its network.
Fridsma, the former chief science officer at the Office of the National Coordinator for Health Information Technology during the Obama administration, said health systems, health tech vendors and other stakeholders need to trust that the other organizations on the networks will be good stewards of patient data for interoperability to work.
By signing an agreement to join Carequality's framework, participants are obligated to respond to requests from other participants requesting a patient’s medical records for the purposes of treatment. Critics say that obligation has been abused by companies requesting information for non-treatment reasons.
“There are even organizations that [might] have a legitimate treatment use case, who will deidentify, repurpose and possibly sell some of that data to research or other organizations,” said Michael Marchant, director of interoperability and innovation at University of California Davis Health in Sacramento.
Marchant sits on Epic’s Care Everywhere governing council, which advises the company on data-sharing with organizations that don't use Epic. He said Epic brought the issue of Particle Health to the council, which advised the company to suspend Particle’s gateway connection.
The suspension will last until Epic learns more from Particle about how its customers are using patient data, the Epic spokesperson said.
Critics question if the companies making requests are set up to treat patients. Claudia Williams, chief social impact officer at University of California Berkeley School of Public Health, said the issue has come up because some companies don’t have a way to request medical information for non-treatment reasons such as operations and payment.
“We don't have a scalable way to [allow for] operations and payment [inquiries] so it forces people down the silo of treatment, and frankly, we end up with a lot of shady and questionable behavior because people are trying to force something that is not treatment into the treatment bucket,” Williams said.
Experts say the issue hasn’t been solved by the government-backed Trusted Exchange Framework and Common Agreement, which went live in December. TEFCA was created as part of the 21st Century Cures Act in 2016 to serve as baseline for interoperable data-sharing. The Cures Act also mandates laws around reducing information block among health tech companies and providers.
One of the problems is a lack of incentives for organizations to comply with TEFCA and Cures. While there are some penalties for information blocking, it has yet to materialize in a meaningful way. The creation of Cures and TEFCA hasn’t led to a change in sentiment, Williams said.
“Lack of trust is often the reason people don’t exchange but the laws don’t exactly say first you trust and then you exchange,” Williams said. “Shouldn’t it be enough that you’re exchanging for legal reasons? Do you have to have more trust than that?"