Convert your FHIR JSON -> XML and back here. The CDA Book is sometimes listed for Kindle here and it is also SHIPPING from Amazon! See here for Errata.

Monday, August 24, 2015

On ONC's Ten-Year Vision

A post about this document showed up on Facebook today, and I was asked what I thought about it. So here are my thoughts. Note: The document referred to in this post is about a year old.
ONC recently release its 10-Year Vision to Achieve an Interoperable Health IT Infrastructure.  The first comment I have on this document is that they have covered about the right timeframe for implementing the vision.  Much of ONC's prior vision was very much tied to the deadlines specified in the HITECH act, and those timelines were based on some pretty unrealistic assumptions about the ability of provider organizations to adopt new technologies.  It's not their fault that congress had some very aggressive timelines, that's often what happens when too much of a program gets tied to legislation, and especially when you are talking about something like ARRA, principally a spending bill.

At 13 pages the document is quite short, and frankly it doesn't say much. Most of the material in the initial two thirds of the document is aspirational goals being set by an organization that won't have an effective leader until 6 months after the next presidential election.  Those will almost assuredly change under the next administration.  Even so, there are some good ideas in it.  Figure 1 should be familiar to anyone who's seen Doug Fridsma's presentation talking about orders of magnitude in Health IT a couple of years ago now.

I think some of the aspirations could be moved around in time depending on various opportunities in the industry.  For example, the ability to integrate patient data into the medical record could occur sooner rather than later.  Many people and organizations are actively working on this.  However, I'm quite happy to let that work continue on without ONC trying to drive it.  It will likely work out for the better in the long run.

The section on "How will we get there?" is interesting.  Some general comments on that section follow:

Building Block #1: Core Technical Standards and Functions
In general, the proposed activities seem reasonable, but only if they are integrated with existing efforts (e.g., granular data access using HL7 FHIR, authorization and authentication with Blue Button Pull and the Argonaut efforts).  We don't need more disparate efforts muddying up the works.  To suggest that the JASON report proposed or suggested an actual architecture is laughable. Marchitechture maybe, but there is no architecture there.

S&I Framework was designed at a point in time when ONC had $100 million to throw at the interoperability standards problem.  That figure is nearly twice their annual budget today, and there's little going on.  Continuing that paradigm won't work.  Neither will funding coordination with standards organizations $20K at a time.  Something else is desperately needed, we still have no progress on what it should look like, and it's a political hot potato that nobody really wants to take on.

Building Block #2: Certification
This building block suggests that there is a demand for more certification, but doesn't suggest who is making that demand.  I'd be interested in the answer to that question, because as far as I can tell, it is neither healthcare providers or vendors who are requesting more certification.  While this building block suggests that certification will assist in expanding exchange to other settings, there are still no incentives for those other settings to do so (see #4 below).

Building Block #3: Privacy and Security Protections
I'm surprised this isn't number one, but also glad.  It seems that ONC has recognized that their are existing technical protections for security and privacy.  The more challenging issue here is not the technical issues, but rather the policy issues, especially in the understanding and implementation of policy (such as the oft-misquoted HIPAA).  All too often, security and privacy is percieved as being far to restrictive about sharing of data WITH patients, as we all know.  That's my number one issue that should be addressed.

Building Block #4: Supportive Business, Clinical, Cultural, and Regulatory Environment
I agree that more incentives are needed in different settings, but that was so softly stated in this building block that I'm wondering who they are trying to hide it from.  On the barriers to access, it is NOT the patient lack of knowledge that is the most significant barrier.  It is more the provider lack of providing patient access.  If data was more accessible and easier to access, we'd be doing it.  I don't have my health data for lack of knowledge about how to ask for it.  I don't have it for lack of knowledge about how to be successful in asking for it in a way that will actually work interoperably. That's not a lack of knowledge on my part, that's really due to a lack of implementation on the provider's part.  And much of that stems from a lack of knowledge for them about how to accomplish that safely (without fear of regulatory repercussions).

Building Block #5: Rules of Engagement
I think the biggest focus on rules of engagement here should be patient engagement in establishing the rules of the road.  The voice of the healthcare provider is important, but more attention needs to be paid to the voice of the most disenfranchised stakeholder in all of this effort: The patient.  I'd like to see a world where ePatient Dave and Regina Holliday were able to set policy about health information exchange, rather than the exalted C-levels of the healthcare providers or HIT vendors. Let patients design it, and then give the others the necessary tools to implement it.  The world (and my healthcare) would be in a better place for it.