Healthcare organizations are encouraging HHS' Office of the National Coordinator for Health Information Technology to incorporate lessons from the novel coronavirus pandemic into its five-year strategic plan for federal agencies.
ONC in January—just days before the first reported COVID-19 case in the U.S.—published a draft of a five-year road map designed to align health IT goals across the federal government. Although the plan focuses on strategies for federal agencies, ONC said it hopes the release of the final plan will serve to signal the government's priorities to the private sector.
Healthcare stakeholders including providers, insurers and technology vendors, submitted nearly 100 comments to ONC with feedback largely supportive of the plan's four overarching goals: promoting health and wellness; enhancing care delivery; building a data-driven ecosystem to accelerate research and innovation; and connecting health data through an interoperable health IT infrastructure.
However, many suggested the agency update the plan with more detail for priorities brought to light during the COVID-19 pandemic.
The Healthcare Information and Management Systems Society and the Personal Connected Health Alliance in a joint letter suggested ONC work with Centers for Disease Control and Prevention to strengthen infrastructure for public health surveillance. The University of Mississippi Medical Center and major insurers like Cigna, Centene Corp. and Blue Cross and Blue Shield Association also urged ONC to include a heightened focus on bolstering broadband infrastructure for telemedicine.
As written, ONC's draft plan does reference goals like promoting adoption of telemedicine infrastructure and promoting data standards to facilitate easier exchange between care settings, including for public health. But while the plan includes objectives and strategies, it doesn't get into the mechanics of particular steps or programs to reach those goals.
Some commenters felt more specifics could be added to the plan.
"The FCC and large banks that cater to rural communities should focus on expanding access to broadband and the build-out of an affordable broadband infrastructure," wrote Dr. Richard Summers, the University of Mississippi Medical Center's associate vice chancellor for research, as an example of how federal agencies could support adoption of broadband infrastructure.
OCHIN, a not-for-profit health IT services provider in Portland, Ore., agreed that in light of the pandemic, a major focus at the state and federal levels should be building internet connectivity needed for telemedicine.
However, the group asked ONC to consider that the agency can't fully incorporate lessons learned from the COVID-19 crisis while still in the midst of the outbreak.
"The true needs of our healthcare system will not be realized until we have borne the full brunt of this pandemic," wrote Jennifer Stoll, OCHIN's executive vice president for government relations and public affairs.
Healthcare stakeholders also shared how the federal health IT strategic plan could build on the interoperability rules finalized by ONC and CMS in March.
Health systems, insurers and technology vendors alike questioned what privacy protections the federal government could put in place to protect medical data once a patient downloads it onto a smartphone app not covered by HIPAA, as envisioned under the final rules. User privacy has been a major point of concern over the rules since ONC and CMS released the proposed versions in 2019.
In comments to the agency, healthcare groups outlined a range of recommendations for how to address that issue.
Epic Systems Corp., which had been a vocal critic of the agencies' proposals, said ONC should work with Congress to require app developers to be transparent about what data they're collecting and how they'll use it, including whether a patient's information is being shared or sold.
The American Medical Association had a similar suggestion, urging development of a transparency framework for app developers to attest to. UnitedHealth Group recommended HHS require developers to obtain certification of their security practices, and Centene suggested HHS develop a seal of approval for apps that meet security and privacy criteria.
BCBSA and Cigna went a step further, suggesting HHS consider requiring developers of apps or application programming interfaces to comply with HIPAA's privacy and security provisions.
While organizations varied in their ideas for how to address privacy concerns when sharing patient data with third-party apps, most agreed patients should be able to expect their medical data is treated with similar protections even after it leaves the traditional healthcare ecosystem.
"The healthcare ecosystem the plan envisions will not work well without consistent handling of patient data wherever it travels," wrote Dr. Bruce Darrow, chief medical information officer at Mount Sinai Health System in New York City, and Dr. Andrew Kasarskis, the system's chief data officer.