ONC chief Don Rucker on the current state and 'next frontier' of interoperability
Healthcare has been striving for the Holy Grail of sweeping, seamless, semantic interoperability for a very long time. Progress has been achieved over the past decade, but it's been in fits and starts, and after many years of well-meaning policy prescriptions, too many major stakeholders – whether they're health systems, payers or vendors – still cling to old ways of doing business and often jealously guard the data they've amassed.
As Healthcare IT News puts a spotlight on interoperability this month, taking stock of how the industry is doing with its data sharing, it's worth asking just where we are, 10 years after the HITECH Act set the basic table stakes of health information technology with $36 billion in federal incentive money.
One person who's optimistic is Dr. Donald Rucker, national coordinator for health IT.
Two years after the agency began devoting itself first and foremost to interoperability and usability, and nearly two months since ONC and CMS unveiled landmark proposed rules establishing the interoperability provisions of the 21st Century Cures Act – the public comment period for which closes a month from today, on May 3 – Rucker says he's bullish on what can be achieved by putting the healthcare consumer at the center of the equation.
By encouraging development and standardization of APIs such as FHIR for certified health IT, and enacting robust rules to ensure patients have easy access to their data whenever and however they want it, ONC can go a long way toward enabling a much more vivid ecosystem of data sharing across the private-sector, he said.
Rucker spoke with us about the new proposed rules, and offered his perspective on interoperability's progress and future prospects.
Q. I was speaking with one medical informatics expert recently, and he said the proposed interoperability rules first released by the ONC and CMS in February will shape the direction of health IT for the next five to 10 years. Is that how you see it?
A. Predicting the future is hard, but I believe further identification of sort of the fundamental logical direction of interoperability is going to be very powerful. It's powerful in conjunction with the opportunities it opens up for whole new classes of businesses, participants and products that put the American public in charge of their care. This really empowers the public. They've been largely disempowered in healthcare for the past 50 years.
Q. We're focusing on interoperability this month at Healthcare IT News, but we of course write about it every week, and have been for years. I remember one article with the headline, "Interoperability 'taking so darn long'" – and that was more than six years ago. But then on other hand it feels like in the past 12 months or so we may be gaining some momentum in a lot of areas: normative FHIR 4, you guys at ONC and CMS calling on payers and providers to share their data with the info blocking rules, open APIs, CommonWell and Carequality, etc. But then you see things like the recent Fortune-Kaiser Health News article, which paints a pretty dire picture of the past decade – with so much money spent, but still serious patient safety risks from data not being available when it should be. Where do you think we are in this journey right now, from your perch at ONC, and how close are we to finally getting where we want to be?
A. I'm optimistic. There's an interesting conjunction of technology, Congressional mandate and burden placed on consumers with high deductible health plans that I think will fuel a lot of consumer empowerment.
You're seeing the early parts of this with Apple HealthKit. There are a number of smaller companies – PatientLink, Coral Health, there's a bunch of them that are looking at getting clinical data to consumers electronically using the interoperability tools. So I think it is an optimistic time.
With the Fortune-Kaiser article, obviously, they had a storyline and clearly there is a usability burden with EMRs. But as with many things if you're going to diagnose something you want the accurate diagnosis. And from our physician-provider burden report that we jointly were required to do with CMS under the 21st Century Cures Act – a draft is out – a lot of that burden is not the EMR per se, it's the documentation supporting the sort of value based purchasing that payers are engaging to do and how they do it.
For example the AMA CPT-4 documentation mandates are extraordinarily time consuming and comprise a large number of clicks. Prior authorization requires a large number of clicks and all kinds of time-intensive interventions. So you have to go back the last couple of years for a nuanced sense of what's going on there. But certainly as you look forward, it's pretty exciting in terms of what we think can be done. And obviously we're doing it to help the American public, but I do believe that will actually facilitate a lot of things for providers as well.
Q. As a policymaker, how do you balance your approach – making rules that have teeth and will get private sector to do the things we all know they need to do, without being too burdensome for providers who already feel overburdened? That's a fine line to walk.
A. We have a lot of people working on these rules and we get a vast amount of stakeholder input. I personally have probably had at least 200 stakeholder meetings in just under two years that I've been at ONC. So we're doing this with a lot of input, from many different people.
When you look at the scope of rules, it's important to understand that many of these are an outgrowth of American healthcare not really being in a market economy. We're trying to have proxies for the consumer, that if the consumer were in control and purchasing their care would happen automatically in a market economy. So we're essentially trying to do – and this has been going on in American healthcare with all kinds of attempts, right? DRGs, RBRVS, the Affordable Care Act for that matter – we're sort of trying to do fixes because of the failure of market.
So first, as you think about rules, you want to think about what would have happened in a market economy, what is happening now and is there something in this rulemaking – like, for example, standards-based APIs empowering consumers – that would drive more to something that puts consumers in control.
That's the top level goal here: to have the American public as close to what they would purchase with their own nickel, out of their own pocket, as opposed to the quarter that is used to pay for this after all the other nickels have been collected and gone through various and sundry third and fourth parties of care.
The other big part, since ultimately we're doing fairly technical things in much of this rule, is to really think about this from a computer science information point of view. And there the issue is, if we're going to say something about certain classes of data, the big, big, big thing is what does it cost to get that data? Who's going to get that data? Who's going to be forced to get that data?
Sometimes it can be relatively low cost if it's machine-to-machine – the cost of the API. But we think a lot about the nature of the data, and what that says. Because often you can't tell the direct cost, so you have to infer the cost of the information: Was this entered by a human being, how hard was it to get, is this something, for example, that a patient would even likely tell you ever? So how hard was it to get the data, and how costly to the country was it to get it?
That's what you need to sort out: What would be, in a market economy, if consumers were in control, what would that look like? And after you've sorted out the inner life of the data and its costs, you're pretty far along to sorting out what might be an appropriate area for a rule, and the appropriate nature of the rule. But again it's a big team effort with a lot of inputs from a lot of people, both within and outside of ONC.
Q. Without giving too much away, are you able to offer a bit of a sneak peak of the tone and tenor of some of the comments on the proposed rule so far? What were you hearing from various stakeholders at HIMSS19 immediately after the rules was published on February 11?
A. Well, with the comment period ending on May 3rd, most of these comments will tend to come in around four o'clock that afternoon.
Q. And no plans to extend that due date, even though several healthcare stakeholder groups have recently asked for an extension?
A. No. We've had it out for 60 days. It's been known by folks since the time of HIMSS, as you pointed out. The issue with delay is you have to balance whatever additional input you might get, versus the impact on the public from the delay. If these rules end up putting the public in charge, and able to shop, whenever they're fully implemented, two years from now or so, is that one month less that 20,000 or 30,000 people aren't thrown into personal bankruptcy because of healthcare bills?
It's not just the cost upfront, but it's the downstream cost. As everyone knows, the American healthcare system is in some dire need of fixes. So you have to balance the impact. It's the time after this is done that needs to be balanced.
So that's one thing. But in terms of public comment, we've gotten some early feedback. I just got a letter from one patient that's not a comment per se, but was in reference to an article on price transparency. This is one patient with a severe chronic illness, and he said: "Thank you for this!!" Exclamation mark, exclamation mark. He said, "I think the last thing you should worry about is the uncertainty of not knowing your costs. Your interest in empowering the patient is so wonderful!!" Exclamation mark, exclamation mark.
Now, that's one person. But, if you look at the comments for example on the Wall Street Journal article on price transparency, there's a lot of excitement out in the public, and in a number of the interest groups some folks have grown up and built business models around the current state of the world.
A lot of provider networks have fairly inward-facing business models that consumerism and true transparency would be a potentially disruptive influence. So we expect to hear from everyone. But I would say that the results so far have been very positive.
Q. Do you hear often from patients and consumers, who seek you out and give you comments of their own?
A. Not often, but I've actually started hearing more, interestingly enough. And some of them have groups and organizations that speak for them. That's one of the challenges in Washington, D.C., is most of the conversations tend to be with folks who have an economic interest. That's not exactly news. But for the folks out in the public, I think there's a lot of interest in this. I frankly think it played into the last presidential campaign, and into the midterm elections. And if you look at the news, I think it's going to play in a big way into the next presidential election cycle in 2020.
People want to be in control of their healthcare. This is an overarching theme of human choice and freedom and dignity. They want to be in control of their lives. And so transparency is a huge issue here. Having the gap between what the American public sees on their smartphones and in all the rest of their lives, versus what they get in healthcare – we're trying to close that gap. We're trying to make healthcare apps have the same level of performance, convenience and intrinsic value as all the other tools you use in your life.
That is not the case today and that core, central part is having standards-based, secure application programming interfaces. We feel that the rule nicely points out and encapsulates what the broader computing industry has learned and designed about APIs that work in a standard and a secure way.
What we're trying to do in healthcare is exactly what the rest of the economy has used to lower the cost and increase the value of apps, while maintaining tight security. I mean your banking app does it today. Your brokerage app does it today. Your airline app does it today. Your know your credit card app does it today. Why can't we have that in healthcare?
Q. As you know, we've spoken of the different stakeholders in healthcare, all of whom have their own vested interests, their own ways of doing things, their own opinions of how things should work. …
A. Relatively new technologies and people are all sorting out what they have been doing and what they could be doing to sort of come together.
Q. I was speaking to someone recently who was making the case that there's different types of interoperability, and it's critical to think about the specific use cases for what you're trying to accomplish. But this idea of consumerism, with the API as the key enabler putting the patient at the center, is a central plank of how you see this getting done eventually, fair to say?
A. Yes. Really, what is going to drive this is the opening up of new business models. When all is said and done, look, we're in the fray right now. My ability to predict the future is ultimately limited because it is the future. However, the real win for the public becomes when this opens up new business models. I mean don't forget: I would say there are two overarching motifs that I think are interesting to think about here.
One is that the issue ultimately is not interoperability. The issue is affordability. If healthcare were free on some level or low-cost, or appropriate cost, a lot of this entire discussion would go away. We are having this discussion because in fact it is not in a market economy. And so we've put up this very complex, regulatory-built environment and so we're trying to sort our way through the thicket. Interoperability is a tool to sort through the thicket. It's worth thinking about that.
The other thing, if I put my computer science hat on, is that in healthcare computing there's something missing. And what's missing is automation. In what other industry have we used computers to make more work for ourselves? Interoperability is also part of how automation happens.
So there are these two very different dynamics that are playing out, but they're both there. And I think they both color the entire way one should think about interoperability: affordability on the one hand, and in a totally different section, how we actually get automation, which is how we've achieved affordability in many other industries.
Q. So do you feel, finally, after so much work and so many policies coming out of ONC for years and years, that use cases, the business cases, the imperatives of value based care, along with the technology – presuming, for instance, that FHIR is going to be cemented as the standard to which all developers are supposed to certify. Do you think we're close to seeing this interoperability ecosystem – clinical, claims, consumer engagement – really coming into flower?
A. I think we're close. There is an existence proof with Apple, right? They've taken this to I think several thousand providers and more than a hundred organizations now. So you know there is a proof statement that FHIR, and things more broadly, can be built into a consumer-accessible format.
I do think it is very early. These technologies are maturing. The nice thing about this for healthcare is they're mature in most other industries. And so there's a lot for us to build on in every layer of the software stack because these things work elegantly elsewhere in the economy. We're not doing any of this from whole cloth. We're just taking what works elsewhere and bringing it into healthcare
Q. Beyond Apple, putting the patient the consumer and their smartphone at the center of all this makes a whole lot of sense, but it also puts a burden on them with regard to privacy: They've got apps, and they've got data flowing in and out of them, but those apps may not necessarily be secure.
A. Well it's obviously the question of our time. What you're referring to is what are the appropriate secondary uses of data, right? I mean, the API in terms of the patient's right to access, so the raw bits and bytes securely, I think that is very robust. The question is what are the business models of the apps – especially if the app is free, there has to be presumably some business model somewhere.
So then the question is the broader global question: In this entirely-instrumented world, what are we going to allow as secondary uses of data and that question is not really healthcare-specific. Healthcare data has a very important and unique potentially permanent salience to it, but if you look at the European or the Californian privacy regulations, and the many proposals and discussions on the Hill, it is a broad question to answer. The notice and consent model of privacy, we click through those notices, right? So we have to rethink that.
I would point out that we need to rethink this on a broad scale, for the entire sort of consumer and individual experience, and not try to craft a narrow healthcare-specific rule because healthcare data actually fits everywhere. The sensor in your smartphone showing your gait gives an extraordinary amount of information. Your credit card bill, where you eat and what you buy is incredibly predictive of things. The level of physical activity you engage in, where you move, where you hang out. All these things have geolocation. Are you at the gym? Are you running around the track with a five minute mile? Are you hanging out in an area where drugs are being dealt? There's so much non-health information that immediately is highly predictive of health, that we have to think about secondary uses more globally.
Q. On the topic of data, and the ways private-sector healthcare organizations might want to horde it or put it work for other purposes, ONC put forward some pretty detailed information blocking provisions and lists seven exceptions. Are you concerned they might offer certain bad actors – whether providers, payers or vendors – opportunities to use them as loopholes to continue hoarding information, or other chances to game the system?
A. Well, hoarding of information is different from exploiting information. Sure, information blocking is keeping it so it can't be used, but that's a very different thing, fundamentally, than secondary uses by other parties. They're almost the opposite of each other. But our assumption, and the 21st Century Cures law as it sits today without any rulemaking by ONC, is that information blocking is illegal. That is the law of the land.
What we were asked to do is to come up with allowable exceptions. We await comments. But basically those exceptions are designed to get at really common-sense provisions that, on the one hand get to the integrity of data through security, privacy, harm provisions.
And we've heard from a number of parties that often the data is blocked simply by business pricing models. Clearly, if you charge an infinite price for the data you've blocked it, even if you have a sign on your website saying, "We have an open API," or "We have an app store." But if the price is infinite or near-infinite it's still effectively blocked, no matter what, computationally, you may or may not be able to do.
So part of that is to define reasonably incurred charges and nondiscriminatory licensing. We want this to be pro consumer. This should not be business tie-ins so that, "Oh yeah, we're going to take the IP from somebody, that seems like a good idea." And, "Because we control a customer's EMR we're going to prevent that app from doing this, and in three years we'll come and do our version of it." Congress has outlawed that. And so that's what those provisions are.
Q. So, the comment period closes May 3. After that, how do you see things going at ONC, both on this front for the rest of the year, and beyond these rules? Any other projects that we should be keeping an eye on related to interoperability? Developer contests, that sort of thing?
A. Well under the Administrative Procedure Act, with a notice of proposed rulemaking there is an entire process of analyzing everybody's comments. They're all read. When I used to be on the other side of the fence, writing comments, I was always wondering, is anyone going to read what we've spent so much effort putting together? But they're all read, are all processed and then, where there should be changes in the public interest, we incorporate those, and that goes through another large internal clearance process before the final rule.
One of the things that came, for example, from the request for information on price transparency and a number of discussions is the realization that there is this big divide between clinical and financial data.
The clinical data we know about. But the EDI X12 financial data that drives the entire claims, remittance, coding, denials, prior auth processes – if we are going to have value-based purchasing in healthcare, if we are going to pay for value and buy for value, it is hard to believe that getting to that point of identifying value in healthcare can exist when the clinical and financial data streams are separate as they are today.
So we're working with a number of people to explore how those data streams might come together more. If you look at it as a consumer, could you imagine going to an online shopping site and looking at a product, but not having the price? Or even more perversely, could you imagine having a price but not knowing what the product is? Or you see a product, but you know the star rating is not there, so you don't know anything about whether it's good.
We need to get to an area where we can think about, purchase and of course have transparency into both the clinical services – aka the product – as well as those prices.
So that world is the next frontier for interoperability.
Healthcare IT News is a HIMSS Media publication.