The U.S. Department of Health and Human Services wants interoperability between disparate electronic health record systems (EHRs) to be a common capability by the year 2024. Interoperability will help physicians better serve patients and facilitate easier communication between medical practices, but practitioners need to get started on their interoperability initiatives now.
Two challenges stand in their way, though: patient concerns about data security and the software market’s limited advances in interoperability tech/capabilities.
While navigating the technical challenges, practices will need to prepare strategies for convincing patients of the benefits of interoperability in order to combat fears of security or privacy violations.
In order to better understand what those fears are and how patients feel about EHR interoperability, we surveyed over 200 patients. In this report, we’ll explore the ways patients usually share their health information with multiple providers, their sentiments on interoperability and how that should influence a provider’s decision when it comes to buying and implementing EHR software.
- When asked how their medical records are shared among multiple providers, 65 percent of patients say providers directly exchange records, while 34 percent must deliver a paper copy to the other provider themselves. [Read more]
- More than three-quarters (77 percent) of patients feel “very” or “moderately comfortable” with an electronic version of their health records being immediately accessible online by any authorized health care provider in their state. [Read more]
- Among patients who are uncomfortable with the electronic sharing of their medical records, the greatest percentage (49 percent) are primarily concerned about potential privacy violations. [Read more]
U.S. health officials are so eager to see nationwide EHR interoperability, they published a 166-page document on what it will take to achieve it. Released by the Office of the National Coordinator (ONC) for health information technology, it is meant to serve as a “roadmap” to widespread EHR interoperability in the coming years.
The ONC is also encouraging the use of technologies, such as direct messaging, that facilitate interoperability.
The potential benefits of achieving interoperability are impressive. They include:
- Time saving. No more waiting for patients’ paper records to be faxed or scanned.
- Increased care coordination. Patient data is legible, clear and accessible to all authorized providers.
- Reduced risk. Miscommunications that could lead to malpractice lawsuits are curbed.
- More efficiency. Patients won’t have to fill out duplicate medical history paperwork.
- Less unnecessary testing. Redundant testing and inapplicable procedures are better avoided.
- Better research. Data for public health monitoring and reporting is more readily available.
However, reaping these benefits won’t be easy. In fact, some skeptical health care providers say the ONC’s timeline is too optimistic, because of the many technical and political challenges that must be addressed in order for interoperability to become commonplace.
In light of those challenges (which we’ll cover later in this report), EHR interoperability has been a hotly debated topic, involving multiple stakeholders discussing everything from certification standards to security risks.
While most of the voices in those debates belong to thought leaders, software vendors and politicians, it’s important to listen to the most important stakeholders in this scenario: patients whose medical records are stored in EHRs.
“Patients play a key role in moving the dial in health care innovation,” says Jitin Asnaani. Asnaani is the executive director for CommonWell Health Alliance, a nonprofit trade association of health IT companies working on interoperability initiatives. He says patients have the power to “demand a higher bar” when it comes to health data accessibility.
Our patient survey results show that patients are ready to embrace interoperability—though privacy and security fears are making some cautious. In this report, providers will learn how to address those patient concerns, and will see which software vendors are making the most significant strides to achieve interoperability.
Patients Say Some Providers Already Share Records Directly, But Not Enough
The sample for this survey consists of patients who have seen two or more health care providers simultaneously within the last two years: either because one provider (e.g., their primary care physician) referred them to a specialist, or because the patient wanted a second opinion.
First, we asked patients how their medical records were shared between the two or more practitioners treating them. Sixty-five percent say the providers directly exchanged their records, while 34 percent say they delivered a paper copy to the other provider themselves.
We followed up with a similar question: how they would ideally want their medical records shared between two or more practitioners treating them. Most patients (47 percent) want their doctors to directly exchange the records, and only 18 percent favor in-person delivery.
These findings tell us that, while most physicians already share medical records electronically, patients want even more providers to adopt this capability. Niam Yaraghi, Ph.D., and fellow at the Brookings Institution’s Center for Technology Innovation, believes it’s particularly troublesome that so many patients are having to shuttle around paper files between providers.
“Paper records are inefficient,” he says. “[And] many times, patients cannot get their records. For example, when a patient moves from [one] state to another, he or she will rarely bring all of his or her paper records to the new state.”
Fortunately, it’s becoming increasingly rare to encounter a medical practice that handles patient documentation exclusively on paper. Since electronic charting is already prevalent, the real problem preventing direct data exchanges between providers is that many EHR systems are unable to interface—that is, the systems can’t “talk” to each other, let alone exchange patient information in an efficient way.
Here are some reasons why establishing EHR interoperability has been such a challenge:
Resistance from some vendors: Politicians, medical associations and physicians are concerned about some vendors who they say engage in “information blocking”—that is, purposely keeping patient health information “locked” into a system, in order to later charge data exchange fees.
Prohibitively high data exchange fees: In some cases, it is possible for an EHR system to send and receive patient information from other systems. However, some vendors reportedly charge $5,000 to $50,000 to set up such connections.
Lack of incentives to develop interoperability: Vendors haven’t been sufficiently incentivized to make EHR interoperability a key capability, which is why its development has lagged.
Technical variations: There are literally hundreds of EHR products out there with different technology architectures, service models and capabilities. This makes it hard to create one standard format for sharing data.
To address these challenges and others, some industry leaders have already started stepping up and working on solutions.
In 2015, the Healthcare Information and Management Systems Society (HIMSS) created an interoperability testing and certification program for EHRs, HIEs and HISPs called ConCert by HIMSS™.
To be certified, a product must prove it can exchange health information using standards-based implementation guides that make the product capable of supporting communication between systems.
This certification program aims to take the guesswork out of EHR selection for practitioners. Physicians looking into EHR vendors for a new or replacement purchase should look into products that have been certified, in order to ensure they have a partner that values interoperability. You can find more information and reviews on most of these systems here.
More Than Three-Quarters of Patients Comfortable With State HIEs
Instead of waiting for individual EHR products to hone their interoperability capabilities, some providers are using a third-party application to share patient records.
Certain states have a robust Health Information Exchange (HIE) in place: HIMSS defines HIEs as “organizations dedicated to the secure exchange of health-related data.” Under the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, Congress established a grant program to encourage states to fund and operate their own HIEs.
As a result, authorized physicians in states with a well-implemented HIE can sign up to access a Web-based application containing the electronic records of consenting patients, regardless of the EHR system used in the various participating practices.
Patient sentiment on HIEs is a good indicator of patient sentiment on interoperability, since both are essentially about promoting an interconnected health IT environment. For this reason, we asked our respondents how comfortable they would be with an electronic version of their health records being immediately accessible online by any authorized health care provider in their state.
Over three-quarters (77 percent) of patients feel “very” or “moderately comfortable” with this, which demonstrates that most of our sample is accepting of HIEs. This is excellent news for interoperability advocates: It shows that the majority of patients surveyed see the value in increased data accessibility.
It’s important to keep in mind, however, that 23 percent of patients are “minimally” or “not at all comfortable” with a statewide HIE-type system. We asked those patients a follow-up question to dig deeper into their hesitation, asking them to explain their opposition using an open-answer field.
The greatest percentage of patients cite concerns about potential privacy violations, followed by concerns about potential data security breaches. The difference between these concerns is subtle, but significant.
Privacy violations can refer to instances where a patient’s health information is exposed to unauthorized parties (e.g., a nurse not involved with that patient’s care). The implications of a data security breach, on the other hand, are arguably more impactful—for example, cyber-attackers hacking their way into an HIE to obtain health information for medical ID theft or prescription fraud.
Our findings regarding patient concerns are not terribly shocking. In our report on HIPAA breaches, we suggest that patients’ worries over privacy and security don’t bode well for future health data accessibility initiatives (such as interoperability). If a significant amount of patients can’t trust their existing providers to keep their data safe, how will they feel about their records becoming available to multiple providers in HIEs?
More evidence of patients’ skepticism of medical data interconnectivity can be seen in some of our survey respondents’ open-ended question answers.
One patient participant said, “Having a database of personal information with my health info could make my information susceptible to data/information breaches by hackers or people who would use it for personal gain.”
Another was more concerned with privacy and the ability to control who could access their medical information: “Medical records should only be seen by those providers that you gave permission to. Not just any provider.”
In fact, this desire to control access was an interesting trend in our survey. Most of the respondents who indicated they were uncomfortable with HIEs due to privacy included a caveat in their open-ended comments about being able to give permission on a case-by-case basis. In most cases, this ability would ease their concerns about privacy, making them more comfortable with electronic sharing of medical records overall.
Communication Key for Patients to Embrace Interoperability
Physicians—particularly those thinking about joining an HIE or buying an EHR system that could support interoperability—have a responsibility to help their patients understand this technology. Here are some pieces of actionable advice to help patient-physician conversations about interoperability go more smoothly:
Acknowledge privacy and security fears, and address them honestly. In the age of the “health care hack,” it’s important to recognize that no system is impenetrable. The Brookings Institution’s Yaraghi says physicians should emphasize how the quest for greater health data accessibility is too important to be undermined by would-be hackers. He explains:
“Information technology will always have security risks. However, the benefits of sharing data outweigh the disadvantages of privacy breaches.”
NIAM YARAGHI, Fellow in the Brookings Institution’s Center for Technology Innovation
Remind patients that electronic records are typically more secure than paper-based records. As CommonWell’s Asnaani explains, paper records are not only impractical, but particularly vulnerable to privacy breaches.
“It is burdensome for the original provider to make the copies,” says Asnaani. “It is burdensome for the patient to get the documents. And it is burdensome for the receiving doctor trying to go through pages of documents in search of what they need for the specific issue at hand. Who knows who will have looked at your paper record during all those handoffs.”
Talk to patients about the policies and technologies safeguarding patient information. The HITECH act of 2009 expanded patient privacy rights, and put the burden on providers to maintain health care data security. Providers should explain this to patients—making sure to emphasize that they will be notified any time there is a breach of unencrypted data.
There are also numerous security technologies available to protect sensitive data. For example, health officials have released encryption standards for HIE systems. Encryption is a security measure that conceals sensitive information to make it unreadable unless the user has dedicated technology to decipher the data. We’ve also recently written about best practices to help EHR users avoid HIPAA violations.
Most Patients Don’t Know If Their State Has an HIE
Going back to HIEs, our survey results revealed a disappointing discovery. While one of our previous questions established that most patients are generally in favor of a statewide record-sharing system, the following data point shows there is much work to be done to raise patient awareness of such systems:
When asked if they know whether their state currently operates an HIE, 68 percent of respondents said they have no idea.
Many patients are comfortable with their data being made accessible through an HIE, but don’t realize they might already be able to participate in one.
These missed opportunities to facilitate greater data connectivity must be remedied, says Yaraghi, adding that “HIE platforms … should expand their outreach efforts to patients.”
Each state has its own laws in place for regulating HIEs, so providers and patients should read up on the terms and conditions available to them. If more patients have positive experiences with HIE-connected providers, it will make the eventual rise of nationwide EHR interoperability that much smoother.
Where to Go From Here
Dubbed “the new frontier in health care” by at least one prominent EHR vendor, interoperability will likely remain a key topic in health IT literature, conferences and congressional committees for years to come.
The results of this research report can serve as a litmus test for patient sentiment on the topic, which is valuable for physicians considering buying and implementing an EHR. After all, patients are the people whose data will be handled in an increasingly interconnected environment.
We discovered through our survey data that patients are largely ready to accept, and even embrace, interoperability initiatives when it comes to their medical records. This stems from dissatisfaction with patients’ current methods of sharing health data among authorized providers: A greater percentage of people would rather have providers exchange their records directly than transport paper copies around town themselves.
The fact that 77 percent of patients feel comfortable with the idea of HIEs also indicates they see value in interoperability. For these reasons, HIE platforms and interoperability certification programs should seek to build awareness among the patient population. This can also encourage administrators to recruit a larger user base that can spread the word about the benefits of EHR interoperability.
Our survey included 207 U.S. patients who had experience with sharing their medical records between different doctors (e.g. in order to get a second opinion or for referrals). The demographics of our survey respondents broke down as follows:
The detailed methodology for this report can be found here.
If you have comments or would like to obtain access to any of the charts above, please contact firstname.lastname@example.org.
Explore Medical categories: