ONC Workgroup Talks HIPAA Regulations, Interoperability

by Elizabeth Snell from HealthITSecurity.com

The Office of the National Coordinator (ONC) Health Information Technology (HIT) Privacy & Security Workgroup met earlier this month to further discuss the ONC Interoperability Roadmap, and members brought up concerns about HIPAA regulations, interoperability liability, and other hindrances in achieving nationwide interoperability.

HIT leaders focused their discussion on sections G and H of the Interoperability Roadmap, which discusses a consistent way of collecting, sharing, and using identifiable health information. States might have varied approaches, but it is important to create consistency, and ensure that access decisions are consistent nationwide.

Deven McGraw, Privacy & Security Workgroup Chair and Partner at Manatt, Phelps & Phillips, LLP, explained that one area they are looking to change is clarifying the Roadmap language regarding the relationship between ‘basic choice’ and existing health or medical privacy laws that permit sharing of health information for some purposes without the requirement to first obtain consent.

It is also important for the Roadmap to clarify existing laws and policies to better enable change, McGraw explained. The Roadmap should not be used as a vehicle for policy change, but rather as a way to promote and assure interoperability in the existing policy framework.

“[We are] asking for clarity around what was intended in the roadmap and frankly urging ONC to not use the roadmap as a vehicle for articulating policy change but instead to consider policy as a factor for exchange of information and figuring out how to enable exchange given that environment,” McGraw said.

Dr. David McCallie, Jr., Senior Vice President, Medical Informatics at Cerner Corporation agreed that there should be clarification between basic choice and what the existing laws are, but added that it should also be more clear how someone opting out would potentially affect HIPAA regulations. Specifically, McCallie asked if opting out would “trump the HIPAA allocation” that allows for sharing in treatment.

McGraw stated that the draft could be worded more succinctly to say that all those issues will be addressed, but not necessarily in the next few years in order to ensure that interoperability can be created.

“There are many important and useful ways that interoperability can proceed within the constructs of current law and those should be pursued before addressing needs for changes in the law,” McCallie offered, which McGraw agreed with. “Maybe the approach is to think of it from what is it that we would like to be able to do to facilitate interoperability, and then identify policy roadblocks or confusion and either address them by clarifying current policy and regulations or by proposing the need to change it. But, do it more from a bottom up use case driven where we can get agreement on the value of the use case and then say, ‘Okay, here’s a barrier.’”

The Privacy & Security Workgroup met in February to discuss the same portions of the Roadmap. At that time, the discussion also centered around State rights, and how that variation can make it difficult to build software systems that  accurately capture, maintain, and use the data.

Public comments will be accepted on the draft Roadmap through April 3, 2015.

For more interoperability news, check out HealthITInteroperability.com.

Comments are closed.