Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Blogs
    • AI
    • Deals
    • Layoff Tracker
    • HIMSS 2023
  • Opinion
    • Breaking Bias
    • Commentaries
    • Letters
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - AI and Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Sponsored Video Series - One on One
    • Sponsored Video Series - Checking In with Dan Peres
  • Data & Insights
    • Data & Insights Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Information Technology
June 06, 2019 03:18 PM

Providers, trade groups remain concerned over API privacy

Jessica Kim Cohen
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Providers, health plans and trade groups are calling on HHS agencies to slow down a push to put health data in patients' hands via third-party apps, citing privacy and implementation concerns.

    Patient-facing apps are a key component of the CMS and the Office of the National Coordinator for Health Information Technology's companion interoperability and information-blocking proposals released in February. The rules outline how regulators will require insurers and providers to share medical data with patients. That could include using application programming interfaces that connect electronic health record systems with third-party apps.

    Despite the ONC's efforts, privacy is still a core concern for the healthcare industry.

    In comments to the CMS, Allina Health in Minneapolis suggested the agency create a certification program for APIs to reduce providers' potential liability and burden when they contract with app developers. It also recommended the CMS establish a safe harbor for providers sharing patient data through an API.

    The American Hospital Association went a step further in a letter to the ONC, questioning whether encouraging patients to use tools not governed by HIPAA would lead patients to unintentionally cede control of their health data.

    A third-party app that's not held to the same privacy standards as healthcare providers might be able to use health data in ways patients are not aware of, such as by monetizing it or use it to target advertisements, the association said.

    HHS in April extended the public comment periods for both rules to June 3, a 30-day extension from the original deadline. At the time, ONC chief Dr. Don Rucker said that was largely due to confusion over whether providers could be held responsible for patients' health data use.

    Under the ONC's rule, Rucker said patients would be able to decide what types of third-party apps to use to access their health data. And once a patient decides to share their protected health information with an app, the provider is not liable for subsequent use or disclosure of this data—so long as the app developer is not a business associate of the group.

    Dr. Barbara L. McAneny, the American Medical Association's president, said the ONC's proposed rule could lead to patient information being shared with third parties in ways the patient didn't expect.

    To address this gap in privacy protections, the AMA suggested the ONC should ask API technology suppliers to abide by specific privacy and industry guidelines, such as the Federal Trade Commission's best practices for mobile health app developers.

    Developing a privacy framework that goes hand-in-hand with the proposed rules would also help to address patient privacy concerns, six former ONC chiefs wrote in a joint comment to the agencies. They suggested the CMS and the ONC work with the private sector to create a companion framework that protects patient privacy and ensures patients understand how their data is being used.

    Still, the six authors offered "enthusiastic support for the proposed rules," and called the CMS' plan to expand APIs to health plans "game-changing." That's why the former national coordinators emphasized the agencies should implement the proposed rules "as quickly as possible," while designing the framework in parallel.

    But not everyone agreed with this call to action and many healthcare groups called on the agencies to publish interim rules and push back implementation timelines.

    Healthcare groups were particularly concerned about the timeline for payers to begin using APIs. Under the CMS' rule, payers would begin offering patients access to claims and other data via APIs beginning in 2020.

    Spectrum Health in Grand Rapids, Mich., urged the CMS to delay this mandate by several years to give payers more time to meet the requirements, arguing that providers had multiple years to implement and comply with data-sharing standards under the Medicare and Medicaid EHR Incentive Programs, now dubbed Promoting Interoperability.

    "CMS must work with effected stakeholders to ensure that appropriate guardrails are in place to prevent unintended consequences for how public and private health plan data is accessed, shared and acted upon," Spectrum Health wrote in its comments.

    United Health and the not-for-profit Sequoia Project also requested delays of 12 to 18 months at least.

    The Alliance of Community Health Plans suggested the CMS issue an interim final rule to clarify what data payers will be required to share with patients via APIs and how the mandate will be enforced. The trade group also requested at least 18 months from the final rule's publication to prepare for compliance.

    "For payers, significant resources will be necessary to collect data from numerous sources and conform them into a data set that could supply an API," ACHP wrote, noting payers tend to have data spread across multiple payer platforms and provider systems. "Constructing these APIs is a non-trivial undertaking."

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    Racial disparity hospital
    Providers confront racial bias engrained in EHRs
    Most Popular
    1
    Centene to lay off 2,000 workers
    2
    How health systems are battling price-gouging allegations
    3
    Senate advances bill to temporarily aid hospitals, health centers
    4
    Elevance, Blue Cross Louisiana halt $2.5B proposed deal
    5
    Tower Health to sell urgent care centers, close others
    Sponsored Content
    Digital Health Intelligence Newsletter: Sign up to receive a twice-weekly (T, F) morning newsletter featuring the latest reporting on technologies, trends, players and money fueling the rapid changes in how healthcare is developed, paid for and delivered.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Help Center
    • Advertise with Us
    • Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Blogs
      • AI
      • Deals
      • Layoff Tracker
      • HIMSS 2023
    • Opinion
      • Breaking Bias
      • Commentaries
      • Letters
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - AI and Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Sponsored Video Series - One on One
      • Sponsored Video Series - Checking In with Dan Peres
    • Data & Insights
      • Data & Insights Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing