What I’m about to share is a personal point of view. I’m not a big believer in health information exchanges (HIE).
I’m certainly a fan of what HIEs promise to do; improve care safety and quality by making sure that personal health information is available anytime, anywhere it is needed. It wouldn’t matter if a patient shows up in Seattle or Spokane, their health information (medical record) would be available to the doctors, nurses or others who might care for them. In a perfect system, the same would be true if the patient showed up in Peoria or New York City or even Timbuktu. And yes, I know that thanks to foundation grants and government funding, a few local or regional health information exchanges are up and running today. But I also know that a sustainable business model for these exchanges is far from clear. In addition, the patient in these solutions is pretty much out of the loop. Furthermore, I know that most competing hospitals, clinics, physician offices, and other entities in our healthcare system aren’t especially thrilled over the idea of freely exchanging data with one another. And as far as I can tell, no nation large or small around the world has yet really pulled off a comprehensive, national (let alone worldwide) health information exchange no matter how much money has been spent trying to do so.
For all of those reasons and more, I have been advocating what I believe is a much more logical, affordable, and technologically feasible model – aggregating personal health data around the patient, and allowing the patient to share his or her data with whomever needs to see it, be that a clinician, family member, loved one or other person. This would accomplish pretty much the same thing as an HIE without all the fuss over who owns the data (the patient just gets a copy of their own data) or how much data must be shared between competing organizations or entities.
But how much would it cost to store all that data, and who would pay? Well, if you believe the calculations put forward today in a blog post by luminary physician and CIO, Dr. John Halamka, we could store all that information in the cloud for less than 50 cents per person per year. I won’t repeat the complex calculations Dr. Halamka used to reach that conclusion (for that go here), but the math looks pretty sound to me. So why not develop a cloud-based repository for personal health information and put the patient at the center and in control over his or her account? The patient could decide the data bank he or she trusted most. That might be their insurer, a commercial service, or even a state or government organization. So long as any organization responsible for storing patient data would agree to transfer that data to another such organization upon the patient’s request, there could be and probably should be several organizations in the business of storing data on behalf of patients. When visiting a hospital or clinic, the patient would simply provide access to their data bank and at the conclusion of the visit, request that a copy of the data from their most recent encounter go back into their bank. There could be contingencies of course for patients who show up unconscious or unable to grant access to their personal data bank - a kind of “break the glass” in case of fire scenario. And even if the patient had no interest what-so-ever in looking at their data, adding to it, or maintaining a “personal health record”, their healthcare provider could still set up such an account for the patient an deposit information into it.
Would this not get us closer to the always available, truly transportable electronic health record for most citizens that was promised so many years ago by President George W. Bush? Is there not a business model that could be sustained by patients themselves, employers, insurers, or a government agency at 50 cents per person per year to maintain such a system once it is built? If something like Microsoft HealthVault, and perhaps a few other solutions, became available to store and exchange our personal health information on our behalf, and most people selected one of these repositories, would it not largely obviate the need for health information exchanges?
Everyone wonders why everything that touches healthcare becomes so darned expensive. I think we over-regulate, over-legislate, and over-architect solutions in health. We make solutions way more complex than they really need to be. I’d rather see scarce healthcare dollars go to actually providing care for people, than for building multi-million dollar health information exchanges that leave patients out of the loop, and likely aren’t sustainable anyway.
Bill Crounse, MD Senior Director, Worldwide Health Microsoft
That's my 50 cents a year, I'll keep it in my pocket thank you very much(a yummy candy bar from the vending machine costs $.50). Let my employer pay for it.. Better yet, keep it offline and in paper form where it's safe from the eyes of chinese hackers.
Thanks for your comment, Allen. If you want your information off-line, then off-line it should be (is your banking off-line too?). I firmly believe this should be an opt-in solution. HIEs, however, are not opt-in.
It's pretty obvious that from Mr. Feinberg's perspective, our industry needs to work on trust and transparency of data, before asking for 50 pennies.
In other words, the loss of one's personal health information is priceless and can never be paid back.
Faisal, I couldn't agree more. Trust and transparency are are vital attributes when dealing with PHI..
Faisal Q is correct. While the banking industry has become more secure the health industry has become less secure and I keep an article on my desk to reminde me about it every day.
In a eWeek article titled "Data Breaches Hit 113 Health Care Organizations, Report Says" [Aug. 2010]
"A total of 113 health care facilities have been hit with data breaches in 2010, compared with only 39 banking/finance firms, according to a July 28 report by the Identity Theft Resource Center."
Bill, having worked in setting up HIE technology for a healthcare vendor to support a variety of different policies, I can report to you that many HIEs are opt-in only. It simply depends upon how policies are configured.
With regard to whether an HIE or PHR is the solution, it depends upon who you trust. I recall a survey reported several years ago that patients trusted most their healthcare providers and their payers least to store their personal health data in a way that they could access and which would provide the best security and privacy. Employers and third parties like Health Vault or Google (still emerging at that time) were in the middle. I'm happy to let the market decide, and it may decide that both solutions are needed.
My personal concerns about Cloud-based PHRs include confusing privacy policies and service agreements and the lack of open and transparent use of standards used to access the information. I don't want a vendor specific API to access my data, I want standards based access using any possible technology that I chose.
For my own use, I'm not certain I'm comfortable with the data existing anywhere OTHER than my Home computer at the moment, as I physically control it and the network it is attached to. I am perfectly comfortable securing it from others without the appropriate credentials.
Chris and Keith,
Thanks for sharing your thoughtful perspectives. Healthy debate is always a good thing.
I think that the patient is involved in HIE developments
I would like to see Microsoft as a PHR vendors come into the open and transparent discussions as someone who wants to be constructive. By participating as a equal partner on the HIE I think your whole vision can be achieved.
The HIE model I have always envisioned and worked hard to make concrete in the IHE XDS and XCA profiles is one where the PHR is an equal partner on the HIE.
I challenge Microsoft as a PHR vendors to come into the open. Participate openly in a transparent way. Help us understand why there is concern with the current models. Help us shape the solution. This is a journey, not a destination. Stepping stones are what we need to make concrete while having a good vision of the horizon.
I expand on this comment on my blog healthcaresecprivacy.blogspot.com
Wounderful blog. I read your blog this is the very informative blog.
I just tell Thanks to you for sharing your thoughtful perspectives. I know that most competing hospitals, clinics, physician offices, and other entities in our healthcare system aren’t especially thrilled over the idea of freely exchanging data with one another.
<a href="www.ejpconsulting.ca/">health and safety manuals toront</a>