Future of Interoperability and Secure Consumer Access

Health care clinicians, hospitals, health plans, and consumer advocates all agree – patients should have access to meaningful and actionable health information. However, patients and their clinicians often face challenges in accessing timely and meaningful information that they can use, while also maintaining the privacy and security of this information.

Recommendations

Education and Engagement

Administrative, Private Sector – Create materials to help clinicians and patients better understand the Health Information Portability and Accountability Act (HIPAA), including the Privacy Rule, the delineation between HIPAA and non-HIPAA-covered entities, and notice and consent policies.

Privacy and Security

  • Administrative – Establish a public-private partnership to review privacy and security policies for third-party apps and create a Star-rating, or some other indicator, of their commitment to privacy and security of patients’ information.
  • Legislative – Establish a data privacy structure that ensures health data is protected regardless of whether it is covered by HIPAA, aligning privacy and security rules where possible.
  • Legislative – Create stronger compliance and government enforcement mechanisms for entities not subject to HIPAA and adequate funding for such mechanisms.

Data Sharing and Interoperability

  • Private-Sector – Support for bidirectional information sharing built on a foundation of robust data integrity that would allow patients to add to their health record.
  • Legislative/Administrative – Strengthen consumer discrimination protections related to downstream or secondary uses of data. 
  • Legislative/Administrative – Dedicate funding to support standards development by the private-sector for priority data elements and use cases.