In the US, there has been a massive regulatory push towards ensuring that healthcare information systems are easy to integrate in order to maximize value and avoid overhead. The Office of the National Coordinator for Health Information Technology (ONC) has promulgated the 21st Century Cures Act Final Rule to achieve this objective.
The 21st Century Cures Act Final Rule is intended to support seamless and secure access, exchange and use of electronic health information and prevent information blocking. If a healthcare provider has access to patient information and stores such data on their site, they must make a reasonable effort to ensure that the information is accessible when it is needed.
Information Blocking Use Cases
Case #1: When a patient sees a primary care physician, data is stored on the primary care site. In many cases, the physician may determine that a specialist, a podiatrist, for example, is needed. The specialist is likely to be located in a different office. The specialist’s office will need access to all the patient information that the primary care physician has gathered. If the two providers’ information systems do not integrate with each other, this is considered to be an example of information blocking. The originating party, in this case the primary care physician, is blocking the information because the office lacks the capability to transfer it to the specialist who needs it.
The ONC’s final rule mandates that all healthcare providers must have information systems in place that have FHIR APIs and SMART on FHIR capabilities in order to gain certification. In the near future, part of the EHR certification process will include certification requirements regarding SMART on FHIR capabilities and FHIR APIs.
EHR vendors must obtain an EHR certification in order to sell their product. However, healthcare providers have become dependent on EHR vendors as they need to ensure they are not blocking the information. Therefore, they must either push EHR vendors to introduce those capabilities in the EHRs they are already buying, or they must find a new EHR solution that offers SMART on FHIR. EHR vendors need to make sure that FHIR APIs are in place and healthcare providers need to make sure that the EHRs they are using have the APIs.
Case #2: When a patient provides data to a physician, this data, strictly speaking, belongs to the patient. When healthcare providers receive this information, they become responsible for ensuring that the data is stored privately and securely. The healthcare provider is also responsible for ensuring that the data, the property of the patient, is available to that patient at any time. This has been achieved in many cases through the use of patient portals. However, the new final rule goes a step further. A patient portal enables human to machine interaction. Other computer systems cannot use the portal. Patients typically use multiple mobile devices and a variety of healthcare applications. Patients with multiple accounts within various EHRs with different providers need to have all those accounts connected to an application that can download this data and aggregate it for the patient’s use.
In order to get a comprehensive picture, you need more than a patient portal with a specific EHR. You need a tool that can gather data from different systems, aggregate it, and present it to the patient in a way that is easy to understand and act on. This entire concept is based on the assumption that the party that takes responsibility for storing patient data will provide access to the patient through an API, which can be consumed by another computer system or another part of a software solution.
According to the Final Rule, it is no longer sufficient to offer just a patient portal. If access is not provided through an API, you are blocking access to information. Providers who do not provide data via an API are likely to face penalties.
Now, due to the COVID-19 pandemic, government agencies are relaxing the deadlines for healthcare providers to comply with the 21st Century Cure Act Final Rule given the stresses on the healthcare system. However, once the pandemic abates fines will be introduced for those healthcare organizations that are not working towards resolving information blocking issues. According to some sources, the fine could be as high as USD 1 million. Therefore, as the COVID-19 situation improves, the demand for SMART on FHIR EHRs among healthcare providers will grow.
To get the jump on the competition, EHR vendors should start thinking about upgrading with SMART on FHIR capabilities and FHIR APIs.
DataArt Offering
DataArt has used the knowledge and experience accumulated over time to develop an “accelerator,” or an approach toward extending an existing EHR solution with SMART on FHIR capabilities and FHIR APIs. We have experience with a multitude of different components that can help EHR vendors add these capabilities based on the technology stack or infrastructure they are currently using. DataArt’s accelerator is an approach that will determine which components to use, how to put them together and how to make sure that those components are connected to the existing solution. DataArt adoption accelerator includes:
- FHIR API built on the open source “FHIR Server for Azure”
- Adapter model for integrating FHIR API into existing medical record systems
- SMART on FHIR app launcher
- OAuth server built on IdentityServer4
- ETL approach for synchronizing data into the FHIR server
DataArt is uniquely positioned to help EHR vendors extend their existing solutions with SMART on FHIR capabilities and FHIR APIs. As a part of the industry and a participant in adapting to the changes stemming from the Meaningful Use criteria and from the Affordable Care Act for over a decade, DataArt has experience in building EHRs from scratch to meet all regulatory requirements to ensure data security and privacy.
Contact DataArt if you need to combine the accelerator with additional custom software development services to meet your business needs.
