Karen DeSalvo started as the new National Coordinator for Healthcare Information Technology on January 13, 2014. After my brief discussion with her last week, I can already tell she's a good listener, aware of the issues, and is passionate about using healthcare IT as a tool to improve population health. She is a cheerleader for IT, not an informatics expert. She'll rely on others to help with the IT details, and that's appropriate.
What advice would I give her, given the current state of healthcare IT stakeholders?
1. Rethink the Certification Program: With a new National Coordinator, we have an opportunity to redesign certification. As I've written about previously some of the 2014 Certification test procedures have negatively impacted the healthcare IT industry by being overly prescriptive and by requiring functionality/workflows that are unlikely to be used in the real world. One of the most negative aspects of 2014 certification is the concept of "certification only." No actual clinical use or attestation is required but software must be engineered to incorporate standards/processes which are not yet mature. An example is the "transmit" portion of the view/download/transmit patient/family engagement requirements. At present there is no place for a patient to "transmit", yet vendors are required to implement complex functionality that no one will use. Another example is the use of QRDA I and QRDA III for quality reporting. CMS cannot yet receive such files but EHRs must send them in order to be certified. The result of this certification burden is a delay in 2014 certified product availability. Certification should focus on rigorous interoperability testing, using mature standards, in practical use cases, supported by the evidence and experience.
2. Evaluate the collective timelines of Meaningful Use, ICD10-CM, ACA and the HIPAA Omnibus Rule: Thousands of pages of regulations are hitting the industry at the same time and it's clear that like HealthCare.gov, haste will make waste. My suggestion: extend Meaningful Use Stage 2 Year One attestation by 6-12 months (not just delay Stage 3 a year as has already been done) to enable clinicians to install certified software, redesign workflows, be properly trained, and educate their patients about the new functionality available. I realize this may be a regulatory leap, but I've seen new rule making done as corrective action in the past. Although I believe ICD10-CM requires more testing (the CMS planned March testing is not enough) and most applications will not contain the clinical documentation improvement features needed for clinicians to adequately justify the new codes, most hospitals have put so much time and resources into ICD-10-CM projects that they cannot afford to extend the project beyond October 1. For ACA, re-evaluate quality measure submission requirements per point #4 below. For the HIPAA Omnibus Rule, rethink the accounting of disclosures scope and timing.
3. Declare victory for Meaningful Use: Stage 1 of Meaningful Use was a phenomenal success. Adoption rates of good EHRs by hospitals and eligible professionals has tripled. Public health reporting and interoperability are accelerating. Awareness of security issues has markedly improved. Stage 1 was seen as a tide floating all boats. Stage 2 was greeted with less excitement. It exceeded the capacity of many organizations from a technology, policy, and workflow perspective. It has been described as a burden that has slowed innovation, consumed industry resources, and co-opted local agendas for quality improvement projects. However, it has many benefits and those gains can be captured with enough time. By the end of Meaningful Use Stage 2, hospitals and eligible professionals will have reached a breaking point in their capacity to absorb regulatory burdens, so we have to progress beyond 2017 very thoughtfully.
If our policy goals are outcomes based, then we should offer a Stage 3 regulation which enables organizations to qualify for incentives if outcomes are achieved using IT as an enabler. We should not prescribe specific functionality for the EHR other than interoperability and security. As noted in point #1, focusing on certification and attestation for interoperability is reasonable as long as there are no "certification only" functions mandated. We should eliminate penalties for non-compliance with Stage 3 and return EHR innovation to customers and vendors. Meaningful Use will have succeeded if we capture the gains of Stage 1 and 2, then focus on Stage 3 incentives that drive us to better outcomes, rather than penalizing providers for not checking more attestation boxes.
4. Fund pilots and research: We are on the cusp of a sea change in interoperability, population management, and clinical decision support. CCD led to CCDA which leads to FHIR for content summary exchange. The Direct protocol will evolve to a RESTful interface using OAuth/OpenID for trust fabric creation. However, we're not going to make the move to FHIR and REST unless pilots (followed by agile development of implementation guides) are funded to enable incremental progress. FHIR is too new and REST has too many industry skeptics. The pilots will create a tipping point which mitigates risk and enables progress.
Also, two of the great challenges in informatics, automated quality measures (QueryHealth and HQMF) and nationally curated decision support (Health eDecisions), would benefit from pilots. In point #1 I noted that we need mature standards but at present our quality measurement and decision support standards are immature. If we pilot them and revise them, we'll mitigate risk and can consider the use of quality and decision support standards which are optimized for purpose in future interoperability certification.
5. Continue the ONC convening function for standards, privacy/security, and hearings to capture lessons learned about adoption/implementation: ONC provides a very important and unique convening function in which issues can be discussed by multiple stakeholders. There will be an ongoing need for standards selection and revision, bridging the work of standards development organizations and clinical stakeholders. Privacy and security policy is informed and improved through national debate of the issues. Evaluating the successes and shortcomings of the EHR related regulations is important to future refinement.
I suggest that ONC/CMS limit their regulatory focus on Meaningful Use requirements related to mature interoperability standards and privacy/security (as noted above), and focus much more on bridging gaps in five key areas:
- ONC versus CMS (certification versus attestation)
- HHS versus CMS (disparate quality measure and other reporting requirements within the HHS domain)
- the government versus market (vendors and providers)
- vendors versus providers
- providers versus patients
In practical terms, this would focus less on a core belief that 'all EHRs should do X, Y and Z' to a focus on 'given what we are learning about an ever-evolving market (e.g., new payment models, new delivery models such as Patient Centered Medical Home, new technologies, new patient engagement models, etc), what EHR interoperability needs, quality measures, and privacy/security safeguards are needed.'
It's a fragile time at ONC when the excitement of the ARRA/HITECH funded grant programs has passed, many people have departed, and Congress is wary of IT projects in general.
Karen is the right person for the job at this time in history, just as her predecessors were the right people for their eras. She can regain the trust of Congress, make midcourse corrections to the Meaningful Use program, and balance the burden/benefit on stakeholders. If she can rebuild a city's health system after Katrina, she can polish those elements of the ONC strategy that experience in the marketplace has deemed to be necessary.