Thursday, April 2, 2015

Your problem is not ours

This is a recurring theme for a lot of capabilities being suggested for meaningful use.  The you and us in this this case are the US Federal Government (represented by CMS, ONC, CDC and others) and healthcare IT stakeholders respectively.

How does this show up?

Vaccine Inventory: A physician's EHR is intended to capture information about clinical care of patients, not to manage national inventories of vaccines.  Aren't there better ways to capture this?  I know we already send a lot of this data to local public health in other ways, why do you need to push this onto the EHR?  In this particular example, I might agree that some Health IT may need to track vaccine inventory, and that other codes (such as NDC) may be applicable, I do NOT agree that these should be necessary exchanged in clinical documents designed to support clinical care.  Use the right tool for the job.

Fraud Investigation: Some parts of CMS would like for to us to create an electronic process to support fraud investigations, which as described in the 2015 certification rule requires some three different digital signatures in our health IT systems.  This to replace an existing process where they presently accept faxed copies of documents with wet signatures, in some cases applied by a stamp. All these signatures are in service of what?  Who is going to pay for the additional digital signature infrastructure?  Where is the governance of these certificates?  How will this be governed?  If we have learned something from Direct, we have learned that trust models are important, and that radical changes to trust models should be undertaken very carefully.

Social Services Data Capture:  Modules in Physician health IT systems are proposed in the 2015 Certification rule to become the mechanism of data capture for a great deal of VERY sensitive personally identifiable information, some of it not directly related to healthcare issues.  Gender identity, annual income, or use of social services are certainly related, but not directly applicable. While this might be useful in the context of providing many social services, the standards proposed have not been formally developed in the 2015 Certification rule with coordination with IT used with social services in mind.  I'm NOT certain that this additional requirement is something that should be added to the responsibility of healthcare providers without consideration of the other impacts it has on healthcare services.

In any case, I think we need to be very careful about how we create new criteria for health IT modules.  In the standards advisory published by ONC, a couple of these issues (Fraud investigation and much of the data that I mention with regard to social services data capture) weren't even investigated by Federal Advisory Committees.


0 comments:

Post a Comment